CFP last date
20 January 2025
Reseach Article

An Approach to Understand the End User Behavior through Log Analysis

by Bhola Nath Roy, Deepak Singh Tomar, Nikhil Kumar Singh
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 5 - Number 11
Year of Publication: 2010
Authors: Bhola Nath Roy, Deepak Singh Tomar, Nikhil Kumar Singh
10.5120/953-1330

Bhola Nath Roy, Deepak Singh Tomar, Nikhil Kumar Singh . An Approach to Understand the End User Behavior through Log Analysis. International Journal of Computer Applications. 5, 11 ( August 2010), 27-34. DOI=10.5120/953-1330

@article{ 10.5120/953-1330,
author = { Bhola Nath Roy, Deepak Singh Tomar, Nikhil Kumar Singh },
title = { An Approach to Understand the End User Behavior through Log Analysis },
journal = { International Journal of Computer Applications },
issue_date = { August 2010 },
volume = { 5 },
number = { 11 },
month = { August },
year = { 2010 },
issn = { 0975-8887 },
pages = { 27-34 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume5/number11/953-1330/ },
doi = { 10.5120/953-1330 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T19:54:02.532697+05:30
%A Bhola Nath Roy
%A Deepak Singh Tomar
%A Nikhil Kumar Singh
%T An Approach to Understand the End User Behavior through Log Analysis
%J International Journal of Computer Applications
%@ 0975-8887
%V 5
%N 11
%P 27-34
%D 2010
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Categorizing the end user in the web environment is a mind-numbing task. Huge amount of operational data is generated when end user interacts in web environment. This generated operational data is stored in various logs and may be useful source of capturing the end user activates. Pointing out the suspicious user in a web environment is a challenging task. To conduct efficient investigation in cyber space the available logs should be correlated. In this paper a prototype system is developed and implemented which is based on relational algebra to build the chain of evidence. The prototype system is used to preprocess the real generated data from logs and classify the suspicious user based on decision tree. At last various challenges in the logs managements are presented.

References
  1. http://www.all-about-forensic-science.com/cyber-forensics.html
  2. Gary L Palmer A Road Map for Digital Forensic Research. Technical ReportDTR-T0010-01, DFRWS. Report for the First Digital Forensic Research Workshop (DFRWS),(2001).
  3. Tamas Abraham “Event Sequence Mining to Develop Profiles for Computer Forensic Investigation Purposes” Information Networks Division Defence Science and Technology Organization, Australia
  4. http://www.cyberforensics.com
  5. Robert Rinnan “Benefits of Centralized Log file Correlation” Master’s Thesis, Master of Science in Information Security30 ECTS, Department of Computer Science and Media Technology Gjøvik University College, 2005.
  6. Deepak Singh Tomar, J.L.Rana and S.C.Shrivastava, Evidence Gathering System for Input Attacks in (IJCNS) International Journal of Computer and Network Security Vol. 1, No. 1, October 2009.
  7. Muhammad Kamran Ahmed, Mukhtar Hussain and Asad Raza “An Automated User Transparent Approach to log Web URLs for Forensic Analysis” Fifth International Conference on IT Security Incident Management and IT Forensics 2009.
  8. Pavel Gladyshev “Formalising Event Reconstruction in Digital Investigations” Ph.D. dissertation Department of Computer Science, University College Dublin, 2004.
  9. Nabil HAMMOUD “Decentralized Log Event Correlation Architecture “ MEDES, Lyon, France,2009
  10. Tamas Abraham and Olivier de Vel “Investigative Profilling with Computer Forensic Log Data and Association”IEEE,2002
  11. Data Mining – Concept and Techniques by Jiawei Han and Micheline Kamber.
Index Terms

Computer Science
Information Sciences

Keywords

cyber forensic log file correlation decision tree chain of evidence cyber crime