Browse > Article
http://dx.doi.org/10.7236/JIIBC.2019.19.1.1

Determination of Intrusion Log Ranking using Inductive Inference  

Ko, Sujeong (Dept. of Computer Software, Induk University)
Publication Information
The Journal of the Institute of Internet, Broadcasting and Communication / v.19, no.1, 2019 , pp. 1-8 More about this Journal
Abstract
Among the methods for extracting the most appropriate information from a large amount of log data, there is a method using inductive inference. In this paper, we use SVM (Support Vector Machine), which is an excellent classification method for inductive inference, in order to determine the ranking of intrusion logs in digital forensic analysis. For this purpose, the logs of the training log set are classified into intrusion logs and normal logs. The associated words are extracted from each classified set to generate a related word dictionary, and each log is expressed as a vector based on the generated dictionary. Next, the logs are learned using the SVM. We classify test logs into normal logs and intrusion logs by using the log set extracted through learning. Finally, the recommendation orders of intrusion logs are determined to recommend intrusion logs to the forensic analyst.
Keywords
SVM(Support Vector Machine); Forensic Analysis; Intrusion Log Ranking; Inductive Reasoning;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 N. Kumar S. Deepak S. Tomar, and B. Nath Ray, "An Approach to Understand the End User Behavior through Log Analysis," International Journal of Computer Application, Vol. 5, No. 11, 2010. DOI: https://doi.org/10.5120/953-1330
2 Antonio J. Tallon-Ballesteros and Jose C. Riquelme, "Data Mining Methods Applied to a Digital Forensics Task for Supervised Machine Learning," Vol. 555, pp. 413-428, Studies in Computational Intelligence, 2014. DOI: https://doi.org/10.1007/978-3-319-05885-6_17
3 Feelders A., Verkooijen W., "On the Statistical Comparison of Inductive Learning Methods," In: Fisher D., Lenz HJ. (eds) Learning from Data, Lecture Notes in Statistics, Vol. 112, Springer, 1996. DOI: https://doi.org/10.1007/978-1-4612-2404-4_26
4 Tamas Abraham, Olivier de Vel, "Investigative Profiling with Computer Forensic Log Data and Association Rules," In Proceeding of IEEE International Conference on Data Mining(ICDM), 2002. DOI: https://doi.org/10.1109/icdm.2002.1183880
5 Sujeong Ko, "A Text Mining-based Intrusion Log Recommendation in Digital Forensics", KIPS Transactions on Computer and Communication Systems, Vol. 2, No. 6, pp. 279-290, 2013. DOI: https://doi.org/10.3745/KTCCS.2013.2.6.279   DOI
6 S. Kim, J. Lee, "A Study on Face Recognition using Support Vector Machine," The Journal of the Institute of Internet, Broadcasting and Communication, Vol. 16, No. 6, pp.183-190, 2016. DOI: https://doi.org/10.7236/JIIBC.2016.16.6.183   DOI
7 Z. Zeng, S. Zhu, "A kernel-based sampling to train SVM with imbalanced data set," IEEE Conference Anthology, pp. 1-5, 2013. DOI: https://doi.org/10.1109/ANTHOLOGY.2013.6784693
8 Cohen, J., "A Coefficient of Agreement for Nominal Scales," Educational and Psychological Measurement, Vol. 20, pp. 37-46, 1960. DOI: https://doi.org//10.1177/001316446002000104   DOI
9 R. Jalam, O. Teytaud, "Kernel-based text categorisation," International Joint Conference on Neural Networks, Proceedings (Cat. No.01CH37222), pp. 1891-1896, Vol. 3, 2001. DOI: https://doi.org/10.1109/IJCNN.2001.938452
10 D. Hong, S. Jeon, C. Kim, H. Kim, "Analysis of Digital Forensics Technology Trends Based on Big Data," Journal of The Korea Knowledge Information Technology Society(JKKITS), pp. 51-63, Vol. 9, No. 1, 2014. UCI : G704-SER000001483.2014.9.1.018
11 Chang, Joong-Hyuk, "Finding high utility old itemsets in web-click streams," Journal of the Korea Academia-Industrial cooperation Society, Vol. 17, No. 4, 2016. DOI: 10.5762/KAIS.2016.17.4.521
12 D. Meena1, H. Gupta, "Digital Crime Investigation using Various Logs and Fuzzy Rules: A Review," International Journal of Advanced Research in Computer and Communication Engineering, Vol. 2, Issue 4, 2013.
13 David Faraggi, Benjamin Reiser, "Estimation of the area under the ROC curve," STATISTICS IN MEDICINE, Vol. 21, pp. 3093-3106, 2002. DOI: https://doi.org/10.1002/sim.1228   DOI
14 Heidi Lam, Daniel M. Russell, and Diane Tang, "Visual Exploratory Analysis of Web Session Logs," Symposium on Visual Analytics Science and Technology (VAST), IEEE, pp. 147-154, 2007. DOI: https://doi.org/10.1109/VAST.2007.4389008
15 Herlocker, J., Konstan J., Terveen L., and Riedl J., "Evaluating Collaborative Filtering Recommender Systems," ACM Transactions on Information Systems (TOIS) TOIS Homepage archive, Vol. 22, Issue 1, 2004. DOI: https://doi.org/10.1145/963770.963772