A Probabilistic Logic Programming Based Model for Network Forensics

Liu, Changwei

MARS Home
→
etd @ Mason (Electronic Theses and Dissertations)
→
College of Engineering and Computing
→
View Item

dc.contributor.advisor	Wijesekera, Duminda
dc.contributor.author	Liu, Changwei
dc.creator	Liu, Changwei
dc.date.accessioned	2016-04-19T19:29:44Z
dc.date.available	2016-04-19T19:29:44Z
dc.date.issued	2015
dc.identifier.uri	https://hdl.handle.net/1920/10197
dc.description.abstract	Network forensics is the science that addresses the capture, recording and analysis of network events and traffic for detecting intrusions and investigating them, attributing blame and supporting a case against potential intruders in an appropriate court of law. Network forensics involves post mortem investigation of the attack. Forensics investigations are initiated after the attack has happened. Different stages of legal proceedings (such as obtaining a warrant or evidence to the jury) require reconstructing an attack scenario from an attacked system with varying degrees of certainty. In order to present the scenario that can be best supported by evidence, digital forensic investigators analyze all possible attack scenarios reconstructed from the available evidence. The analysis phase also assigns some indication of possibilities, including an odds ratio for each potential attack.
dc.format.extent	168 pages
dc.language.iso	en
dc.rights	Copyright 2015 Changwei Liu
dc.subject	Computer science	en_US
dc.subject	Attack scenario	en_US
dc.subject	Cyber attack	en_US
dc.subject	Digital evidence	en_US
dc.subject	Evidence graph	en_US
dc.subject	Logic programming	en_US
dc.subject	Network forensics	en_US
dc.title	A Probabilistic Logic Programming Based Model for Network Forensics
dc.type	Dissertation	en
thesis.degree.level	Doctoral	en
thesis.degree.discipline	Computer Science	en
thesis.degree.grantor	George Mason University	en