By Topic

Towards proactive computer-system forensics

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Bradford, P.G. ; Dept. of Comput. Sci., Alabama Univ., Tuscaloosa, AL, USA ; Brown, M. ; Perdue, J. ; Self, B.

We examine principles and approaches for proactive computer-system forensics. Proactive computer-system forensics is the design, construction and configuring of systems to make them most amenable to digital forensics analyses in the future. The primary goals of proactive computer-system forensics are system structuring and augmentation for automated data discovery, lead formation, and efficient data preservation. We propose: (1) using the Neyman-Pearson Lemma to proactively build online forensics tests with the best possible critical regions for hypothesis testing, and (2) using classical stopping rules for sequential hypothesis testing to determine which users are deviating from standard usage behavior and should be the focus of more investigative resources. Here the focus is on security breaches by the employees or stakeholders of an organization. The main measurements are event-driven logs of program executions.

Published in:

Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004. International Conference on  (Volume:2 )

Date of Conference:

5-7 April 2004