You are here

Automatic Timeline Construction For Computer Forensics Purposes

Authors: 

Yoan Chabot, Aurélie Bertaux, Christophe Nicolle, Tahar Kechadi

Publication Type: 
Refereed Conference Meeting Proceeding
Abstract: 
To determine the circumstances of an incident, investigators need to reconstruct events that occurred in the past. The large amount of data spread across the crime scene makes this task very tedious and complex. In particular, the analysis of the reconstructed timeline, due to the huge quantity of events that occurred on a digital system, is almost impossible and leads to cognitive overload. It becomes more and more necessary to develop automatic tools to help or even replace investigators in some parts of the investigation. This paper introduces a multilayered architecture design to assist the investigative team in the extraction of information left in the crime scene, the construction of the timeline representing the incident and the interpretation of this latter.
Conference Name: 
IEEE Joint Intelligence and Security Informatics Conference (ISI-EISIC 2014)
Proceedings: 
IEEE Joint Intelligence and Security Informatics Conference (ISI-EISIC 2014)
Digital Object Identifer (DOI): 
10.1109/JISIC.2014.54
Publication Date: 
24/09/2014
Conference Location: 
Netherlands
Institution: 
National University of Ireland, Dublin (UCD)
Open access repository: 
No
Publication document: