Digital forensics is gaining importance due to the increase of cyber-crimes and frauds on the Internet. The key challenge for forensic analysis to extract evidence from massive size of datasets in which data is highly skewed and consists of variable lengths of information. Machine learning methods are well known for their pattern detection and generalization capabilities and could be the best choice for detecting anomalous activities in the file-system activity datasets. The current focus of the research is to reconstruct a post-event timeline of the different events that have happened and then detecting aanomalous activities using a combination of a neural networks and Bayesian belief networks.
- Muhammad Naeem Khan