Skip to main content
Conference Proceedings

Interactive temporal digital forensic event analysis

IFIP Advances in Information and Communication Technology (2020) 589 IFIP 39-55
DOI: 10.1007/978-3-030-56223-6_3
1Citations
Citations of this article
9Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Current digital forensic tools and applications lack the capability to visually present high-level system events and their associated low-level traces in a user interpretable form. This chapter describes the Temporal Analysis Integration Management Application (TAIMA), an interactive graphical user interface that renders graph-based information visualizations for digital forensic event reconstruction. By leveraging correlation and abstraction as core functions, TAIMA reduces the manual, labor-intensive efforts needed to conduct timeline analyses during digital forensic examinations. A pilot usability study conducted to evaluate TAIMA supports the claim that correlation and abstraction of low-level events into high-level system events can enhance digital forensic examinations.

Author supplied keywords

Cite

CITATION STYLE

APA

Adderley, N., & Peterson, G. (2020). Interactive temporal digital forensic event analysis. In IFIP Advances in Information and Communication Technology (Vol. 589 IFIP, pp. 39–55). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-56223-6_3

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free