Skip to main content
SpringerLink
Log in

Intelligent Methods in Digital Forensics: State of the Art

  • Conference paper
  • First Online:
Reliability and Statistics in Transportation and Communication (RelStat 2018)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 68))

Abstract

This paper contains a review of modern intelligent methods’ applications for digital forensics. One of the main problems of digital forensics, which was investigated by authors, is related to the fact that a huge volume of data needs to be analysed for evidence of crime. The primary aim of this work is to improve this challenging forensic process through application of intelligent methods for analysis of digital evidences. The desired outcome of this work is to encourage advancing these methods in a forensic science discipline.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Muniz, J., Lakhani, A.: Investigating the cyber breach: the digital forensics guide for the network engineer. Pearson Education Inc., Indianapolis (2018)

    Google Scholar 

  2. Kao, D.-Y.: Exploring the cybercrime investigation framework of ATM Heist from ISO/IEC 27043:2015. Presented at the 19th International Conference on Advanced Communication Technology (ICACT), Bongpyeong, South Korea (2017)

    Google Scholar 

  3. International Organization for Standardization: ISO 22320:2011 Societal security—Emergency management—Requirements for incident response (2011)

    Google Scholar 

  4. International Organization for Standardization: ISO/IEC 27031:2011 Information technology—Security techniques—Guidelines for information and communication technology readiness for business continuity (2011)

    Google Scholar 

  5. International Organization for Standardization: ISO/IEC 27035-1:2016, Information technology—Security techniques—Information security incident management—Part 1: principles of incident management (2016)

    Google Scholar 

  6. International Organization for Standardization: ISO/IEC 27035-2:2016 Information technology—Security techniques—Information security incident management—Part 2: guidelines to plan and prepare for incident response (2016)

    Google Scholar 

  7. International Organization for Standardization: ISO/IEC 27037:2012 Information technology—Security techniques—Guidelines for identification, collection, acquisition and preservation of digital evidence (2012)

    Google Scholar 

  8. International Organization for Standardization: ISO/IEC 27043:2015 Information technology—Security techniques—Incident investigation principles and processes (2015)

    Google Scholar 

  9. International Organization for Standardization: ISO/IEC 27050-1:2016 Information technology—Security techniques—Electronic discovery—Part 1: overview and concepts (2016)

    Google Scholar 

  10. International Organization for Standardization: ISO/IEC 27050-3:2017 Information technology—Security techniques—Electronic discovery—Part 3: code of practice for electronic discovery (2017)

    Google Scholar 

  11. International Organization for Standardization: ISO/IEC DIS 20546 Information technology—Big data—Overview and vocabulary

    Google Scholar 

  12. International Organization for Standardization: ISO/IEC TR 20547-2:2018 Information technology—Big data reference architecture—Part 2: use cases and derived requirements (2018)

    Google Scholar 

  13. Raghavan, S.: Digital forensic research: current state of the art. CSI Trans. ICT 1, 91–114 (2013)

    Google Scholar 

  14. Al Hanaei, E.H., Rashid, A.: DF-C2M2: a capability maturity model for digital forensics organisations. Presented at the IEEE Security and Privacy Workshops, USA, May 2014

    Google Scholar 

  15. Russell, S.J., Norvig, P., Davis, E.: Artificial Intelligence: A Modern Approach. Prentice Hall, Upper Saddle River (2009)

    Google Scholar 

  16. Chabot, Y., Bertaux, A., Nicolle, C., Kechadi, T.: An ontology-based approach for the reconstruction and analysis of digital incidents timelines. Dig. Invest. 15, 83–100 (2015)

    Google Scholar 

  17. Turnbull, B., Randhawa, S.: Automated event and social network extraction from digital evidence sources with ontological mapping. Dig. Invest. 13, 94–106 (2015)

    Google Scholar 

  18. Bhuyan, M.H., Bhattacharyya, D.K., Kalita, J.K.: Network anomaly detection: methods, systems and tools. IEEE Commun. Surv. Tutor. 16, 303–336 (2014)

    Google Scholar 

  19. Buczak, A.L., Guven, E.: A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutor. 18, 1153–1176 (2016)

    Google Scholar 

  20. Shah, S.A.R., Issac, B.: Performance comparison of intrusion detection systems and application of machine learning to Snort system. Future Gener. Comput. Syst. 80, 157–170 (2018)

    Google Scholar 

  21. Umer, M.F., Sher, M., Bi, Y.: Flow-based intrusion detection: techniques and challenges. Comput. Secur. 70, 238–254 (2017)

    Google Scholar 

  22. Fisch, D., Hofmann, A., Sick, B.: On the versatility of radial basis function neural networks: a case study in the field of intrusion detection. Inf. Sci. 180, 2421–2439 (2010)

    Google Scholar 

  23. Shenfield, A., Day, D., Ayesh, A.: Intelligent intrusion detection systems using artificial neural networks. ICT Express 4, 95–99 (2018)

    Google Scholar 

  24. Akashdeep, Manzoor, I., Kumar, N.: A feature reduced intrusion detection system using ANN classifier. Expert Syst. Appl. 88, 249–257 (2017)

