A Probabilistic Network Forensic Model for Evidence Analysis

@inproceedings{Liu2016APN,
  title={A Probabilistic Network Forensic Model for Evidence Analysis},
  author={Changwei Liu and Anoop Singhal and Duminda Wijesekera},
  booktitle={IFIP Int. Conf. Digital Forensics},
  year={2016}
}
Modern-day attackers tend to use sophisticated multi-stage/multi-host attack techniques and anti-forensic tools to cover their attack traces. Due to the current limitations of intrusion detection systems (IDS) and forensic analysis tools, evidence can be false positives or missing. Additionally, because of the large number of security events, finding an… CONTINUE READING