Proceedings of the 2016 International Conference on Computer Engineering and Information Systems

Network Forensic Analysis via Vulnerability Evidence Reasoning

Authors
Cheng-Yue Chang, Jing-Sha He
Corresponding Author
Cheng-Yue Chang
Available Online November 2016.
DOI
https://doi.org/10.2991/ceis-16.2016.48How to use a DOI?
Keywords
network forensics; evidence graph; event vector; vulnerability evidence reasoning
Abstract
In this article, we propose a novel method that uses vulnerability evidence reasoning in network forensics analysis. Central to our method is the evidence graph model to support evidence presentation and reasoning. Based on the evidence graph, we propose a network forensics method that built the evidence graph on the basis of the network system vulnerabilities and environmental information. At the same time, the proposed method can realize the reconstruction of attack scenarios with high efficiency and with the capability of identifying multi-staged at-tacks through evidence reasoning. Results of the experiment that we conducted would show that the proposed method is complete and credible with certain reasoning ability, which can be a powerful tool for rapid and effective network forensic analysis.
Open Access
This is an open access article distributed under the CC BY-NC license.

Download article (PDF)

Proceedings
2016 International Conference on Computer Engineering and Information Systems
Part of series
Advances in Computer Science Research
Publication Date
November 2016
ISBN
978-94-6252-283-1
ISSN
2352-538X
DOI
https://doi.org/10.2991/ceis-16.2016.48How to use a DOI?
Open Access
This is an open access article distributed under the CC BY-NC license.

Cite this article

TY  - CONF
AU  - Cheng-Yue Chang
AU  - Jing-Sha He
PY  - 2016/11
DA  - 2016/11
TI  - Network Forensic Analysis via Vulnerability Evidence Reasoning
BT  - 2016 International Conference on Computer Engineering and Information Systems
PB  - Atlantis Press
SN  - 2352-538X
UR  - https://doi.org/10.2991/ceis-16.2016.48
DO  - https://doi.org/10.2991/ceis-16.2016.48
ID  - Chang2016/11
ER  -