Skip to main content
SpringerLink
Log in

Automated Abduction for Computer Forensics

  • Conference paper
Autonomic and Trusted Computing (ATC 2006)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 4158))

Included in the following conference series:

  • 783 Accesses

Abstract

This paper describes a diagnostic system designed to aid an investigator to determine how a computer intrusion was accomplished. This wants to be a decision support by figuring out how a hacker created an unauthorized computer account. The diagnostic of this system is based on automated abduction. Abduction is inference that begins with data describing some state and produces an explanation of the data. Since abduction is ampliative and plausible reasoning may not be correct. The plausibility of an explication depends on how much better it is than the alternatives, how good it is independent of the alternatives, how reliable the data is. Therefore, abduction is nonmonotonic. To solve the problem of intrusion we consider the relationship between abduction, default logic and circumscription.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Antoniou, G., Courtenay, A.P., Ernts, J., Williams, M.A.: A system for computing. In: Orłowska, E., Alferes, J.J., Moniz Pereira, L. (eds.) JELIA 1996. LNCS (LNAI), vol. 1126, pp. 237–250. Springer, Heidelberg (1996)

    Google Scholar 

  2. Breiman, L.: Bagging predictors. Machine Learning 26, 123–140 (1996)

    Google Scholar 

  3. Blake, C.L., Merz, C.J.: UCI repository of machine learning databases (1998) http://www.ics.uci.edu/~mlearn/MLRepository.html

  4. Bylander, T., Allemang, D., Tanner, M.C., Josephson, J.R.: The computational complexity of abduction. Artificial Intelligence 49, 25–60 (1991)

    Article  MATH  MathSciNet  Google Scholar 

  5. Domingo, P., Pazzani, M.: On the optimality of the simple bayesian classifier under zero-one loss. Machine Learning 29, 103–130 (1998)

    Article  Google Scholar 

  6. Muggleton, S.: Inverse entailement and Progol. New Gen. Comput. 13, 245–252 (1998)

    Article  MathSciNet  Google Scholar 

  7. Muggleton, S., Firth, J.: CProgol4.4: a tutorial introduction. Report of Departement of Computer Science, University of York

    Google Scholar 

  8. Muggleton, S.: Stochastic logic Programs. In: Advances in Inductive Logic Programming. IOS Press, Amsterdam (1995)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LAAS-CNRS UPR 8001, Avenue du Colonel Roche, 31007, Toulouse, France

    Andrei Doncescu

  2. National Institute of Informatics, 2-1-2 Hitotsubashi, Chiyoda-ku, Tokyo, 101-8430, Japan

    Katsumi Inoue

Authors
  1. Andrei Doncescu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Katsumi Inoue
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, St. Francis Xavier University, Antigonish, Canada

    Laurence T. Yang

  2. Services Computing Technology and System Lab Cluster and Grid Computing Lab School of Computer Science and Technology, Huazhong University of Science and Technology, 430074, Wuhan, China

    Hai Jin

  3. Hosei University, 184-8584, Tokyo, Japan

    Jianhua Ma

  4. Department of Computer Science, University of Augsburg, 86135, Augsburg, Germany

    Theo Ungerer

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Doncescu, A., Inoue, K. (2006). Automated Abduction for Computer Forensics. In: Yang, L.T., Jin, H., Ma, J., Ungerer, T. (eds) Autonomic and Trusted Computing. ATC 2006. Lecture Notes in Computer Science, vol 4158. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11839569_48

Download citation

  • DOI: https://doi.org/10.1007/11839569_48

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-38619-3

  • Online ISBN: 978-3-540-38622-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation