I am A MSc student in Brazil and my research is related to computer forensics. I am particularly interested in automation of the examination process, I mean the use of some techniques (Bayesian reasoning e.g.) to automate the process of information gathering, search for evidences among the information colected and correlation of the evidences found. There are ongoing efforts in this way. ICE (Intelligent Correlation of Evidence) is a tool reviewed in the paper of T. Goan, "A Cop on the Beat: Collecting and Appraising Intrusion Evidence", and I quite sure that there are others. So could you point me some references about ICE and other tools or researches related to automated analysis of computer evidence ? Thanks in advance. Best regards, Marcelo Abdalla dos Reis System Administration and Security Laboratory (LAS) Institute of Computing State University of Campinas (UNICAMP) 1251 Av. Albert Einstein, PB 6176 Campinas SP Brazil 13084-971 Phone +55 19 3788-5857 E-mail marcelo.reisat_private ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Apr 24 2002 - 20:29:07 PDT