Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 3 of 3
Full-Text Articles in Physical Sciences and Mathematics
Automatic Log Parser To Support Forensic Analysis, Hudan Studiawan, Ferdous Sohel, Christian Payne
Automatic Log Parser To Support Forensic Analysis, Hudan Studiawan, Ferdous Sohel, Christian Payne
Australian Digital Forensics Conference
Event log parsing is a process to split and label each field in a log entry. Existing approaches commonly use regular expressions or parsing rules to extract the fields. However, such techniques are time-consuming as a forensic investigator needs to define a new rule for each log file type. In this paper, we present a tool, namely nerlogparser, to parse the log entries automatically, where log parsing is modeled as a named entity recognition problem. We use a deep machine learning technique, specifically the bidirectional long short-term memory networks, as the underlying architecture for this purpose. Unlike existing tools, nerlogparser …
Is Working With What We Have Enough?, Brian Cusack, Bryce Antony
Is Working With What We Have Enough?, Brian Cusack, Bryce Antony
Australian Digital Forensics Conference
Augmented reality (AR) digital environments have introduced a new complexity to digital investigation where augmented overlays of real objects may be momentary, changed, distorted and evade the usual methods for evidence collection. It is possible an investigator applying standard investigation methods factually reports a real situation and its digital context but has none of the relevant evidence. In this situation the potential for a fair hearing is low and the chance of retrial high. Such situations are unacceptably dangerous and require redress. In this paper the AR condition is considered in terms of its complexity and management during an investigation. …
Digital Forensics Investigative Framework For Control Rooms In Critical Infrastructure, Brian Cusack, Amr Mahmoud
Digital Forensics Investigative Framework For Control Rooms In Critical Infrastructure, Brian Cusack, Amr Mahmoud
Australian Digital Forensics Conference
In this paper a cyber-forensic framework with a detailed guideline for protecting control systems is developed to improve the forensic capability for big data in critical infrastructures. The main objective of creating a cyber-forensic plan is to cover the essentials of monitoring, troubleshooting, data reconstruction, recovery, and the safety of classified information. The problem to be addressed in control rooms is the diversity and quantity of data, and for investigators, bringing together the different skill groups for managing data and device diversity. This research embraces establishing of a new digital forensic model for critical infrastructures that supports digital forensic investigators …