SlideShare a Scribd company logo

A self adaptive learning approach for optimum path evaluation of process for forensic use to finding

Alexander Decker
Alexander Decker

International peer-reviewed academic journals call for papers, http://www.iiste.org

Technology
1 of 7
Download to read offline
Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol.4, No.9, 2013 1 A Self Adaptive Learning Approach for Optimum Path Evaluation of Process for Forensic use to finding Uniqueness 1 Pallavi Ramteke pallavi.scjp@gmail.com (P.G.Scholar) Department of Computer Science. LNCT, Indore(M.P.) 453331 2 Yashpal Kadam yashpal.kadam@rediffmail.com(Asst.Prof.) Department of Computer Science. LNCT, Indore(M.P.) 453331 3 Sanket Gupta sanket.jec@gmail.com (P.G. Scholar) Department of Computer Science ,SATI, Vidisha(M.P.) 464001 Abstract One approach to protected systems is from first to last the examination of audit trails or logs. An audit trail is a evidence of all procedures that take place in a system and across a network, it provides a outline of user/system events so that safety measures events can be associated to the actions of a specific individual or system element. In the optimum path evaluation of a process working with the audit log of the system generated by our data format, a different kinds of processes accessed during the different user session .our proposed work is based on the concept of forensic activities and the process mining, where we introduce a new process analysis method by which we discover what the users next application. Keywords - Audit Logs, reference graph building,forensic,optimum path evaluation, process mining. I. INTRODUCTION In auditing log file investigations use of Process mining stands for a set of techniques to analyze process models and logs. However, the extent to which it can be used for security auditing that has not been investigated. the data examined may not contain the contents but just discloses activities that were electronically conducted by the criminals. In this paper, our primary concerns mostly address the auditing log files, that is, we are only concerned with users’ activities and determine the meaning of the sequence of the activities indirectly. Indeed, only retrieving the user’s malicious activities from the auditing log files is very challenging. The system log file contains events that are logged by the operating system components. These events are often predetermined by the operating system itself. System log files may contain information about device changes, device drivers, system changes, events, operations and more .Mining and analysis of this system access log can be helpful for extracting different kind of security applications, forensic applications or performance matrix application. there are a large amount of efforts and applications based on data mining is found in different domain of knowledge processing but with process mining that is too rare. Process mining aims at improving this by providing techniques and tools for discovering process, control, data, organizational, and social structures from event logs. The goal of process mining is to extract information about processes from transaction logs. We assume that it is possible to record events such that- (i) each event refers to an activity (i.e., a well-denned step in the process), (ii) each event refers to a case (i.e., a process instance), (iii) each event can have a performer also referred to as originator (the actor executing or initiating the activity), and
Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol.4, No.9, 2013 2 (iv)Events have a timestamp and are totally ordered. In the proposed work we are working with the audit log of the system which is generated by our data format different kinds of processes accessed during the different user session, our proposed work is based on the concept of forensic activities and the process mining, where we introduce a new process analysis method by which we discover what the users next application. The goal of mining this perspective is to and a good characterization of all possible paths. The rest of this paper is organized as follows: Section II reviews auditing log files and Background work; Section III proposes work ; Section IV explains how to construct a Directed Graph and working of logs according to events and shows similarity function; Section V proposed system architecture; finally, we conclude the paper in Section VI. I. BACKGROUND WORK A. Auditing Events 1. Audit Log: It is security relevant chronological record, set of records, source and destination of records showing who has an accessed a computer system and what operation he or she performed during a given period of time. Audit logs/trails are useful both for maintaining security for recovering lost transaction such as financial transaction , scientific research and health care data transaction or communication by individual people, system or other activity. 2. System Log: The system log file contains events that are often predetermined by operating system itself. The system log directive display profit use of the syslog(System Log) mechanism and instead redirect all logging output to the specified filename. The filename argument should contain an absolute path and should not be to a file in a non existent directory, in a world-write able directory or be a symbolic link use of this directive overrides any facility set by the syslog facility directives. System log files may contains information about device change, device derivers, system change, events operations. 3. Error Logs : The Error Log view captures all the warnings and errors logged by plug-ins. The underlying log file is a .log file stored in the .metadata subdirectory of the workspace. Example of error log : Fig.1 Error Logs Events in the log view can be sorted by Message, Plug-in ID or Date in ascending or descending order. Simply click on the column header that you want the sorting to be based on. In most of the cases auditing log files are ordered in a time sequential manner, two consecutive logs or actions are likely to be irrelevant or not related to each other.
Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol.4, No.9, 2013 3 B. Process Mining in Forensics The main use of audit logs was to monitor performance and to detect intrusions originating from an external source. With the passage of time however, the term “intrusion” has begun to express a wider meaning closely related to security policy. Forensic Data Mining (or Forensic Mining) which originated from Forensic Science can be described as the application of data mining techniques and other scientific tools to investigative process for good evidence. In the same vein, the investigative process of auditing called forensic auditing could be defined as the application of auditing skills to situations that have legal consequences. In most of the cases auditing log files are ordered in a time sequential manner, two consecutive logs or actions are likely to be irrelevant or not related to each other. This can be especially true for the network auditing log files. Moreover, in the network auditing log files, which are captured by the aforementioned network monitoring tools, even one action produces many packets. The use of process mining for (internal and external) audits has been gaining in momentum. However, to the best of our knowledge there is no previous academic work addressing the intersection of security audits and process mining. The idea of process mining is to discover, monitor and improve real processes (i.e., not assumed processes) by extracting knowledge from event logs readily available in today’s (information) systems. Process mining includes (automated) process discovery (i.e., extracting process models from an event log), conformance checking (i.e., monitoring deviations by comparing model and log), social network/organizational mining, automated construction of simulation models, model extension, model repair, case prediction,and history-based recommendations. III. PROPOSED WORK In the proposed working with the audit log of the system which is generated by our data format, different kinds of processes accessed during the different user session, our proposed work is based on the concept of forensic activities and the process mining, where we introduce a new process analysis method by which we discover what the users next application. The complete audit log contains the following information: 1. User type 2. Process Name 3. Access Time 4. Remote Process 5. Defined Process 6. New Process This information is represented using a weighted and directed graph. Suppose the complete log contains only three processes than the process can be known as A, B, C and the weighed graph is designed as the below and all other session which use this process in defined as the sub graph of the reference graph, this weighted graph is used as weighted matrix to evaluate the next user session using random walk theory and traversing probability. which node is required to explore.
Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol.4, No.9, 2013 4 Fig.2 Complete Graph of Process IV. SYSTEM ARCHITECTURE In the system architecture data is collected form n no. of systems which are connected in network. This data is mainly contains the Application Logs , System Logs , Audits Logs and Error .All the Logs having different functionally and purpose in which first is Application Log : The application log file contains events that are logged by the applications used on a computer system. Events that are written to the application log are determined by the developers of the software program, not the operating system. Fig.3 System Architecture System Log : The system log file contains events that are logged by the operating system components. These events are often predetermined by the operating system itself. System log files may contain information about device changes, device drivers, system changes, events, operations and more. Audit Logs : An audit trail (or audit log) is a security-relevant chronological record, set of records, or destination and source of records that provide documentary evidence of the sequence of activities that have affected at any time a specific operation, procedure, or event. UPLOAD DATA APPLICATION LOGS SYSTEM LOGS AUDIT LOGS DATA MANAGEMENT CLASSIFICATION & DATA PRUNING USER BEHAVIOR DETECTION
Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol.4, No.9, 2013 5 Error Logs : The Error Log view captures all the warnings and errors logged by plug-ins. All this Logs are now come to the data management section in which data are managed by using the classification algorithms. After this data are pruned with the help of algorithm, final data come for the detection process. For the users behavior detection we use random walk theory. Random Walk Theory : The random walk theory is based on stock price change. An investment theory which claims that market prices follow a random path up and down, without any influence by past price movements, making it impossible to predict with any accuracy which direction the market will move at any point. Investors who believe in the random walk theory feel that it is impossible to outperform the market without taking on additional risk, and believe that neither fundamental analysis nor technical analysis have any validity. V. IMPLEMENTATION The implementation of the required model is under java virtual machine, which contains a rich class library for computational ability. As we discus in the above section we know all the path of the session is a sub-graph of the reference graph. Reference Graph Building  count the number of unique attributes in the attribute set.  find all possible path using the formula path = n! Similarity computation The computation is based on the most relevance probability match which is estimated using First, we build the Image similarity graph using following cosine function. Where, dp belongs to D and D is the total reference set. dq is the nearest graph of dp Error correction here we use the iterative technique to reduce the predictive error in the proposed algorithm where error = real value – predicted value that is adjusted in the next predictive value. VI. EXPECTED OUT COME After the successfully implementation of the proposed algorithm we found the following improvement over the existing system : 1. Implementation of new predictive technique that is based on the graph theory. 2. A method that promises to provide the high performance results . 3.A comparative study between tradition next path estimation and new path estimation technique. VII. CONCLUSION The log files range from a simple system log file to a server side web-based email log file. However, it is easily supposed that our investigations of covert channels are not completed due to the lack of information. The
Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol.4, No.9, 2013 6 proposed method is use user relationship graph. This method give better investigation because it maintain session by sub graphs. Previous methods use log file for investigation and these method does not cover complete information of overall sessions. VIII. REFERENCES [1] Daisuke Takahashi, Yang Xiao, and Ke Meng “Creating User-Relationship-Graph in Use of Flow-Net and Log Files for Computer and Network Accountability and Forensics” The IEEE Military Communications Conference-Cyber Security and Network Management ,pp1941-47,2010 [2] Zhenyu Wang, Qing Yao, Yuqing Sun”The Research of Process Mining Assessment used in Business Intelligence” IEEE/ACIS 11th Inter national Conference on Computer and Information Science,pp179-83,2012 [3] Dina Hadžiosmanovi´c ,Damiano Bolzoni ,Pieter H. Hartel”A log mining approach for process monitoring in SCADA” Int. J. Inf. Secur.pp231–251,2012 [4] Wil M.P. van der Aalst, Schahram Dustdar” Process Mining Put into Context” Published by the IEEE Computer Society,pp82-86,2012 [5] Wil van der Aalst” Process Mining: Making Knowledge Discovery Process Centric” SIGKD D Explorations, Volume 13, Issue 2,pp45 49,2012 [6] Rafael Accorsi ,Thomas Stocker” On the Exploitation of Process Mining for Security Audits: The Conformance Checking Case” ACM 978-1-4503-0857-1/12/03, March 26-30, 2012 [7] D. Takahashi and Y. Xiao, “Retrieving Knowledge from Auditing Log Files for Computer and Network Forensics and Accountability,” (Wiley) Security and Communication Networks. Vol. 1. No. 2, pp. 147 – 160, Feb. 29, 2008 [8] L. Ding and B. Dixon, “Using an edge-dual graph and k-connectivity to identify strong connections in social networks,” Proc. of the ACM 46th Annual Southeast Regional Conference, pp. 475-480, 2008. [9] B. Fu and Y. Xiao, "An Implementation Scheme of Flow-Net and Its Applications on Detecting Attacks in Wireless Networks," Proc. of IEEE GLOBECOM 2010 [10] R. Mayrhofer, K. Nyberg, and T. Kindberg, "Foreword," International Journal of Security and Networks, Vol. 4, Nos. 1/2, pp. 1 - 3, 2009. [11] S. Ehlert, Y. Rebahi, and T. Magedanz, "Intrusion Detection System for Denial-of-Service flooding attacks in SIP communication networks," International Journal of Security and Networks, Vol. 4, No.3, pp. 189 - 200, 2009. [12] K. Tsai, C. Hsu, and T. Wu, "Mutual anonymity protocol with integrity protection for mobile peer-to-peer networks," International Journal of Security and Networks, Vol. 5, No.1 pp. 45 - 52, 2010, DOI: 10.1504/IJSN.2010.030722
This academic article was published by The International Institute for Science, Technology and Education (IISTE). The IISTE is a pioneer in the Open Access Publishing service based in the U.S. and Europe. The aim of the institute is Accelerating Global Knowledge Sharing. More information about the publisher can be found in the IISTE’s homepage: http://www.iiste.org CALL FOR JOURNAL PAPERS The IISTE is currently hosting more than 30 peer-reviewed academic journals and collaborating with academic institutions around the world. There’s no deadline for submission. Prospective authors of IISTE journals can find the submission instruction on the following page: http://www.iiste.org/journals/ The IISTE editorial team promises to the review and publish all the qualified submissions in a fast manner. All the journals articles are available online to the readers all over the world without financial, legal, or technical barriers other than those inseparable from gaining access to the internet itself. Printed version of the journals is also available upon request of readers and authors. MORE RESOURCES Book publication information: http://www.iiste.org/book/ Recent conferences: http://www.iiste.org/conference/ IISTE Knowledge Sharing Partners EBSCO, Index Copernicus, Ulrich's Periodicals Directory, JournalTOCS, PKP Open Archives Harvester, Bielefeld Academic Search Engine, Elektronische Zeitschriftenbibliothek EZB, Open J-Gate, OCLC WorldCat, Universe Digtial Library , NewJour, Google Scholar

Recommended

A self adaptive learning approach for optimum path evaluation of process for ...
A self adaptive learning approach for optimum path evaluation of process for ...A self adaptive learning approach for optimum path evaluation of process for ...
A self adaptive learning approach for optimum path evaluation of process for ...Alexander Decker
 
Improvement of Software Maintenance and Reliability using Data Mining Techniques
Improvement of Software Maintenance and Reliability using Data Mining TechniquesImprovement of Software Maintenance and Reliability using Data Mining Techniques
Improvement of Software Maintenance and Reliability using Data Mining Techniquesijdmtaiir
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Ids 014 anomaly detection
Ids 014 anomaly detectionIds 014 anomaly detection
Ids 014 anomaly detectionjyoti_lakhani
 
Splunk guide for_iso_27002
Splunk guide for_iso_27002Splunk guide for_iso_27002
Splunk guide for_iso_27002Greg Hanchin
 
Ids 013 detection approaches
Ids 013 detection approachesIds 013 detection approaches
Ids 013 detection approachesjyoti_lakhani
 
A LOG-BASED TRACE AND REPLAY TOOL INTEGRATING SOFTWARE AND INFRASTRUCTURE
A LOG-BASED TRACE AND REPLAY TOOL INTEGRATING SOFTWARE AND INFRASTRUCTUREA LOG-BASED TRACE AND REPLAY TOOL INTEGRATING SOFTWARE AND INFRASTRUCTURE
A LOG-BASED TRACE AND REPLAY TOOL INTEGRATING SOFTWARE AND INFRASTRUCTUREijseajournal
 
Database Security - IK
Database Security - IKDatabase Security - IK
Database Security - IKIlgın Kavaklıoğulları
 

Recommended

A self adaptive learning approach for optimum path evaluation of process for ...
A self adaptive learning approach for optimum path evaluation of process for ...A self adaptive learning approach for optimum path evaluation of process for ...
A self adaptive learning approach for optimum path evaluation of process for ...Alexander Decker
 
Improvement of Software Maintenance and Reliability using Data Mining Techniques
Improvement of Software Maintenance and Reliability using Data Mining TechniquesImprovement of Software Maintenance and Reliability using Data Mining Techniques
Improvement of Software Maintenance and Reliability using Data Mining Techniquesijdmtaiir
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Ids 014 anomaly detection
Ids 014 anomaly detectionIds 014 anomaly detection
Ids 014 anomaly detectionjyoti_lakhani
 
Splunk guide for_iso_27002
Splunk guide for_iso_27002Splunk guide for_iso_27002
Splunk guide for_iso_27002Greg Hanchin
 
Ids 013 detection approaches
Ids 013 detection approachesIds 013 detection approaches
Ids 013 detection approachesjyoti_lakhani
 
A LOG-BASED TRACE AND REPLAY TOOL INTEGRATING SOFTWARE AND INFRASTRUCTURE
A LOG-BASED TRACE AND REPLAY TOOL INTEGRATING SOFTWARE AND INFRASTRUCTUREA LOG-BASED TRACE AND REPLAY TOOL INTEGRATING SOFTWARE AND INFRASTRUCTURE
A LOG-BASED TRACE AND REPLAY TOOL INTEGRATING SOFTWARE AND INFRASTRUCTUREijseajournal
 
Database Security - IK
Database Security - IKDatabase Security - IK
Database Security - IKIlgın Kavaklıoğulları
 
Insider Threats Detection in Cloud using UEBA
Insider Threats Detection in Cloud using UEBAInsider Threats Detection in Cloud using UEBA
Insider Threats Detection in Cloud using UEBALucas Ko
 
IRJET- Two Factor Authentication using User Behavioural Analytics
IRJET- Two Factor Authentication using User Behavioural AnalyticsIRJET- Two Factor Authentication using User Behavioural Analytics
IRJET- Two Factor Authentication using User Behavioural AnalyticsIRJET Journal
 
UEBA
UEBAUEBA
UEBAChristophe M. Anciaux ☁
 
Application of Advance Encryption Algorithm to Implement Access to Sensitive ...
Application of Advance Encryption Algorithm to Implement Access to Sensitive ...Application of Advance Encryption Algorithm to Implement Access to Sensitive ...
Application of Advance Encryption Algorithm to Implement Access to Sensitive ...IRJET Journal
 
Dynamic Taint Analysis Tools: A Review
Dynamic Taint Analysis Tools: A ReviewDynamic Taint Analysis Tools: A Review
Dynamic Taint Analysis Tools: A ReviewCSCJournals
 
Volume 2-issue-6-2190-2194
Volume 2-issue-6-2190-2194Volume 2-issue-6-2190-2194
Volume 2-issue-6-2190-2194Editor IJARCET
 
A Study of Intrusion Detection System Methods in Computer Networks
A Study of Intrusion Detection System Methods in Computer NetworksA Study of Intrusion Detection System Methods in Computer Networks
A Study of Intrusion Detection System Methods in Computer NetworksEditor IJCATR
 
Artificially Intelligent Warehouse Management System
Artificially Intelligent Warehouse Management System Artificially Intelligent Warehouse Management System
Artificially Intelligent Warehouse Management System IIJSRJournal
 
Events Classification in Log Audit
Events Classification in Log Audit Events Classification in Log Audit
Events Classification in Log Audit IJNSA Journal
 
Applicability of Network Logs for Securing Computer Systems
Applicability of Network Logs for Securing Computer SystemsApplicability of Network Logs for Securing Computer Systems
Applicability of Network Logs for Securing Computer SystemsIDES Editor
 
Log Analysis Across System Boundaries for Security, Compliance, and Operations
Log Analysis Across System Boundaries for Security, Compliance, and OperationsLog Analysis Across System Boundaries for Security, Compliance, and Operations
Log Analysis Across System Boundaries for Security, Compliance, and OperationsAnton Chuvakin
 
Log Analysis Across System Boundaries for Security, Compliance, and Operations
Log Analysis Across System Boundaries for Security, Compliance, and OperationsLog Analysis Across System Boundaries for Security, Compliance, and Operations
Log Analysis Across System Boundaries for Security, Compliance, and OperationsAnton Chuvakin
 
Silhouette Threshold Based Text Clustering for Log Analysis
Silhouette Threshold Based Text Clustering for Log AnalysisSilhouette Threshold Based Text Clustering for Log Analysis
Silhouette Threshold Based Text Clustering for Log AnalysisIIRindia
 
G03503036044
G03503036044G03503036044
G03503036044theijes
 
Use Exabeam Smart Timelines to improve your SOC efficiency
Use Exabeam Smart Timelines to improve your SOC efficiencyUse Exabeam Smart Timelines to improve your SOC efficiency
Use Exabeam Smart Timelines to improve your SOC efficiencyJonathanPritchard12
 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditingPiyush Jain
 
Using process mining and model driven engineering to enhance security of web ...
Using process mining and model driven engineering to enhance security of web ...Using process mining and model driven engineering to enhance security of web ...
Using process mining and model driven engineering to enhance security of web ...S.Mostafa Sayyedi
 
Report: Study and Implementation of Advance Intrusion Detection and Preventio...
Report: Study and Implementation of Advance Intrusion Detection and Preventio...Report: Study and Implementation of Advance Intrusion Detection and Preventio...
Report: Study and Implementation of Advance Intrusion Detection and Preventio...Deepak Mishra
 
