Skip to main content
SpringerLink
Log in
Book cover

International Conference on Hybrid Information Technology

ICHIT 2006: Advances in Hybrid Information Technology pp 312–322Cite as

Expert System Using Fuzzy Petri Nets in Computer Forensics

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 4413))

Abstract

In the past, computer forensics was only used by means of investigation. However, nowadays, due to the sharp increase of awareness of computer security, computer forensics becomes very significant even to the nonprofessionals, and it needs inference as well as the integrity and reliability of the procedure. In this paper, we describe the inference rules using Fuzzy Petri Nets and adapt the collected data in a compromised system to a proposition for inference of the intrusion information. The inferred results are expressed as formalized 5W1H format. The COMFEX(COMputer Forensic EXpert system) is inferable, even if the data is damaged in certain section, and the inference function of uncertainty is improved. This is useful to a system administrator who has weak analyzing ability of hacking, and it has improved capacity of managing the system security.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Palmer, G.: A road map for digital forensic research. In: Digital Forensics Research Workshop (2001, 2002, 2003)

    Google Scholar 

  2. Carrier, B.: Open source digital forensics tools: the legal argument, @stake (October 2003)

    Google Scholar 

  3. Kruse, W.G., Heiser, J.G.: Computer Forensics: Incident Response Essentials. Addison Wesley, Reading (2001)

    Google Scholar 

  4. Vacca, J.R.: Computer Forensics: Computer Crime Scene Investigation. Charles River Media (2002)

    Google Scholar 

  5. Marcella, A.J., Greenfield, R.S.: Cyber Foreniscs: A field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Auerbach (2002)

    Google Scholar 

  6. Guidance Software, EnCase Product Description, whitepaper (April 2005)

    Google Scholar 

  7. Carrier, B.: Sleuthkit v2.04 (May 2006), available at: http://sleuthkit.org

  8. Hwang, H., Kim, M., Noh, B.: COMFEX: Linux forensic system supporting original informa-tion collection and hacking analysis. In: WISA 2003 (August 2003)

    Google Scholar 

  9. Carrier, B.: ’Defining digital forensic examination and analysis tools using abstraction layers. International Journal of Digital Evidence 1(4) (2003)

    Google Scholar 

  10. Russell, S.J., Norvig, P.: Artificial Intelligence: A modern Approach. Addison-Wesley, Reading (1995)

    MATH  Google Scholar 

  11. Yager, R.R.: Approximate reasoning as a basis for rule-based expert systems. IEEE Trans. Syst. SMC-14(4), 636–643 (1984)

    MathSciNet  Google Scholar 

  12. Murata, T.: Petri nets: properties, analysis and applications. Proceedings of the IEEE 77(4), 541–580 (1989)

    Article  Google Scholar 

  13. Peterson, J.L.: Petri Net Theory and the Modeling of Systems. Prentice-hall, Englewood Cliffs (1981)

    Google Scholar 

  14. Chen, S., Ke, J., Chang, J.: Knowledge representation using fuzzy Petri nets. IEEE Transac-tion on Knowledge and Data Engineering 2(3), 311–667 (1990)

    Article  Google Scholar 

  15. SANS Institute, Ramen worm (2001), Available at: http://www.sans.org/y2k/ramen.htm

Download references

Author information

Authors and Affiliations

  1. National Security Research Institute, Korea

    Hyun-Uk Hwang

  2. Div. of Information Engineering, Mokpo Nat’l Univ.,  

    Min-Soo Kim

  3. Div. of Electr-Comput. & Inform-Engine., Chonnam Nat’l Univ.,  

    Bong-Nam Noh

Authors
  1. Hyun-Uk Hwang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Min-Soo Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bong-Nam Noh
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Marcin S. Szczuka Daniel Howard Dominik Ślȩzak Haeng-kon Kim Tai-hoon Kim Il-seok Ko Geuk Lee Peter M. A. Sloot

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Hwang, HU., Kim, MS., Noh, BN. (2007). Expert System Using Fuzzy Petri Nets in Computer Forensics. In: Szczuka, M.S., et al. Advances in Hybrid Information Technology. ICHIT 2006. Lecture Notes in Computer Science(), vol 4413. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77368-9_31

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-77368-9_31

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-77367-2

  • Online ISBN: 978-3-540-77368-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation