Advertisement

Exploring Forensic Data with Self-Organizing Maps

  • B. Fei
  • J. Eloff
  • H. Venter
  • M. Olivier
Part of the IFIP — The International Federation for Information Processing book series (IFIPAICT, volume 194)

Abstract

This paper discusses the application of a self-organizing map (SOM), an unsupervised learning neural network model, to support decision making by computer forensic investigators and assist them in conducting data analysis in a more efficient manner. A SOM is used to search for patterns in data sets and produce visual displays of the similarities in the data. The paper explores how a SOM can be used as a basis for further analysis. Also, it demonstrates how SOM visualization can provide investigators with greater abilities to interpret and explore data generated by computer forensic tools.

Keywords

Computer forensics self-organizing map data visualization 

References

  1. [1]
    AccessData (www.accessdata.com).Google Scholar
  2. [2]
    E. Casey, Handbook of Computer Crime Investigation: Forensic Tools and Technology, Academic Press, San Diego, California, 2002.Google Scholar
  3. [3]
    A. Engelbrecht, Computational Intelligence: An Introduction, Wiley, New York, 2002.Google Scholar
  4. [4]
    D. Gollman, Computer Security, Wiley, New York, 1999.Google Scholar
  5. [5]
    Guidance Software (www.guidancesoftware.com).Google Scholar
  6. [6]
    T. Kohonen, The self-organizing map, Proceedings of the IEEE, vol. 78(9), pp. 1464–1480, 1990.CrossRefGoogle Scholar
  7. [7]
    T. Kohonen, Self-Organizing Maps, Springer-Verlag, Berlin, Germany, 1995.Google Scholar
  8. [8]
    W. Kruse and J Heiser, Computer Forensics: Incident Response Essentials, Addison-Wesley, Reading, Massachusetts, 2002.Google Scholar
  9. [9]
    A. Marcella and R. Greenfield (Eds.), Cyber Forensics: A Field Manual for Collecting, Examining and Preserving Evidence of Computer Crimes, Auerbach, Boca Raton, Florida, 2002.Google Scholar
  10. [10]
    D. Schweitzer, Incident Response: Computer Forensics Toolkit, Wiley, New York, 2003.Google Scholar
  11. [11]
    Technology Pathways (www.techpathways.com).Google Scholar
  12. [12]
    J. Vesanto, SOM-based data visualization methods, Intelligent Data Analysis, vol. 3(2), pp. 111–126, 1999.zbMATHCrossRefGoogle Scholar

Copyright information

© International Federation for Information Processing 2006

Authors and Affiliations

  • B. Fei
  • J. Eloff
  • H. Venter
  • M. Olivier

There are no affiliations available

Personalised recommendations