IT SYSTEMS , CONTROLS , CAATS AND FLOWCHARTS
IT SYSTEMS , CONTROLS , CAATS AND FLOWCHARTS IT SYSTEMS , CONTROLS , CAATS AND FLOWCHARTS
IT SYSTEMS , CONTROLS , CAATS AND FLOWCHARTS MUHAMMAD HUZAIFA CHAUDHARY
 
Big Data Security Analytic Solution using Splunk
Big Data Security Analytic Solution using SplunkBig Data Security Analytic Solution using Splunk
Big Data Security Analytic Solution using SplunkIJERA Editor
 
Security auditing architecture
Security auditing architectureSecurity auditing architecture
Security auditing architectureVishnupriya T H
 
Association Rule Mining Scheme for Software Failure Analysis
Association Rule Mining Scheme for Software Failure AnalysisAssociation Rule Mining Scheme for Software Failure Analysis
Association Rule Mining Scheme for Software Failure AnalysisEditor IJMTER
 

More Related Content

What's hot

Insider Threats Detection in Cloud using UEBA
Insider Threats Detection in Cloud using UEBAInsider Threats Detection in Cloud using UEBA
Insider Threats Detection in Cloud using UEBALucas Ko
 
IRJET- Two Factor Authentication using User Behavioural Analytics
IRJET- Two Factor Authentication using User Behavioural AnalyticsIRJET- Two Factor Authentication using User Behavioural Analytics
IRJET- Two Factor Authentication using User Behavioural AnalyticsIRJET Journal
 
Application of Advance Encryption Algorithm to Implement Access to Sensitive ...
Application of Advance Encryption Algorithm to Implement Access to Sensitive ...Application of Advance Encryption Algorithm to Implement Access to Sensitive ...
Application of Advance Encryption Algorithm to Implement Access to Sensitive ...IRJET Journal
 
Dynamic Taint Analysis Tools: A Review
Dynamic Taint Analysis Tools: A ReviewDynamic Taint Analysis Tools: A Review
Dynamic Taint Analysis Tools: A ReviewCSCJournals
 
Volume 2-issue-6-2190-2194
Volume 2-issue-6-2190-2194Volume 2-issue-6-2190-2194
Volume 2-issue-6-2190-2194Editor IJARCET
 
A Study of Intrusion Detection System Methods in Computer Networks
A Study of Intrusion Detection System Methods in Computer NetworksA Study of Intrusion Detection System Methods in Computer Networks
A Study of Intrusion Detection System Methods in Computer NetworksEditor IJCATR
 
Artificially Intelligent Warehouse Management System
Artificially Intelligent Warehouse Management System Artificially Intelligent Warehouse Management System
Artificially Intelligent Warehouse Management System IIJSRJournal
 

What's hot (8)

Insider Threats Detection in Cloud using UEBA
Insider Threats Detection in Cloud using UEBAInsider Threats Detection in Cloud using UEBA
Insider Threats Detection in Cloud using UEBA
 
IRJET- Two Factor Authentication using User Behavioural Analytics
IRJET- Two Factor Authentication using User Behavioural AnalyticsIRJET- Two Factor Authentication using User Behavioural Analytics
IRJET- Two Factor Authentication using User Behavioural Analytics
 
UEBA
UEBAUEBA
UEBA
 
Application of Advance Encryption Algorithm to Implement Access to Sensitive ...
Application of Advance Encryption Algorithm to Implement Access to Sensitive ...Application of Advance Encryption Algorithm to Implement Access to Sensitive ...
Application of Advance Encryption Algorithm to Implement Access to Sensitive ...
 
Dynamic Taint Analysis Tools: A Review
Dynamic Taint Analysis Tools: A ReviewDynamic Taint Analysis Tools: A Review
Dynamic Taint Analysis Tools: A Review
 
Volume 2-issue-6-2190-2194
Volume 2-issue-6-2190-2194Volume 2-issue-6-2190-2194
Volume 2-issue-6-2190-2194
 
A Study of Intrusion Detection System Methods in Computer Networks
A Study of Intrusion Detection System Methods in Computer NetworksA Study of Intrusion Detection System Methods in Computer Networks
A Study of Intrusion Detection System Methods in Computer Networks
 
Artificially Intelligent Warehouse Management System
Artificially Intelligent Warehouse Management System Artificially Intelligent Warehouse Management System
Artificially Intelligent Warehouse Management System
 

Similar to A self adaptive learning approach for optimum path evaluation of process for forensic use to finding

Events Classification in Log Audit
Events Classification in Log Audit Events Classification in Log Audit
Events Classification in Log Audit IJNSA Journal
 
Applicability of Network Logs for Securing Computer Systems
Applicability of Network Logs for Securing Computer SystemsApplicability of Network Logs for Securing Computer Systems
Applicability of Network Logs for Securing Computer SystemsIDES Editor
 
Log Analysis Across System Boundaries for Security, Compliance, and Operations
Log Analysis Across System Boundaries for Security, Compliance, and OperationsLog Analysis Across System Boundaries for Security, Compliance, and Operations
Log Analysis Across System Boundaries for Security, Compliance, and OperationsAnton Chuvakin
 
Log Analysis Across System Boundaries for Security, Compliance, and Operations
Log Analysis Across System Boundaries for Security, Compliance, and OperationsLog Analysis Across System Boundaries for Security, Compliance, and Operations
Log Analysis Across System Boundaries for Security, Compliance, and OperationsAnton Chuvakin
 
Silhouette Threshold Based Text Clustering for Log Analysis
Silhouette Threshold Based Text Clustering for Log AnalysisSilhouette Threshold Based Text Clustering for Log Analysis
Silhouette Threshold Based Text Clustering for Log AnalysisIIRindia
 
G03503036044
G03503036044G03503036044
G03503036044theijes
 
Use Exabeam Smart Timelines to improve your SOC efficiency
Use Exabeam Smart Timelines to improve your SOC efficiencyUse Exabeam Smart Timelines to improve your SOC efficiency
Use Exabeam Smart Timelines to improve your SOC efficiencyJonathanPritchard12
 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditingPiyush Jain
 
Using process mining and model driven engineering to enhance security of web ...
Using process mining and model driven engineering to enhance security of web ...Using process mining and model driven engineering to enhance security of web ...
Using process mining and model driven engineering to enhance security of web ...S.Mostafa Sayyedi
 
Report: Study and Implementation of Advance Intrusion Detection and Preventio...
Report: Study and Implementation of Advance Intrusion Detection and Preventio...Report: Study and Implementation of Advance Intrusion Detection and Preventio...
Report: Study and Implementation of Advance Intrusion Detection and Preventio...Deepak Mishra
 
Big Data Security Analytic Solution using Splunk
Big Data Security Analytic Solution using SplunkBig Data Security Analytic Solution using Splunk
Big Data Security Analytic Solution using SplunkIJERA Editor
 
