Automatic Timeline Construction and Analysis For Computer Forensics Purposes

Yoan Chabot 1 Aurélie Bertaux 2 Christophe Nicolle 3 Tahar Kechadi 4
1 Le2i - CheckSem
Le2i - Laboratoire Electronique, Informatique et Image, School of Computer Science and Informatics [Dublin]
3 Checksem
Le2i - Laboratoire Electronique, Informatique et Image
Abstract : To determine the circumstances of an incident, investigators need to reconstruct events that occurred in the past. The large amount of data spread across the crime scene makes this task very tedious and complex. In particular, the analysis of the reconstructed timeline, due to the huge quantity of events that occurred on a digital system, is almost impossible and leads to cognitive overload. Therefore, it becomes more and more necessary to develop automatic tools to help or even replace investigators in some parts of the investigation. This paper introduces a multi-layered architecture designed to assist the investigative team in the extraction of information left in the crime scene, the construction of the timeline representing the incident and the interpretation of this latter.
Document type :
Conference papers
IEEE Joint Intelligence & Security Informatics Conference 2014 (IEEE JISIC2014), Sep 2014, La Haye, Netherlands. pp.4, 2014


https://hal.archives-ouvertes.fr/hal-01017212
Contributor : Yoan Chabot <>
Submitted on : Wednesday, July 2, 2014 - 9:26:42 AM
Last modification on : Monday, October 13, 2014 - 3:43:25 PM

Identifiers

  • HAL Id : hal-01017212, version 1

Collections

Citation

Yoan Chabot, Aurélie Bertaux, Christophe Nicolle, Tahar Kechadi. Automatic Timeline Construction and Analysis For Computer Forensics Purposes. IEEE Joint Intelligence & Security Informatics Conference 2014 (IEEE JISIC2014), Sep 2014, La Haye, Netherlands. pp.4, 2014. <hal-01017212>

Export

Share

Metrics

Consultations de la notice

148