%0 Conference Proceedings
%T Interactive Temporal Digital Forensic Event Analysis
%+ Air Force Institute of Technology
%A Adderley, Nikolai
%A Peterson, Gilbert
%Z Part 2: Forensic Techniques
%< avec comité de lecture
%( IFIP Advances in Information and Communication Technology
%B 16th IFIP International Conference on Digital Forensics (DigitalForensics)
%C New Delhi, India
%Y Gilbert Peterson
%Y Sujeet Shenoi
%I Springer International Publishing
%3 Advances in Digital Forensics XVI
%V AICT-589
%P 39-55
%8 2020-01-06
%D 2020
%R 10.1007/978-3-030-56223-6_3
%K Automated event reconstruction
%K information visualization
%Z Computer Science [cs]Conference papers
%X Current digital forensic tools and applications lack the capability to visually present high-level system events and their associated low-level traces in a user interpretable form. This chapter describes the Temporal Analysis Integration Management Application (TAIMA), an interactive graphical user interface that renders graph-based information visualizations for digital forensic event reconstruction. By leveraging correlation and abstraction as core functions, TAIMA reduces the manual, labor-intensive efforts needed to conduct timeline analyses during digital forensic examinations. A pilot usability study conducted to evaluate TAIMA supports the claim that correlation and abstraction of low-level events into high-level system events can enhance digital forensic examinations.
%G English
%Z TC 11
%Z WG 11.9
%2 https://inria.hal.science/hal-03657234/document
%2 https://inria.hal.science/hal-03657234/file/503209_1_En_3_Chapter.pdf
%L hal-03657234
%U https://inria.hal.science/hal-03657234
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-AICT
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-DF
%~ IFIP-WG11-9
%~ IFIP-AICT-589