Security auditing architecture
Security auditing architectureSecurity auditing architecture
Security auditing architectureVishnupriya T H
 
Association Rule Mining Scheme for Software Failure Analysis
Association Rule Mining Scheme for Software Failure AnalysisAssociation Rule Mining Scheme for Software Failure Analysis
Association Rule Mining Scheme for Software Failure AnalysisEditor IJMTER
 
A Novel Methodology for Offline Forensics Triage in Windows Systems
A Novel Methodology for Offline Forensics Triage in Windows SystemsA Novel Methodology for Offline Forensics Triage in Windows Systems
A Novel Methodology for Offline Forensics Triage in Windows SystemsIRJET Journal
 
Computer Forensics in the Age of Compliance
Computer Forensics in the Age of ComplianceComputer Forensics in the Age of Compliance
Computer Forensics in the Age of ComplianceAnton Chuvakin
 
NIST 800-92 Log Management Guide in the Real World
NIST 800-92 Log Management Guide in the Real WorldNIST 800-92 Log Management Guide in the Real World
NIST 800-92 Log Management Guide in the Real WorldAnton Chuvakin
 
IRJET- A Detailed Analysis on Windows Event Log Viewer for Faster Root Ca...
IRJET- A Detailed Analysis on Windows Event Log Viewer for Faster Root Ca...IRJET- A Detailed Analysis on Windows Event Log Viewer for Faster Root Ca...
IRJET- A Detailed Analysis on Windows Event Log Viewer for Faster Root Ca...IRJET Journal
 
Audit logs for Security and Compliance
Audit logs for Security and ComplianceAudit logs for Security and Compliance
Audit logs for Security and ComplianceAnton Chuvakin
 
ArcSight Basics.ppt
ArcSight Basics.pptArcSight Basics.ppt
ArcSight Basics.pptneoalt
 

Similar to A self adaptive learning approach for optimum path evaluation of process for forensic use to finding (20)

Events Classification in Log Audit
Events Classification in Log Audit Events Classification in Log Audit
Events Classification in Log Audit
 
Applicability of Network Logs for Securing Computer Systems
Applicability of Network Logs for Securing Computer SystemsApplicability of Network Logs for Securing Computer Systems
Applicability of Network Logs for Securing Computer Systems
 
Log Analysis Across System Boundaries for Security, Compliance, and Operations
Log Analysis Across System Boundaries for Security, Compliance, and OperationsLog Analysis Across System Boundaries for Security, Compliance, and Operations
Log Analysis Across System Boundaries for Security, Compliance, and Operations
 
Log Analysis Across System Boundaries for Security, Compliance, and Operations
Log Analysis Across System Boundaries for Security, Compliance, and OperationsLog Analysis Across System Boundaries for Security, Compliance, and Operations
Log Analysis Across System Boundaries for Security, Compliance, and Operations
 
Silhouette Threshold Based Text Clustering for Log Analysis
Silhouette Threshold Based Text Clustering for Log AnalysisSilhouette Threshold Based Text Clustering for Log Analysis
Silhouette Threshold Based Text Clustering for Log Analysis
 
G03503036044
G03503036044G03503036044
G03503036044
 
Use Exabeam Smart Timelines to improve your SOC efficiency
Use Exabeam Smart Timelines to improve your SOC efficiencyUse Exabeam Smart Timelines to improve your SOC efficiency
Use Exabeam Smart Timelines to improve your SOC efficiency
 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditing
 
Using process mining and model driven engineering to enhance security of web ...
Using process mining and model driven engineering to enhance security of web ...Using process mining and model driven engineering to enhance security of web ...
Using process mining and model driven engineering to enhance security of web ...
 
Report: Study and Implementation of Advance Intrusion Detection and Preventio...
Report: Study and Implementation of Advance Intrusion Detection and Preventio...Report: Study and Implementation of Advance Intrusion Detection and Preventio...
Report: Study and Implementation of Advance Intrusion Detection and Preventio...
 
IT SYSTEMS , CONTROLS , CAATS AND FLOWCHARTS
IT SYSTEMS , CONTROLS , CAATS AND FLOWCHARTS IT SYSTEMS , CONTROLS , CAATS AND FLOWCHARTS
IT SYSTEMS , CONTROLS , CAATS AND FLOWCHARTS
 
Big Data Security Analytic Solution using Splunk
Big Data Security Analytic Solution using SplunkBig Data Security Analytic Solution using Splunk
Big Data Security Analytic Solution using Splunk
 
Security auditing architecture
Security auditing architectureSecurity auditing architecture
Security auditing architecture
 
Association Rule Mining Scheme for Software Failure Analysis
Association Rule Mining Scheme for Software Failure AnalysisAssociation Rule Mining Scheme for Software Failure Analysis
Association Rule Mining Scheme for Software Failure Analysis
 
A Novel Methodology for Offline Forensics Triage in Windows Systems
A Novel Methodology for Offline Forensics Triage in Windows SystemsA Novel Methodology for Offline Forensics Triage in Windows Systems
A Novel Methodology for Offline Forensics Triage in Windows Systems
 
Computer Forensics in the Age of Compliance
Computer Forensics in the Age of ComplianceComputer Forensics in the Age of Compliance
Computer Forensics in the Age of Compliance
 
NIST 800-92 Log Management Guide in the Real World
NIST 800-92 Log Management Guide in the Real WorldNIST 800-92 Log Management Guide in the Real World
NIST 800-92 Log Management Guide in the Real World
 
IRJET- A Detailed Analysis on Windows Event Log Viewer for Faster Root Ca...
IRJET- A Detailed Analysis on Windows Event Log Viewer for Faster Root Ca...IRJET- A Detailed Analysis on Windows Event Log Viewer for Faster Root Ca...
IRJET- A Detailed Analysis on Windows Event Log Viewer for Faster Root Ca...
 
