Title :
A Web Forensic System Based on Semantic Checking
Author_Institution :
Dept. of Inf. Technol., Hubei Univ. of Police, Wuhan
Abstract :
Computer forensics aimed at determining the relevant causes and effects between the present state of computer system and malicious operation through the measures which could be adopted on the court. This paper proposes an intrusion forensics worked on a WEB server. The forensics system monitor the access to the log files and combine it with the timestamp and other clues in the log file, thus comprehensive operation facts are formed and represented by XML. Through analyzing with a decision tree, intrusion behavior evidence can be abstracted. Especially when a hacker tried to wipe his trace, the system can detect it effectively.
Keywords :
Internet; XML; computer crime; decision trees; Web forensic system; Web server; XML; computer forensics; computer system; decision tree; intrusion behavior evidence; intrusion forensics; log files; malicious operation; semantic checking; Computational intelligence; Computer crime; Decision trees; Forensics; Information technology; Kernel; Logic; Probes; Web server; XML; decision tree; semantic checking; web forensic;
Conference_Titel :
Computational Intelligence and Design, 2008. ISCID '08. International Symposium on
Conference_Location :
Wuhan
Print_ISBN :
978-0-7695-3311-7
DOI :
10.1109/ISCID.2008.76
