Artificial immune intelligence-inspired dynamic real-time computer forensics model

Zairong Wang; Xuan Tang; Haohuai Liu; Lingxi Peng; Zairong Wang; Xuan Tang; Haohuai Liu; Lingxi Peng

doi:10.3934/mbe.2020370

Mathematical Biosciences and Engineering

2020, Volume 17, Issue 6: 7221-7233. doi: 10.3934/mbe.2020370

Previous Article Next Article

Research article

Artificial immune intelligence-inspired dynamic real-time computer forensics model

1.
Data Recovery Key Laboratory of Sichuan Province, School of Computer Science, Neijiang Normal University, Sichuan 641100, China
2.
School of Administration, Guangzhou University, Guangzhou 510006, China
3.
School of Chemistry, Guangzhou University, Guangzhou 510006, China
4.
School of Mechanical and Electrical Engineering, Guangzhou University, Guangzhou 510006, China

Received: 02 July 2020 Accepted: 12 October 2020 Published: 22 October 2020

Dynamic computer forensics is a popular area in computer forensics that combines network intrusion technology with computer forensics technology. A novel dynamic computer forensics model is proposed based on an artificial immune system. Simulating the artificial immune mechanism, the definitions of self, non-self, and immunocyte in the network transactions are given. Then, detailed evolution processes for immature detectors, mature detectors, and memory detectors are given. Real-time network risk evaluation equations are constructed, which can compute the risk of each type of network attack. Finally, computer forensics is accomplished according to the real-time network risk. The immune cells dynamically capture the real-time computer system status of the invading antigen, including CPU utilization, memory utilization, network bandwidth utilization status, etc. Theoretical analysis and comparative experimental results demonstrate that the proposed model improves the real-time efficiency and performance with low technical requirements for technicians compared with existing models.
- network security,
- computer forensics,
- artificial immune system
Citation: Zairong Wang, Xuan Tang, Haohuai Liu, Lingxi Peng. Artificial immune intelligence-inspired dynamic real-time computer forensics model[J]. Mathematical Biosciences and Engineering, 2020, 17(6): 7221-7233. doi: 10.3934/mbe.2020370

Related Papers:

Abstract

Dynamic computer forensics is a popular area in computer forensics that combines network intrusion technology with computer forensics technology. A novel dynamic computer forensics model is proposed based on an artificial immune system. Simulating the artificial immune mechanism, the definitions of self, non-self, and immunocyte in the network transactions are given. Then, detailed evolution processes for immature detectors, mature detectors, and memory detectors are given. Real-time network risk evaluation equations are constructed, which can compute the risk of each type of network attack. Finally, computer forensics is accomplished according to the real-time network risk. The immune cells dynamically capture the real-time computer system status of the invading antigen, including CPU utilization, memory utilization, network bandwidth utilization status, etc. Theoretical analysis and comparative experimental results demonstrate that the proposed model improves the real-time efficiency and performance with low technical requirements for technicians compared with existing models.

