Challenges and Strategies in Forensic Investigation: Leveraging Technology for Digital Security Using Log/Event Analysis Method
DOI:
https://doi.org/10.15408/jti.v18i1.42815Keywords:
network anomaly detection, Naive Bayes classification, machine learning, cybersecurity, log analysisAbstract
Cybersecurity threats continue to evolve, necessitating advanced techniques for network anomaly detection. This study developed a comprehensive methodology for detecting network anomalies by leveraging sophisticated log and event analysis using machine learning algorithms. By employing a Naive Bayes classification approach on a synthetic cybersecurity dataset comprising 40,000 entries with 25 unique features, the research aimed to enhance anomaly detection precision. The methodology involved meticulous data preprocessing, feature selection, and strategic model validation techniques, including cross-validation and external benchmarking. Comparative analysis with K-Nearest Neighbors and Support Vector Machine algorithms demonstrated the Naive Bayes method's superior performance, achieving a classification accuracy of 94.8%, an Area Under the Curve (AUC) of 0.949, and a Matthews Correlation Coefficient of 0.896. The study identified critical parameters influencing anomaly detection, such as source port characteristics and attack signatures. These findings contribute significant insights into machine learning-based network security strategies, offering a robust framework for early threat identification and mitigation.
References
N. Fadila, G. Goso, R. Hamid, and I. Ukkas, “Pengaruh Literasi Keuangan, Financial Technology, Persepsi Risiko, dan Locus of Control Terhadap Keputusan Investasi Pengusaha Muda,” Owner, vol. 6, pp. 1633–1643, Mar. 2022, doi: 10.33395/owner.v6i2.789.
S. Sheoran and D. Mahna, “Enhancing Forensic Voice Analysis with the Aid of Noise Cancellation: A Forensic Approach,” in 2023 14th International Conference on Computing Communication and Networking Technologies (ICCCNT), 2023, pp. 1–7. doi: 10.1109/ICCCNT56998.2023.10308303.
B. K. Sharma, M. A. Joseph, B. Jacob, and B. Miranda, “Emerging trends in Digital Forensic and Cyber security- An Overview,” in 2019 Sixth HCT Information Technology Trends (ITT), 2019, pp. 309–313. doi: 10.1109/ITT48889.2019.9075101.
G. Suarez-Tangil, J. E. Tapiador, P. Peris-Lopez, and A. Ribagorda, “Evolution, detection and analysis of malware for smart devices,” IEEE Commun. Surv. tutorials, vol. 16, no. 2, pp. 961–987, 2013.
F. Jimmy, “Emerging threats: The latest cybersecurity risks and the role of artificial intelligence in enhancing cybersecurity defenses,” Val. Int. J. Digit. Libr., pp. 564–574, 2021.
S. Agostinelli, F. Chiariello, F. M. Maggi, A. Marrella, and F. Patrizi, “Process mining meets model learning: Discovering deterministic finite state automata from event logs for business process analysis,” Inf. Syst., vol. 114, p. 102180, 2023.
A. Almusayli, T. Zia, and E.-H. Qazi, “Drone Forensics: An Innovative Approach to the Forensic Investigation of Drone Accidents Based on Digital Twin Technology,” Technologies, vol. 12, no. 1, p. 11, 2024.
J.-S. Kim, D.-G. Kim, and B.-N. Noh, “A fuzzy logic based expert system as a network forensics,” in 2024 IEEE International Conference on Fuzzy Systems (IEEE Cat. No.04CH37542), 2024, pp. 879–884 vol.2. doi: 10.1109/FUZZY.2004.1375521.
V. Pooryousef, M. Cordeil, L. Besançon, R. Bassed, and T. Dwyer, “Collaborative Forensic Autopsy Documentation and Supervised Report Generation Using a Hybrid Mixed-Reality Environment and Generative AI,” IEEE Trans. Vis. Comput. Graph., vol. 30, no. 11, pp. 7452–7462, 2024, doi: 10.1109/TVCG.2024.3456212.
A. M. Bade, S. H. Othman, S. Z. M. Hashim, and S. H. M. Yusof, “Expert Validation of Online Social Networks Forensic Investigation Metamodel (OSNFIM),” in 2023 International Conference on Data Science and Its Applications (ICoDSA), 2023, pp. 500–505. doi: 10.1109/ICoDSA58501.2023.10277048.
S. Benkerroum and K. Chougdali, “Enhancing Forensic Analysis Using a Machine Learning-based Approach,” in 2023 6th International Conference on Advanced Communication Technologies and Networking (CommNet), 2023, pp. 1–6. doi: 10.1109/CommNet60167.2023.10365260.
A. Sreekumar, R. V Jayaram, and H. N. A.G, “Weapons and Related Object Classification in Digital Forensic Using Machine Learning,” in 2023 14th International Conference on Computing Communication and Networking Technologies (ICCCNT), 2023, pp. 1–5. doi: 10.1109/ICCCNT56998.2023.10307988.
S. U. Qureshi et al., “Systematic review of deep learning solutions for malware detection and forensic analysis in IoT,” J. King Saud Univ. Inf. Sci., p. 102164, 2024.
M. M. Alshabibi, A. K. Bu dookhi, and M. M. Hafizur Rahman, “Forensic Investigation, Challenges, and Issues of Cloud Data: A Systematic Literature Review,” Computers, vol. 13, no. 8, p. 213, 2024.
D. L. Bhatt et al., “A controlled trial of renal denervation for resistant hypertension,” N. Engl. J. Med., vol. 370, no. 15, pp. 1393–1401, 2014.
Z. F. Hapsah and M. I. P. Nasution, “ANALISIS TINGKAT KEAMANAN DATA PERUSAHAAN YANG RENTAN TERHADAP SERANGAN CYBER DALAM SISTEM INFORMASI MANAJEMEN,” WANARGI J. Manaj. Dan Akunt., vol. 1, no. 2, pp. 338–343, 2024.
A. P. Kehista et al., “Analisis Keamanan Data Pribadi pada Pengguna E-Commerce: Ancaman, Risiko, Strategi Kemanan (Literature Review),” J. Ilmu Manaj. Terap., vol. 4, no. 5, pp. 625–632, 2023.
L. F. Sikos, “Packet analysis for network forensics: A comprehensive survey,” Forensic Sci. Int. Digit. Investig., vol. 32, p. 200892, 2020.
A. AL-Hawamleh, “Cyber resilience framework: Strengthening defenses and enhancing continuity in business security,” Int. J. Comput. Digit. Syst., vol. 15, no. 1, pp. 1315–1331, 2024.
G. Horsman, “Digital evidence strategies for digital forensic science examinations,” Sci. Justice, vol. 63, no. 1, pp. 116–126, 2023.
M. Zhang, “Forensic imaging: a powerful tool in modern forensic investigation,” Forensic Sci. Res., vol. 7, no. 3, pp. 385–392, 2022.
I. H. Sarker, “Machine learning for intelligent data analysis and automation in cybersecurity: current and future prospects,” Ann. Data Sci., vol. 10, no. 6, pp. 1473–1498, 2023.
C. S. Bojer and J. P. Meldgaard, “Kaggle forecasting competitions: An overlooked learning opportunity,” Int. J. Forecast., vol. 37, no. 2, pp. 587–603, 2021.
P. Dhawas, A. Dhore, D. Bhagat, R. D. Pawar, A. Kukade, and K. Kalbande, “Big Data Preprocessing, Techniques, Integration, Transformation, Normalisation, Cleaning, Discretization, and Binning,” in Big Data Analytics Techniques for Market Intelligence, IGI Global, 2024, pp. 159–182.
R. Blanquero, E. Carrizosa, P. Ramírez-Cobo, and M. R. Sillero-Denamiel, “Variable selection for Naïve Bayes classification,” Comput. Oper. Res., vol. 135, p. 105456, 2021.
N. Jeffrey, Q. Tan, and J. R. Villar, “A review of anomaly detection strategies to detect threats to cyber-physical systems,” Electronics, vol. 12, no. 15, p. 3283, 2023.
