Research article

Artificial immune intelligence-inspired dynamic real-time computer forensics model

  • Received: 02 July 2020 Accepted: 12 October 2020 Published: 22 October 2020
  • Dynamic computer forensics is a popular area in computer forensics that combines network intrusion technology with computer forensics technology. A novel dynamic computer forensics model is proposed based on an artificial immune system. Simulating the artificial immune mechanism, the definitions of self, non-self, and immunocyte in the network transactions are given. Then, detailed evolution processes for immature detectors, mature detectors, and memory detectors are given. Real-time network risk evaluation equations are constructed, which can compute the risk of each type of network attack. Finally, computer forensics is accomplished according to the real-time network risk. The immune cells dynamically capture the real-time computer system status of the invading antigen, including CPU utilization, memory utilization, network bandwidth utilization status, etc. Theoretical analysis and comparative experimental results demonstrate that the proposed model improves the real-time efficiency and performance with low technical requirements for technicians compared with existing models.

    Citation: Zairong Wang, Xuan Tang, Haohuai Liu, Lingxi Peng. Artificial immune intelligence-inspired dynamic real-time computer forensics model[J]. Mathematical Biosciences and Engineering, 2020, 17(6): 7221-7233. doi: 10.3934/mbe.2020370

    Related Papers:

  • Dynamic computer forensics is a popular area in computer forensics that combines network intrusion technology with computer forensics technology. A novel dynamic computer forensics model is proposed based on an artificial immune system. Simulating the artificial immune mechanism, the definitions of self, non-self, and immunocyte in the network transactions are given. Then, detailed evolution processes for immature detectors, mature detectors, and memory detectors are given. Real-time network risk evaluation equations are constructed, which can compute the risk of each type of network attack. Finally, computer forensics is accomplished according to the real-time network risk. The immune cells dynamically capture the real-time computer system status of the invading antigen, including CPU utilization, memory utilization, network bandwidth utilization status, etc. Theoretical analysis and comparative experimental results demonstrate that the proposed model improves the real-time efficiency and performance with low technical requirements for technicians compared with existing models.


    加载中


    [1] L. Peng, Q. Zhang, Dynamically real-time computer forensics paradiam with immune, International Conference on Signal Processing (ICSP), 2014.
    [2] L. Wang, H. Qian, Computer Forensics and Its Future Trend, J. Software, 14 (2003), 1635-1644.
    [3] E. S. Pilli, R. C. Joshi, R. Niyogi, Network forensic frameworks: Survey and research challenges, Digital Invest., 7 (2010), 14-27. doi: 10.1016/j.diin.2010.02.003
    [4] J. Ding, X. Liu, T. Li, S. Yang, P. Yang, Dynamic Computer Forensics Based on Artificial Immune System Against Network Intrusion, J. Sichuan Univ. (Eng. Sci. Edition), 36 (2004), 108-111.
    [5] H. Pi, Electronic data forensics in the age of Internet of everything, Chin. Inf. Secur., 5 (2019), 71-73.
    [6] S. Hosseini, A. Jahangir, M. Kazemi, Digesting Network Traffic for Forensic Investigation Using Digital Signal Processing Techniques, IEEE Trans. Inf. Forensics Secur., 14 (2019), 3312-3321. doi: 10.1109/TIFS.2019.2915190
    [7] T. Abu, Testing closed source software: computer forensic tool case study, J. Comput. Virol. Hack. Tech., 14 (2018), 167-179. doi: 10.1007/s11416-017-0302-x
    [8] M. Asim, D. R. Mckinnel, A. Dehghantanha, R. M. Parizi, G. Epiphaniou, Big data forensics: Hadoop distributed file systems as a case study, in Handbook of Big Data and IoT Security, Springer, (2019), 179-210.
    [9] J. Park. Trede and VMPOP: Cultivating multi-purpose datasets for digital forensics - A Windows registry corpus as an example, Digit. Invest., 26 (2018), 3-18.
    [10] Y. Teing, A. Dehghantanha, K. R. Choo, CloudMe forensics: A case of big data forensic investigation, Concurr. Comp-Pract. E., 30 (2017), 1-12.
    [11] J. Zeng, X. Liu, T. Li, C. Liu, L. Peng, F. Sun, A self-adaptive negative selection algorithm used for anomaly detection, Prog. Nat. Sci., 19 (2009), 261-266. doi: 10.1016/j.pnsc.2008.06.008
    [12] L. Peng, D. Xie, Y. Fu, W. Xiong, Y. Shen, Automated intrusion response system model based on danger theory, J. Commun., 33 (2012), 136-144.
    [13] H. Deng, L. Peng, J. Zhang, C. Tang, H. Fang, H. Liu, An intelligent aerator algorithm inspired-by deep learning, Math. Biosci. Eng., 16 (2019), 2990-3002. doi: 10.3934/mbe.2019148
    [14] C. Liang, L. Peng, An Automated Diagnosis System of Liver Disease using Artificial Immune and Genetic Algorithms, J. Med. Syst., 37 (2013), 9932.
    [15] T. Li, An immune based model for network monitoring, Chin. J. Comput., 29 (2006), 1515-1522.
    [16] J. Yang, T. Li, S. Liu, T. Wang, D. Wang, G. Liang, Computer Forensics System Based on Artificial Immune Systems, J. Univers. Comput. Sci., 13 (2007), 1354-1365.
    [17] S. Forrest, A. S. Perelson, L. Allen, R. Cherukuri, Self-Nonself Discrimination in a Computer, in IEEE Computer Society Symposium on Research in Security and Privacy, IEEE Computer Society Press, (2002), 202-212.
    [18] M. Wojciech, C. Luca, W. Steffen, Recent Advancements in Digital Forensics, IEEE Secur. Priv., 15 (2017), 10-11.
    [19] Y. Qi, Computer Real-Time Location Forensics Method for Network Intrusion Crimes, Int. J. Network Secur., 21 (2019), 530-535.
    [20] J. dos Santos Almeida1, L. de Santana Nascimento, D. A. M. José, Computer Forensics: A Linux Case Study Applied to Pedophilia Crime Investigation in Brazil, Int. J. CyberSecur. Digit. Foren, 8 (2019), 31-42.
    [21] A. Flora, C. Aniello, C. Giovanni, N. Fabio, A semantic-based methodology for digital forensics analysis, J. Parallel Distr. Comput., 2020 (2020), 172-177.
    [22] S. Hofmeyr, S. Forrest, Architecture for an artificial immune system, Evol. Comput., 8 (2000), 443-473. doi: 10.1162/106365600568257
    [23] J. Ding, An Extended Immune-Based Model for Computer Forensics, Proceedings of the 2008 International Conference on Computer Science and Software Engineering, 2009.
  • Reader Comments
  • © 2020 the Author(s), licensee AIMS Press. This is an open access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0)
通讯作者: 陈斌, bchen63@163.com
  • 1. 

    沈阳化工大学材料科学与工程学院 沈阳 110142

  1. 本站搜索
  2. 百度学术搜索
  3. 万方数据库搜索
  4. CNKI搜索

Metrics

Article views(3318) PDF downloads(107) Cited by(3)

Article outline

Figures and Tables

Figures(5)  /  Tables(1)

Other Articles By Authors

/

DownLoad:  Full-Size Img  PowerPoint
Return
Return

Catalog