FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W2104912789> ?p ?o ?g. }

• W2104912789 abstract "In a digital forensics investigation, log files can be used as a form of evidence by reconstructing timelines of the computer system events recorded in log files. Log files can come from a variety of sources, each of which may make use of proprietary log file formats (Pasquinucci, 2007). In addition, the large volume of information to be filtered through can make the job of forensic examination a difficult and time consuming task.The aim of this thesis is to explore methods of logging and displaying event information which is gathered from computer systems, specifically in relation to the collection, correlation and presentation of log information. By means of a literature review, it has been found that by correlating and storing log information in a central log database it should be possible to construct a system which can access this information and present it in the form of a timeline to the investigator. The important contribution that visualisation techniques can bring to log analysis applications has been made by Marty (2008, p.5) by stating that “a picture is worth a thousand log records”.A prototype system has been produced which makes use of the latest technologies to enhance current methods of displaying log data, such as those employed by the Microsoft Windows Event Viewer. The prototype system, developed using a rapid prototyping methodology, separates the log management process into collection, correlation and storage, and presentation. Through use of a standard XML log format and central storage of log information in a Microsoft SQL Server 2008 database, the prototype aims to overcome the issue of proprietary log formats and the difficulty in correlating data obtained from different sources. A log and timeline viewer application has been developed using C#, Windows Presentation Foundation and .NET Framework technologies, enabling the digital forensics investigator to filter event records and visualise timelines of events by means of bar, line and scatter charts.Through the means of user evaluation it has been found that the prototype system improves upon the Microsoft Windows Event Viewer from overview and filtering perspectives. By means of technical experimentation, it has been found that there are scalability issues with the way in which the prototype system imports log information contained within XML files, into the database component. The time taken to import log records, of various sizes, into the database was measured. It was found that for files larger than 2MB, the time taken was longer than two users, of the seven who gave feedback on of the system, would be prepared to wait. Further development into the visualisation of timelines has been suggested as the prototype system is somewhat limited in its ability to provide details of the links between digital" @default.
• W2104912789 created "2016-06-24" @default.
• W2104912789 creator A5053161005 @default.
• W2104912789 date "2009-11-01" @default.
• W2104912789 modified "2023-09-27" @default.
• W2104912789 title "Enhanced event time-lining for digital forensic systems." @default.
• W2104912789 cites W1536432326 @default.
• W2104912789 cites W1536954562 @default.
• W2104912789 cites W1969563890 @default.
• W2104912789 cites W1992004895 @default.
• W2104912789 cites W2010054418 @default.
• W2104912789 cites W2013419333 @default.
• W2104912789 cites W2033910100 @default.
• W2104912789 cites W2042750133 @default.
• W2104912789 cites W2135964411 @default.
• W2104912789 cites W2138199375 @default.
• W2104912789 cites W2153463096 @default.
• W2104912789 cites W1506502519 @default.
• W2104912789 hasPublicationYear "2009" @default.
• W2104912789 type Work @default.
• W2104912789 sameAs 2104912789 @default.
• W2104912789 citedByCount "0" @default.
• W2104912789 crossrefType "journal-article" @default.
• W2104912789 hasAuthorship W2104912789A5053161005 @default.
• W2104912789 hasConcept C104352257 @default.
• W2104912789 hasConcept C105795698 @default.
• W2104912789 hasConcept C110875604 @default.
• W2104912789 hasConcept C11392498 @default.
• W2104912789 hasConcept C121332964 @default.
• W2104912789 hasConcept C136764020 @default.
• W2104912789 hasConcept C173576120 @default.
• W2104912789 hasConcept C2212953 @default.
• W2104912789 hasConcept C2779662365 @default.
• W2104912789 hasConcept C33923547 @default.
• W2104912789 hasConcept C41008148 @default.
• W2104912789 hasConcept C4438859 @default.
• W2104912789 hasConcept C62520636 @default.
• W2104912789 hasConcept C75949130 @default.
• W2104912789 hasConcept C77088390 @default.
• W2104912789 hasConceptScore W2104912789C104352257 @default.
• W2104912789 hasConceptScore W2104912789C105795698 @default.
• W2104912789 hasConceptScore W2104912789C110875604 @default.
• W2104912789 hasConceptScore W2104912789C11392498 @default.
• W2104912789 hasConceptScore W2104912789C121332964 @default.
• W2104912789 hasConceptScore W2104912789C136764020 @default.
• W2104912789 hasConceptScore W2104912789C173576120 @default.
• W2104912789 hasConceptScore W2104912789C2212953 @default.
• W2104912789 hasConceptScore W2104912789C2779662365 @default.
• W2104912789 hasConceptScore W2104912789C33923547 @default.
• W2104912789 hasConceptScore W2104912789C41008148 @default.
• W2104912789 hasConceptScore W2104912789C4438859 @default.
• W2104912789 hasConceptScore W2104912789C62520636 @default.
• W2104912789 hasConceptScore W2104912789C75949130 @default.
• W2104912789 hasConceptScore W2104912789C77088390 @default.
• W2104912789 hasLocation W21049127891 @default.
• W2104912789 hasOpenAccess W2104912789 @default.
• W2104912789 hasPrimaryLocation W21049127891 @default.
• W2104912789 hasRelatedWork W1480663702 @default.
• W2104912789 hasRelatedWork W17913618 @default.
• W2104912789 hasRelatedWork W1831006444 @default.
• W2104912789 hasRelatedWork W1897192510 @default.
• W2104912789 hasRelatedWork W1992388463 @default.
• W2104912789 hasRelatedWork W1999338594 @default.
• W2104912789 hasRelatedWork W2008171975 @default.
• W2104912789 hasRelatedWork W2073203292 @default.
• W2104912789 hasRelatedWork W2095163029 @default.
• W2104912789 hasRelatedWork W2144134691 @default.
• W2104912789 hasRelatedWork W2353467955 @default.
• W2104912789 hasRelatedWork W2369519656 @default.
• W2104912789 hasRelatedWork W2741435508 @default.
• W2104912789 hasRelatedWork W3098593142 @default.
• W2104912789 hasRelatedWork W2157742032 @default.
• W2104912789 hasRelatedWork W2414196711 @default.
• W2104912789 hasRelatedWork W2548534107 @default.
• W2104912789 hasRelatedWork W2602808062 @default.
• W2104912789 hasRelatedWork W2751541250 @default.
• W2104912789 hasRelatedWork W2847601029 @default.
• W2104912789 isParatext "false" @default.
• W2104912789 isRetracted "false" @default.
• W2104912789 magId "2104912789" @default.
• W2104912789 workType "article" @default.