References

[1]	L. Peng, Q. Zhang, Dynamically real-time computer forensics paradiam with immune, International Conference on Signal Processing (ICSP), 2014.
[2]	L. Wang, H. Qian, Computer Forensics and Its Future Trend, J. Software, 14 (2003), 1635-1644.
[3]	E. S. Pilli, R. C. Joshi, R. Niyogi, Network forensic frameworks: Survey and research challenges, Digital Invest., 7 (2010), 14-27. doi: 10.1016/j.diin.2010.02.003
[4]	J. Ding, X. Liu, T. Li, S. Yang, P. Yang, Dynamic Computer Forensics Based on Artificial Immune System Against Network Intrusion, J. Sichuan Univ. (Eng. Sci. Edition), 36 (2004), 108-111.
[5]	H. Pi, Electronic data forensics in the age of Internet of everything, Chin. Inf. Secur., 5 (2019), 71-73.
[6]	S. Hosseini, A. Jahangir, M. Kazemi, Digesting Network Traffic for Forensic Investigation Using Digital Signal Processing Techniques, IEEE Trans. Inf. Forensics Secur., 14 (2019), 3312-3321. doi: 10.1109/TIFS.2019.2915190
[7]	T. Abu, Testing closed source software: computer forensic tool case study, J. Comput. Virol. Hack. Tech., 14 (2018), 167-179. doi: 10.1007/s11416-017-0302-x
[8]	M. Asim, D. R. Mckinnel, A. Dehghantanha, R. M. Parizi, G. Epiphaniou, Big data forensics: Hadoop distributed file systems as a case study, in Handbook of Big Data and IoT Security, Springer, (2019), 179-210.
[9]	J. Park. Trede and VMPOP: Cultivating multi-purpose datasets for digital forensics - A Windows registry corpus as an example, Digit. Invest., 26 (2018), 3-18.
[10]	Y. Teing, A. Dehghantanha, K. R. Choo, CloudMe forensics: A case of big data forensic investigation, Concurr. Comp-Pract. E., 30 (2017), 1-12.
[11]	J. Zeng, X. Liu, T. Li, C. Liu, L. Peng, F. Sun, A self-adaptive negative selection algorithm used for anomaly detection, Prog. Nat. Sci., 19 (2009), 261-266. doi: 10.1016/j.pnsc.2008.06.008
[12]	L. Peng, D. Xie, Y. Fu, W. Xiong, Y. Shen, Automated intrusion response system model based on danger theory, J. Commun., 33 (2012), 136-144.
[13]	H. Deng, L. Peng, J. Zhang, C. Tang, H. Fang, H. Liu, An intelligent aerator algorithm inspired-by deep learning, Math. Biosci. Eng., 16 (2019), 2990-3002. doi: 10.3934/mbe.2019148
[14]	C. Liang, L. Peng, An Automated Diagnosis System of Liver Disease using Artificial Immune and Genetic Algorithms, J. Med. Syst., 37 (2013), 9932.
[15]	T. Li, An immune based model for network monitoring, Chin. J. Comput., 29 (2006), 1515-1522.
[16]	J. Yang, T. Li, S. Liu, T. Wang, D. Wang, G. Liang, Computer Forensics System Based on Artificial Immune Systems, J. Univers. Comput. Sci., 13 (2007), 1354-1365.
[17]	S. Forrest, A. S. Perelson, L. Allen, R. Cherukuri, Self-Nonself Discrimination in a Computer, in IEEE Computer Society Symposium on Research in Security and Privacy, IEEE Computer Society Press, (2002), 202-212.
[18]	M. Wojciech, C. Luca, W. Steffen, Recent Advancements in Digital Forensics, IEEE Secur. Priv., 15 (2017), 10-11.
[19]	Y. Qi, Computer Real-Time Location Forensics Method for Network Intrusion Crimes, Int. J. Network Secur., 21 (2019), 530-535.
[20]	J. dos Santos Almeida1, L. de Santana Nascimento, D. A. M. José, Computer Forensics: A Linux Case Study Applied to Pedophilia Crime Investigation in Brazil, Int. J. CyberSecur. Digit. Foren, 8 (2019), 31-42.
[21]	A. Flora, C. Aniello, C. Giovanni, N. Fabio, A semantic-based methodology for digital forensics analysis, J. Parallel Distr. Comput., 2020 (2020), 172-177.
[22]	S. Hofmeyr, S. Forrest, Architecture for an artificial immune system, Evol. Comput., 8 (2000), 443-473. doi: 10.1162/106365600568257
[23]	J. Ding, An Extended Immune-Based Model for Computer Forensics, Proceedings of the 2008 International Conference on Computer Science and Software Engineering, 2009.

Reader Comments

Your name:*

Email:*
© 2020 the Author(s), licensee AIMS Press. This is an open access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0)