Abstract
This paper contains a review of modern intelligent methods’ applications for digital forensics. One of the main problems of digital forensics, which was investigated by authors, is related to the fact that a huge volume of data needs to be analysed for evidence of crime. The primary aim of this work is to improve this challenging forensic process through application of intelligent methods for analysis of digital evidences. The desired outcome of this work is to encourage advancing these methods in a forensic science discipline.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Muniz, J., Lakhani, A.: Investigating the cyber breach: the digital forensics guide for the network engineer. Pearson Education Inc., Indianapolis (2018)
Kao, D.-Y.: Exploring the cybercrime investigation framework of ATM Heist from ISO/IEC 27043:2015. Presented at the 19th International Conference on Advanced Communication Technology (ICACT), Bongpyeong, South Korea (2017)
International Organization for Standardization: ISO 22320:2011 Societal security—Emergency management—Requirements for incident response (2011)
International Organization for Standardization: ISO/IEC 27031:2011 Information technology—Security techniques—Guidelines for information and communication technology readiness for business continuity (2011)
International Organization for Standardization: ISO/IEC 27035-1:2016, Information technology—Security techniques—Information security incident management—Part 1: principles of incident management (2016)
International Organization for Standardization: ISO/IEC 27035-2:2016 Information technology—Security techniques—Information security incident management—Part 2: guidelines to plan and prepare for incident response (2016)
International Organization for Standardization: ISO/IEC 27037:2012 Information technology—Security techniques—Guidelines for identification, collection, acquisition and preservation of digital evidence (2012)
International Organization for Standardization: ISO/IEC 27043:2015 Information technology—Security techniques—Incident investigation principles and processes (2015)
International Organization for Standardization: ISO/IEC 27050-1:2016 Information technology—Security techniques—Electronic discovery—Part 1: overview and concepts (2016)
International Organization for Standardization: ISO/IEC 27050-3:2017 Information technology—Security techniques—Electronic discovery—Part 3: code of practice for electronic discovery (2017)
International Organization for Standardization: ISO/IEC DIS 20546 Information technology—Big data—Overview and vocabulary
International Organization for Standardization: ISO/IEC TR 20547-2:2018 Information technology—Big data reference architecture—Part 2: use cases and derived requirements (2018)
Raghavan, S.: Digital forensic research: current state of the art. CSI Trans. ICT 1, 91–114 (2013)
Al Hanaei, E.H., Rashid, A.: DF-C2M2: a capability maturity model for digital forensics organisations. Presented at the IEEE Security and Privacy Workshops, USA, May 2014
Russell, S.J., Norvig, P., Davis, E.: Artificial Intelligence: A Modern Approach. Prentice Hall, Upper Saddle River (2009)
Chabot, Y., Bertaux, A., Nicolle, C., Kechadi, T.: An ontology-based approach for the reconstruction and analysis of digital incidents timelines. Dig. Invest. 15, 83–100 (2015)
Turnbull, B., Randhawa, S.: Automated event and social network extraction from digital evidence sources with ontological mapping. Dig. Invest. 13, 94–106 (2015)
Bhuyan, M.H., Bhattacharyya, D.K., Kalita, J.K.: Network anomaly detection: methods, systems and tools. IEEE Commun. Surv. Tutor. 16, 303–336 (2014)
Buczak, A.L., Guven, E.: A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutor. 18, 1153–1176 (2016)
Shah, S.A.R., Issac, B.: Performance comparison of intrusion detection systems and application of machine learning to Snort system. Future Gener. Comput. Syst. 80, 157–170 (2018)
Umer, M.F., Sher, M., Bi, Y.: Flow-based intrusion detection: techniques and challenges. Comput. Secur. 70, 238–254 (2017)