Audit logs for Security and Compliance
Audit logs for Security and ComplianceAudit logs for Security and Compliance
Audit logs for Security and Compliance
 
ArcSight Basics.ppt
ArcSight Basics.pptArcSight Basics.ppt
ArcSight Basics.ppt
 

More from Alexander Decker

Abnormalities of hormones and inflammatory cytokines in women affected with p...
Abnormalities of hormones and inflammatory cytokines in women affected with p...Abnormalities of hormones and inflammatory cytokines in women affected with p...
Abnormalities of hormones and inflammatory cytokines in women affected with p...Alexander Decker
 
A validation of the adverse childhood experiences scale in
A validation of the adverse childhood experiences scale inA validation of the adverse childhood experiences scale in
A validation of the adverse childhood experiences scale inAlexander Decker
 
A usability evaluation framework for b2 c e commerce websites
A usability evaluation framework for b2 c e commerce websitesA usability evaluation framework for b2 c e commerce websites
A usability evaluation framework for b2 c e commerce websitesAlexander Decker
 
A universal model for managing the marketing executives in nigerian banks
A universal model for managing the marketing executives in nigerian banksA universal model for managing the marketing executives in nigerian banks
A universal model for managing the marketing executives in nigerian banksAlexander Decker
 
A unique common fixed point theorems in generalized d
A unique common fixed point theorems in generalized dA unique common fixed point theorems in generalized d
A unique common fixed point theorems in generalized dAlexander Decker
 
A trends of salmonella and antibiotic resistance
A trends of salmonella and antibiotic resistanceA trends of salmonella and antibiotic resistance
A trends of salmonella and antibiotic resistanceAlexander Decker
 
A transformational generative approach towards understanding al-istifham
A transformational generative approach towards understanding al-istifhamA transformational generative approach towards understanding al-istifham
A transformational generative approach towards understanding al-istifhamAlexander Decker
 
A time series analysis of the determinants of savings in namibia
A time series analysis of the determinants of savings in namibiaA time series analysis of the determinants of savings in namibia
A time series analysis of the determinants of savings in namibiaAlexander Decker
 
A therapy for physical and mental fitness of school children
A therapy for physical and mental fitness of school childrenA therapy for physical and mental fitness of school children
A therapy for physical and mental fitness of school childrenAlexander Decker
 
A theory of efficiency for managing the marketing executives in nigerian banks
A theory of efficiency for managing the marketing executives in nigerian banksA theory of efficiency for managing the marketing executives in nigerian banks
A theory of efficiency for managing the marketing executives in nigerian banksAlexander Decker
 
A systematic evaluation of link budget for
A systematic evaluation of link budget forA systematic evaluation of link budget for
A systematic evaluation of link budget forAlexander Decker
 
A synthetic review of contraceptive supplies in punjab
A synthetic review of contraceptive supplies in punjabA synthetic review of contraceptive supplies in punjab
A synthetic review of contraceptive supplies in punjabAlexander Decker
 
A synthesis of taylor’s and fayol’s management approaches for managing market...
A synthesis of taylor’s and fayol’s management approaches for managing market...A synthesis of taylor’s and fayol’s management approaches for managing market...
A synthesis of taylor’s and fayol’s management approaches for managing market...Alexander Decker
 
A survey paper on sequence pattern mining with incremental
A survey paper on sequence pattern mining with incrementalA survey paper on sequence pattern mining with incremental
A survey paper on sequence pattern mining with incrementalAlexander Decker
 
A survey on live virtual machine migrations and its techniques
A survey on live virtual machine migrations and its techniquesA survey on live virtual machine migrations and its techniques
A survey on live virtual machine migrations and its techniquesAlexander Decker
 
A survey on data mining and analysis in hadoop and mongo db
A survey on data mining and analysis in hadoop and mongo dbA survey on data mining and analysis in hadoop and mongo db
A survey on data mining and analysis in hadoop and mongo dbAlexander Decker
 
A survey on challenges to the media cloud
A survey on challenges to the media cloudA survey on challenges to the media cloud
A survey on challenges to the media cloudAlexander Decker
 
A survey of provenance leveraged
A survey of provenance leveragedA survey of provenance leveraged
A survey of provenance leveragedAlexander Decker
 
A survey of private equity investments in kenya
A survey of private equity investments in kenyaA survey of private equity investments in kenya
A survey of private equity investments in kenyaAlexander Decker
 
A study to measures the financial health of
A study to measures the financial health ofA study to measures the financial health of
A study to measures the financial health ofAlexander Decker
 

More from Alexander Decker (20)

Abnormalities of hormones and inflammatory cytokines in women affected with p...
Abnormalities of hormones and inflammatory cytokines in women affected with p...Abnormalities of hormones and inflammatory cytokines in women affected with p...
Abnormalities of hormones and inflammatory cytokines in women affected with p...
 
A validation of the adverse childhood experiences scale in
A validation of the adverse childhood experiences scale inA validation of the adverse childhood experiences scale in
A validation of the adverse childhood experiences scale in
 
A usability evaluation framework for b2 c e commerce websites
A usability evaluation framework for b2 c e commerce websitesA usability evaluation framework for b2 c e commerce websites
A usability evaluation framework for b2 c e commerce websites
 
A universal model for managing the marketing executives in nigerian banks
A universal model for managing the marketing executives in nigerian banksA universal model for managing the marketing executives in nigerian banks
A universal model for managing the marketing executives in nigerian banks
 
A unique common fixed point theorems in generalized d
A unique common fixed point theorems in generalized dA unique common fixed point theorems in generalized d
A unique common fixed point theorems in generalized d
 
A trends of salmonella and antibiotic resistance
A trends of salmonella and antibiotic resistanceA trends of salmonella and antibiotic resistance
A trends of salmonella and antibiotic resistance
 
A transformational generative approach towards understanding al-istifham
A transformational generative approach towards understanding al-istifhamA transformational generative approach towards understanding al-istifham
A transformational generative approach towards understanding al-istifham
 
A time series analysis of the determinants of savings in namibia
A time series analysis of the determinants of savings in namibiaA time series analysis of the determinants of savings in namibia
A time series analysis of the determinants of savings in namibia
 
A therapy for physical and mental fitness of school children
A therapy for physical and mental fitness of school childrenA therapy for physical and mental fitness of school children
A therapy for physical and mental fitness of school children
 
A theory of efficiency for managing the marketing executives in nigerian banks
A theory of efficiency for managing the marketing executives in nigerian banksA theory of efficiency for managing the marketing executives in nigerian banks
A theory of efficiency for managing the marketing executives in nigerian banks
 
A systematic evaluation of link budget for
A systematic evaluation of link budget forA systematic evaluation of link budget for
A systematic evaluation of link budget for
 
A synthetic review of contraceptive supplies in punjab
A synthetic review of contraceptive supplies in punjabA synthetic review of contraceptive supplies in punjab
A synthetic review of contraceptive supplies in punjab
 
A synthesis of taylor’s and fayol’s management approaches for managing market...
A synthesis of taylor’s and fayol’s management approaches for managing market...A synthesis of taylor’s and fayol’s management approaches for managing market...
A synthesis of taylor’s and fayol’s management approaches for managing market...
 
