%0 Conference Proceedings
%T Identifying Malware Using Cross-Evidence Correlation
%+ Accenture [Oslo]
%+ Norwegian Information Security Laboratory
%+ Enterprise Security and Connectivity, laboratory
%A Flaglien, Anders
%A Franke, Katrin
%A Arnes, Andre
%Z Part 3: FRAUD AND MALWARE INVESTIGATIONS
%< avec comité de lecture
%( IFIP Advances in Information and Communication Technology
%B 7th Digital Forensics (DF)
%C Orlando, FL, United States
%Y Gilbert Peterson
%Y Sujeet Shenoi
%I Springer
%3 Advances in Digital Forensics VII
%V AICT-361
%P 169-182
%8 2011-01-31
%D 2011
%R 10.1007/978-3-642-24212-0_13
%K Botnets
%K malware detection
%K link mining
%K evidence correlation
%Z Computer Science [cs]Conference papers
%X This paper proposes a new correlation method for the automatic identification of malware traces across multiple computers. The method supports forensic investigations by efficiently identifying patterns in large, complex datasets using link mining techniques. Digital forensic processes are followed to ensure evidence integrity and chain of custody.
%G English
%Z TC 11
%Z WG 11.9
%2 https://inria.hal.science/hal-01569545/document
%2 https://inria.hal.science/hal-01569545/file/978-3-642-24212-0_13_Chapter.pdf
%L hal-01569545
%U https://inria.hal.science/hal-01569545
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-AICT
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-DF
%~ IFIP-WG11-9
%~ IFIP-AICT-361