Towards Proactive Computer-System Forensics

Las Vegas, Nevada April 05-April 07

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ITCC.2004.1286727

International Conference on Informati ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Phillip G. Bradford Articles by Marcus Brown Articles by Josh Perdue Articles by Bonnie Self

	ASCII Text	x
	Phillip G. Bradford, Marcus Brown, Josh Perdue, Bonnie Self, "Towards Proactive Computer-System Forensics," Information Technology: Coding and Computing, International Conference on, vol. 2, pp. 648, International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2, 2004.

	BibTex	x
	@article{ 10.1109/ITCC.2004.1286727, author = {Phillip G. Bradford and Marcus Brown and Josh Perdue and Bonnie Self}, title = {Towards Proactive Computer-System Forensics}, journal ={Information Technology: Coding and Computing, International Conference on}, volume = {2}, year = {2004}, isbn = {0-7695-2108-8}, pages = {648}, doi = {http://doi.ieeecomputersociety.org/10.1109/ITCC.2004.1286727}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Information Technology: Coding and Computing, International Conference on TI - Towards Proactive Computer-System Forensics SN - 0-7695-2108-8 SP EP A1 - Phillip G. Bradford, A1 - Marcus Brown, A1 - Josh Perdue, A1 - Bonnie Self, PY - 2004 KW - null VL - 2 JA - Information Technology: Coding and Computing, International Conference on ER -

Phillip G. Bradford, The University of Alabama, Tuscaloosa, AL

Marcus Brown, The University of Alabama, Tuscaloosa, AL

Josh Perdue, The University of Alabama, Tuscaloosa, AL

Bonnie Self, The University of Alabama, Tuscaloosa, AL

This paper examines principles and approaches for proactive computer-system forensics. Proactive computer-system forensics is the design, construction and configuring of systems to make them most amenable to digital forensics analyses in the future. The primary goals of proactive computer-system forensics are system structuring and augmentation for automated data discovery, lead formation, and efficient data preservation. This paper proposes: (1) using the Neyman-Pearson Lemma to proactively build online forensics tests with the best possible critical regions for hypothesis testing, and (2) using classical stopping rules for sequential hypothesis testing to determine which users are deviating from standard usage behavior and should be the focus of more investigative resources.

Here the focus is on security breaches by the employees or stakeholders of an organization. The main measurements are event-driven logs of program executions.

Citation:

Phillip G. Bradford, Marcus Brown, Josh Perdue, Bonnie Self, "Towards Proactive Computer-System Forensics," itcc, vol. 2, pp.648, International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2, 2004

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.