Fisch, D., Hofmann, A., Sick, B.: On the versatility of radial basis function neural networks: a case study in the field of intrusion detection. Inf. Sci. 180, 2421–2439 (2010)
Shenfield, A., Day, D., Ayesh, A.: Intelligent intrusion detection systems using artificial neural networks. ICT Express 4, 95–99 (2018)
Akashdeep, Manzoor, I., Kumar, N.: A feature reduced intrusion detection system using ANN classifier. Expert Syst. Appl. 88, 249–257 (2017)
Brahmi, H., Brahmi, I., Ben Yahia, S.: OMC-IDS: at the cross-roads of OLAP mining and intrusion detection. In: Tan, P.-N., Chawla, S., Ho, C.K., Bailey, J. (eds.) Advances in Knowledge Discovery and Data Mining, pp. 13–24. Springer, Heidelberg (2012)
Jie, X., Wang, H., Fei, M., Du, D., Sun, Q., Yang, T.C.: Anomaly behavior detection and reliability assessment of control systems based on association rules. Int. J. Crit. Infrastruct. Prot. 22, 90–99 (2018)
Tajbakhsh, A., Rahmati, M., Mirzaei, A.: Intrusion detection using fuzzy association rules. Appl. Soft Comput. 9, 462–469 (2009)
Kim, G., Lee, S., Kim, S.: A novel hybrid intrusion detection method integrating anomaly detection with misuse detection. Expert Syst. Appl. 41, 1690–1700 (2014)
Khammassi, C., Krichen, S.: A GA-LR wrapper approach for feature selection in network intrusion detection. Comput. Secur. 70, 255–277 (2017)
Aziz, A.S.A., Hanafi, S.E.-O., Hassanien, A.E.: Comparison of classification techniques applied for network intrusion detection and classification. J. Appl. Logic 24, 109–118 (2017)
Jemili, F., Zaghdoud, M., Ahmed, M.B.: A framework for an adaptive intrusion detection system using Bayesian network. Presented at the 2017 IEEE Intelligence and Security Informatics, New Brunswick, NJ, USA, May 2007
Devarakonda, N., Pamidi, S., Kumari, V.V., Govardhan, A.: Intrusion detection system using Bayesian network and hidden Markov model. Procedia Technol. 4, 506–514 (2012)
Kruegel, C., Mutz, D., Robertson, W., Valeur, F.: Bayesian event classification for intrusion detection. Presented at the 19th Annual Computer Security Applications Conference (2003)
Blowers, M., Williams, J.: Machine learning applied to cyber operations. In: Pino, R.E. (ed.) Network Science and Cybersecurity, pp. 155–175. Springer, New York (2014)
Roshan, S., Miche, Y., Akusok, A., Lendasse, A.: Adaptive and online network intrusion detection system using clustering and Extreme Learning Machines. J. Franklin Instit. 355, 1752–1779 (2018)
Panda, M., Patra, M.R.: Network intrusion detection using Naïve Bayes. Int. J. Comput. Sci. Netw. Secur. 7, 258–264 (2007)
Wang, H., Gu, J., Wang, S.: An effective intrusion detection framework based on SVM with feature augmentation. Knowl.-Based Syst. 136, 130–139 (2017)
Mukherjee, S., Sharma, N.: Intrusion detection using Naive Bayes classifier with feature reduction. Procedia Technol. 4, 119–128 (2012)
Zhang, J., Zulkernine, M., Haque, A.: Random-forests-based network intrusion detection systems. IEEE Trans. Syst. Man Cybern. Part C (Appl. Rev.) 38, 649–659 (2008)
Chebrolu, S., Abraham, A., Thomas, J.P.: Feature deduction and ensemble design of intrusion detection systems. Comput. Secur. 24, 295–307 (2005)
Aburomman, A.A., Reaz, M.B.I.: A survey of intrusion detection systems based on ensemble and hybrid classifiers. Comput. Secur. 65, 135–152 (2017)
Hajisalem, V., Babaie, S.: A hybrid intrusion detection system based on ABC-AFS algorithm for misuse and anomaly detection. Comput. Netw. 136, 37–50 (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Krivchenkov, A., Misnevs, B., Pavlyuk, D. (2019). Intelligent Methods in Digital Forensics: State of the Art. In: Kabashkin, I., Yatskiv (Jackiva), I., Prentkovskis, O. (eds) Reliability and Statistics in Transportation and Communication. RelStat 2018. Lecture Notes in Networks and Systems, vol 68. Springer, Cham. https://doi.org/10.1007/978-3-030-12450-2_26
Download citation
DOI: https://doi.org/10.1007/978-3-030-12450-2_26
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-12449-6
Online ISBN: 978-3-030-12450-2
eBook Packages: EngineeringEngineering (R0)