Towards Proactive Computer-System Forensics

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Phillip G. Bradford Articles by Marcus Brown Articles by Josh Perdue Articles by Bonnie Self

International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2

Las Vegas, Nevada

April 05-April 07

ISBN: 0-7695-2108-8

	ASCII Text	x
	Phillip G. Bradford, Marcus Brown, Josh Perdue, Bonnie Self, "Towards Proactive Computer-System Forensics," Information Technology: Coding and Computing, International Conference on, vol. 2, pp. 648, International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2, 2004.

	BibTex	x
	@article{ 10.1109/ITCC.2004.1286727, author = {Phillip G. Bradford and Marcus Brown and Josh Perdue and Bonnie Self}, title = {Towards Proactive Computer-System Forensics}, journal ={Information Technology: Coding and Computing, International Conference on}, volume = {2}, year = {2004}, isbn = {0-7695-2108-8}, pages = {648}, doi = {http://doi.ieeecomputersociety.org/10.1109/ITCC.2004.1286727}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Information Technology: Coding and Computing, International Conference on TI - Towards Proactive Computer-System Forensics SN - 0-7695-2108-8 SP EP A1 - Phillip G. Bradford, A1 - Marcus Brown, A1 - Josh Perdue, A1 - Bonnie Self, PY - 2004 KW - null VL - 2 JA - Information Technology: Coding and Computing, International Conference on ER -

Phillip G. Bradford, The University of Alabama, Tuscaloosa, AL

Marcus Brown, The University of Alabama, Tuscaloosa, AL

Josh Perdue, The University of Alabama, Tuscaloosa, AL

Bonnie Self, The University of Alabama, Tuscaloosa, AL

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ITCC.2004.1286727

This paper examines principles and approaches for proactive computer-system forensics. Proactive computer-system forensics is the design, construction and configuring of systems to make them most amenable to digital forensics analyses in the future. The primary goals of proactive computer-system forensics are system structuring and augmentation for automated data discovery, lead formation, and efficient data preservation. This paper proposes: (1) using the Neyman-Pearson Lemma to proactively build online forensics tests with the best possible critical regions for hypothesis testing, and (2) using classical stopping rules for sequential hypothesis testing to determine which users are deviating from standard usage behavior and should be the focus of more investigative resources.

Here the focus is on security breaches by the employees or stakeholders of an organization. The main measurements are event-driven logs of program executions.

Citation:

Phillip G. Bradford, Marcus Brown, Josh Perdue, Bonnie Self, "Towards Proactive Computer-System Forensics," itcc, vol. 2, pp.648, International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2, 2004

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.