A survey paper on sequence pattern mining with incremental
A survey paper on sequence pattern mining with incrementalA survey paper on sequence pattern mining with incremental
A survey paper on sequence pattern mining with incremental
 
A survey on live virtual machine migrations and its techniques
A survey on live virtual machine migrations and its techniquesA survey on live virtual machine migrations and its techniques
A survey on live virtual machine migrations and its techniques
 
A survey on data mining and analysis in hadoop and mongo db
A survey on data mining and analysis in hadoop and mongo dbA survey on data mining and analysis in hadoop and mongo db
A survey on data mining and analysis in hadoop and mongo db
 
A survey on challenges to the media cloud
A survey on challenges to the media cloudA survey on challenges to the media cloud
A survey on challenges to the media cloud
 
A survey of provenance leveraged
A survey of provenance leveragedA survey of provenance leveraged
A survey of provenance leveraged
 
A survey of private equity investments in kenya
A survey of private equity investments in kenyaA survey of private equity investments in kenya
A survey of private equity investments in kenya
 
A study to measures the financial health of
A study to measures the financial health ofA study to measures the financial health of
A study to measures the financial health of
 

Recently uploaded

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 

Recently uploaded (20)

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 

A self adaptive learning approach for optimum path evaluation of process for forensic use to finding

  • 1. Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol.4, No.9, 2013 1 A Self Adaptive Learning Approach for Optimum Path Evaluation of Process for Forensic use to finding Uniqueness 1 Pallavi Ramteke pallavi.scjp@gmail.com (P.G.Scholar) Department of Computer Science. LNCT, Indore(M.P.) 453331 2 Yashpal Kadam yashpal.kadam@rediffmail.com(Asst.Prof.) Department of Computer Science. LNCT, Indore(M.P.) 453331 3 Sanket Gupta sanket.jec@gmail.com (P.G. Scholar) Department of Computer Science ,SATI, Vidisha(M.P.) 464001 Abstract One approach to protected systems is from first to last the examination of audit trails or logs. An audit trail is a evidence of all procedures that take place in a system and across a network, it provides a outline of user/system events so that safety measures events can be associated to the actions of a specific individual or system element. In the optimum path evaluation of a process working with the audit log of the system generated by our data format, a different kinds of processes accessed during the different user session .our proposed work is based on the concept of forensic activities and the process mining, where we introduce a new process analysis method by which we discover what the users next application. Keywords - Audit Logs, reference graph building,forensic,optimum path evaluation, process mining. I. INTRODUCTION In auditing log file investigations use of Process mining stands for a set of techniques to analyze process models and logs. However, the extent to which it can be used for security auditing that has not been investigated. the data examined may not contain the contents but just discloses activities that were electronically conducted by the criminals. In this paper, our primary concerns mostly address the auditing log files, that is, we are only concerned with users’ activities and determine the meaning of the sequence of the activities indirectly. Indeed, only retrieving the user’s malicious activities from the auditing log files is very challenging. The system log file contains events that are logged by the operating system components. These events are often predetermined by the operating system itself. System log files may contain information about device changes, device drivers, system changes, events, operations and more .Mining and analysis of this system access log can be helpful for extracting different kind of security applications, forensic applications or performance matrix application. there are a large amount of efforts and applications based on data mining is found in different domain of knowledge processing but with process mining that is too rare. Process mining aims at improving this by providing techniques and tools for discovering process, control, data, organizational, and social structures from event logs. The goal of process mining is to extract information about processes from transaction logs. We assume that it is possible to record events such that- (i) each event refers to an activity (i.e., a well-denned step in the process), (ii) each event refers to a case (i.e., a process instance), (iii) each event can have a performer also referred to as originator (the actor executing or initiating the activity), and
  • 2. Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol.4, No.9, 2013 2 (iv)Events have a timestamp and are totally ordered. In the proposed work we are working with the audit log of the system which is generated by our data format different kinds of processes accessed during the different user session, our proposed work is based on the concept of forensic activities and the process mining, where we introduce a new process analysis method by which we discover what the users next application. The goal of mining this perspective is to and a good characterization of all possible paths. The rest of this paper is organized as follows: Section II reviews auditing log files and Background work; Section III proposes work ; Section IV explains how to construct a Directed Graph and working of logs according to events and shows similarity function; Section V proposed system architecture; finally, we conclude the paper in Section VI. I. BACKGROUND WORK A. Auditing Events 1. Audit Log: It is security relevant chronological record, set of records, source and destination of records showing who has an accessed a computer system and what operation he or she performed during a given period of time. Audit logs/trails are useful both for maintaining security for recovering lost transaction such as financial transaction , scientific research and health care data transaction or communication by individual people, system or other activity. 2. System Log: The system log file contains events that are often predetermined by operating system itself. The system log directive display profit use of the syslog(System Log) mechanism and instead redirect all logging output to the specified filename. The filename argument should contain an absolute path and should not be to a file in a non existent directory, in a world-write able directory or be a symbolic link use of this directive overrides any facility set by the syslog facility directives. System log files may contains information about device change, device derivers, system change, events operations. 3. Error Logs : The Error Log view captures all the warnings and errors logged by plug-ins. The underlying log file is a .log file stored in the .metadata subdirectory of the workspace. Example of error log : Fig.1 Error Logs Events in the log view can be sorted by Message, Plug-in ID or Date in ascending or descending order. Simply click on the column header that you want the sorting to be based on. In most of the cases auditing log files are ordered in a time sequential manner, two consecutive logs or actions are likely to be irrelevant or not related to each other.
  • 3. Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol.4, No.9, 2013 3 B. Process Mining in Forensics The main use of audit logs was to monitor performance and to detect intrusions originating from an external source. With the passage of time however, the term “intrusion” has begun to express a wider meaning closely related to security policy. Forensic Data Mining (or Forensic Mining) which originated from Forensic Science can be described as the application of data mining techniques and other scientific tools to investigative process for good evidence. In the same vein, the investigative process of auditing called forensic auditing could be defined as the application of auditing skills to situations that have legal consequences. In most of the cases auditing log files are ordered in a time sequential manner, two consecutive logs or actions are likely to be irrelevant or not related to each other. This can be especially true for the network auditing log files. Moreover, in the network auditing log files, which are captured by the aforementioned network monitoring tools, even one action produces many packets. The use of process mining for (internal and external) audits has been gaining in momentum. However, to the best of our knowledge there is no previous academic work addressing the intersection of security audits and process mining. The idea of process mining is to discover, monitor and improve real processes (i.e., not assumed processes) by extracting knowledge from event logs readily available in today’s (information) systems. Process mining includes (automated) process discovery (i.e., extracting process models from an event log), conformance checking (i.e., monitoring deviations by comparing model and log), social network/organizational mining, automated construction of simulation models, model extension, model repair, case prediction,and history-based recommendations. III. PROPOSED WORK In the proposed working with the audit log of the system which is generated by our data format, different kinds of processes accessed during the different user session, our proposed work is based on the concept of forensic activities and the process mining, where we introduce a new process analysis method by which we discover what the users next application. The complete audit log contains the following information: 1. User type 2. Process Name 3. Access Time 4. Remote Process 5. Defined Process 6. New Process This information is represented using a weighted and directed graph. Suppose the complete log contains only three processes than the process can be known as A, B, C and the weighed graph is designed as the below and all other session which use this process in defined as the sub graph of the reference graph, this weighted graph is used as weighted matrix to evaluate the next user session using random walk theory and traversing probability. which node is required to explore.