    Google Scholar 

  25. Brahmi, H., Brahmi, I., Ben Yahia, S.: OMC-IDS: at the cross-roads of OLAP mining and intrusion detection. In: Tan, P.-N., Chawla, S., Ho, C.K., Bailey, J. (eds.) Advances in Knowledge Discovery and Data Mining, pp. 13–24. Springer, Heidelberg (2012)

    Google Scholar 

  26. Jie, X., Wang, H., Fei, M., Du, D., Sun, Q., Yang, T.C.: Anomaly behavior detection and reliability assessment of control systems based on association rules. Int. J. Crit. Infrastruct. Prot. 22, 90–99 (2018)

    Google Scholar 

  27. Tajbakhsh, A., Rahmati, M., Mirzaei, A.: Intrusion detection using fuzzy association rules. Appl. Soft Comput. 9, 462–469 (2009)

    Google Scholar 

  28. Kim, G., Lee, S., Kim, S.: A novel hybrid intrusion detection method integrating anomaly detection with misuse detection. Expert Syst. Appl. 41, 1690–1700 (2014)

    Google Scholar 

  29. Khammassi, C., Krichen, S.: A GA-LR wrapper approach for feature selection in network intrusion detection. Comput. Secur. 70, 255–277 (2017)

    Google Scholar 

  30. Aziz, A.S.A., Hanafi, S.E.-O., Hassanien, A.E.: Comparison of classification techniques applied for network intrusion detection and classification. J. Appl. Logic 24, 109–118 (2017)

    Google Scholar 

  31. Jemili, F., Zaghdoud, M., Ahmed, M.B.: A framework for an adaptive intrusion detection system using Bayesian network. Presented at the 2017 IEEE Intelligence and Security Informatics, New Brunswick, NJ, USA, May 2007

    Google Scholar 

  32. Devarakonda, N., Pamidi, S., Kumari, V.V., Govardhan, A.: Intrusion detection system using Bayesian network and hidden Markov model. Procedia Technol. 4, 506–514 (2012)

    Google Scholar 

  33. Kruegel, C., Mutz, D., Robertson, W., Valeur, F.: Bayesian event classification for intrusion detection. Presented at the 19th Annual Computer Security Applications Conference (2003)

    Google Scholar 

  34. Blowers, M., Williams, J.: Machine learning applied to cyber operations. In: Pino, R.E. (ed.) Network Science and Cybersecurity, pp. 155–175. Springer, New York (2014)

    Google Scholar 

  35. Roshan, S., Miche, Y., Akusok, A., Lendasse, A.: Adaptive and online network intrusion detection system using clustering and Extreme Learning Machines. J. Franklin Instit. 355, 1752–1779 (2018)

    Google Scholar 

  36. Panda, M., Patra, M.R.: Network intrusion detection using Naïve Bayes. Int. J. Comput. Sci. Netw. Secur. 7, 258–264 (2007)

    Google Scholar 

  37. Wang, H., Gu, J., Wang, S.: An effective intrusion detection framework based on SVM with feature augmentation. Knowl.-Based Syst. 136, 130–139 (2017)

    Google Scholar 

  38. Mukherjee, S., Sharma, N.: Intrusion detection using Naive Bayes classifier with feature reduction. Procedia Technol. 4, 119–128 (2012)

    Google Scholar 

  39. Zhang, J., Zulkernine, M., Haque, A.: Random-forests-based network intrusion detection systems. IEEE Trans. Syst. Man Cybern. Part C (Appl. Rev.) 38, 649–659 (2008)

    Google Scholar 

  40. Chebrolu, S., Abraham, A., Thomas, J.P.: Feature deduction and ensemble design of intrusion detection systems. Comput. Secur. 24, 295–307 (2005)

    Google Scholar 

  41. Aburomman, A.A., Reaz, M.B.I.: A survey of intrusion detection systems based on ensemble and hybrid classifiers. Comput. Secur. 65, 135–152 (2017)

    Google Scholar 

  42. Hajisalem, V., Babaie, S.: A hybrid intrusion detection system based on ABC-AFS algorithm for misuse and anomaly detection. Comput. Netw. 136, 37–50 (2018)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Transport and Telecommunication Institute, 1 Lomonosova, LV1019, Riga, Latvia

    Aleksandr Krivchenkov, Boriss Misnevs & Dmitry Pavlyuk

Authors
  1. Aleksandr Krivchenkov
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Boriss Misnevs
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dmitry Pavlyuk
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Boriss Misnevs .

Editor information

Editors and Affiliations

  1. Transport and Telecommunication Institute, Riga, Latvia

    Igor Kabashkin

  2. Transport and Telecommunication Institute, Riga, Latvia

    Irina Yatskiv (Jackiva)

  3. Vilnius Gediminas Technical University, Vilnius, Lithuania

    Olegas Prentkovskis

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Krivchenkov, A., Misnevs, B., Pavlyuk, D. (2019). Intelligent Methods in Digital Forensics: State of the Art. In: Kabashkin, I., Yatskiv (Jackiva), I., Prentkovskis, O. (eds) Reliability and Statistics in Transportation and Communication. RelStat 2018. Lecture Notes in Networks and Systems, vol 68. Springer, Cham. https://doi.org/10.1007/978-3-030-12450-2_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-12450-2_26

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-12449-6

  • Online ISBN: 978-3-030-12450-2

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation