A formal logic-based language and an automated verification tool for computer forensic investigation

Authors:
Slim REKHIS;Noureddine BOUDRIGA
Affiliations:
University of Carthage, Tunisia;University of Carthage, Tunisia
Venue:
Proceedings of the 2005 ACM symposium on Applied computing
Year:
2005

Citing 5
Cited 1

An assumption-based TMS

Artificial Intelligence
The temporal logic of actions

ACM Transactions on Programming Languages and Systems (TOPLAS)
Specifying Systems: The TLA+ Language and Tools for Hardware and Software Engineers

Specifying Systems: The TLA+ Language and Tools for Hardware and Software Engineers
Automated Analysis for Digital Forensic Science: Semantic Integrity Checking

ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
A model based reasoning approach for generating plausible crime scenarios from evidence

ICAIL '03 Proceedings of the 9th international conference on Artificial intelligence and law

A temporal logic-based model for forensic investigation in networked system security

MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper, a formal logic-based language, called S-TLA+, is proposed for computer forensic investigation. It allows an unambiguous description of evidences, a modeling of the forensic expert knowledge in the form of hacking scenarios fragments, and a reasoning capability with uncertainty by filling in potential lack of data with hypotheses. The proposal is complemented by an automated formal verification tool, called S-TLC which helps exploring additional evidences and checks whether there are plausible hacking scenarios that meet the available evidences.