  • 4. Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol.4, No.9, 2013 4 Fig.2 Complete Graph of Process IV. SYSTEM ARCHITECTURE In the system architecture data is collected form n no. of systems which are connected in network. This data is mainly contains the Application Logs , System Logs , Audits Logs and Error .All the Logs having different functionally and purpose in which first is Application Log : The application log file contains events that are logged by the applications used on a computer system. Events that are written to the application log are determined by the developers of the software program, not the operating system. Fig.3 System Architecture System Log : The system log file contains events that are logged by the operating system components. These events are often predetermined by the operating system itself. System log files may contain information about device changes, device drivers, system changes, events, operations and more. Audit Logs : An audit trail (or audit log) is a security-relevant chronological record, set of records, or destination and source of records that provide documentary evidence of the sequence of activities that have affected at any time a specific operation, procedure, or event. UPLOAD DATA APPLICATION LOGS SYSTEM LOGS AUDIT LOGS DATA MANAGEMENT CLASSIFICATION & DATA PRUNING USER BEHAVIOR DETECTION
  • 5. Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol.4, No.9, 2013 5 Error Logs : The Error Log view captures all the warnings and errors logged by plug-ins. All this Logs are now come to the data management section in which data are managed by using the classification algorithms. After this data are pruned with the help of algorithm, final data come for the detection process. For the users behavior detection we use random walk theory. Random Walk Theory : The random walk theory is based on stock price change. An investment theory which claims that market prices follow a random path up and down, without any influence by past price movements, making it impossible to predict with any accuracy which direction the market will move at any point. Investors who believe in the random walk theory feel that it is impossible to outperform the market without taking on additional risk, and believe that neither fundamental analysis nor technical analysis have any validity. V. IMPLEMENTATION The implementation of the required model is under java virtual machine, which contains a rich class library for computational ability. As we discus in the above section we know all the path of the session is a sub-graph of the reference graph. Reference Graph Building  count the number of unique attributes in the attribute set.  find all possible path using the formula path = n! Similarity computation The computation is based on the most relevance probability match which is estimated using First, we build the Image similarity graph using following cosine function. Where, dp belongs to D and D is the total reference set. dq is the nearest graph of dp Error correction here we use the iterative technique to reduce the predictive error in the proposed algorithm where error = real value – predicted value that is adjusted in the next predictive value. VI. EXPECTED OUT COME After the successfully implementation of the proposed algorithm we found the following improvement over the existing system : 1. Implementation of new predictive technique that is based on the graph theory. 2. A method that promises to provide the high performance results . 3.A comparative study between tradition next path estimation and new path estimation technique. VII. CONCLUSION The log files range from a simple system log file to a server side web-based email log file. However, it is easily supposed that our investigations of covert channels are not completed due to the lack of information. The
  • 6. Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol.4, No.9, 2013 6 proposed method is use user relationship graph. This method give better investigation because it maintain session by sub graphs. Previous methods use log file for investigation and these method does not cover complete information of overall sessions. VIII. REFERENCES [1] Daisuke Takahashi, Yang Xiao, and Ke Meng “Creating User-Relationship-Graph in Use of Flow-Net and Log Files for Computer and Network Accountability and Forensics” The IEEE Military Communications Conference-Cyber Security and Network Management ,pp1941-47,2010 [2] Zhenyu Wang, Qing Yao, Yuqing Sun”The Research of Process Mining Assessment used in Business Intelligence” IEEE/ACIS 11th Inter national Conference on Computer and Information Science,pp179-83,2012 [3] Dina Hadžiosmanovi´c ,Damiano Bolzoni ,Pieter H. Hartel”A log mining approach for process monitoring in SCADA” Int. J. Inf. Secur.pp231–251,2012 [4] Wil M.P. van der Aalst, Schahram Dustdar” Process Mining Put into Context” Published by the IEEE Computer Society,pp82-86,2012 [5] Wil van der Aalst” Process Mining: Making Knowledge Discovery Process Centric” SIGKD D Explorations, Volume 13, Issue 2,pp45 49,2012 [6] Rafael Accorsi ,Thomas Stocker” On the Exploitation of Process Mining for Security Audits: The Conformance Checking Case” ACM 978-1-4503-0857-1/12/03, March 26-30, 2012 [7] D. Takahashi and Y. Xiao, “Retrieving Knowledge from Auditing Log Files for Computer and Network Forensics and Accountability,” (Wiley) Security and Communication Networks. Vol. 1. No. 2, pp. 147 – 160, Feb. 29, 2008 [8] L. Ding and B. Dixon, “Using an edge-dual graph and k-connectivity to identify strong connections in social networks,” Proc. of the ACM 46th Annual Southeast Regional Conference, pp. 475-480, 2008. [9] B. Fu and Y. Xiao, "An Implementation Scheme of Flow-Net and Its Applications on Detecting Attacks in Wireless Networks," Proc. of IEEE GLOBECOM 2010 [10] R. Mayrhofer, K. Nyberg, and T. Kindberg, "Foreword," International Journal of Security and Networks, Vol. 4, Nos. 1/2, pp. 1 - 3, 2009. [11] S. Ehlert, Y. Rebahi, and T. Magedanz, "Intrusion Detection System for Denial-of-Service flooding attacks in SIP communication networks," International Journal of Security and Networks, Vol. 4, No.3, pp. 189 - 200, 2009. [12] K. Tsai, C. Hsu, and T. Wu, "Mutual anonymity protocol with integrity protection for mobile peer-to-peer networks," International Journal of Security and Networks, Vol. 5, No.1 pp. 45 - 52, 2010, DOI: 10.1504/IJSN.2010.030722
  • 7. This academic article was published by The International Institute for Science, Technology and Education (IISTE). The IISTE is a pioneer in the Open Access Publishing service based in the U.S. and Europe. The aim of the institute is Accelerating Global Knowledge Sharing. More information about the publisher can be found in the IISTE’s homepage: http://www.iiste.org CALL FOR JOURNAL PAPERS The IISTE is currently hosting more than 30 peer-reviewed academic journals and collaborating with academic institutions around the world. There’s no deadline for submission. Prospective authors of IISTE journals can find the submission instruction on the following page: http://www.iiste.org/journals/ The IISTE editorial team promises to the review and publish all the qualified submissions in a fast manner. All the journals articles are available online to the readers all over the world without financial, legal, or technical barriers other than those inseparable from gaining access to the internet itself. Printed version of the journals is also available upon request of readers and authors. MORE RESOURCES Book publication information: http://www.iiste.org/book/ Recent conferences: http://www.iiste.org/conference/ IISTE Knowledge Sharing Partners EBSCO, Index Copernicus, Ulrich's Periodicals Directory, JournalTOCS, PKP Open Archives Harvester, Bielefeld Academic Search Engine, Elektronische Zeitschriftenbibliothek EZB, Open J-Gate, OCLC WorldCat, Universe Digtial Library , NewJour, Google Scholar