Sentiment Analysis in a Forensic Timeline With Deep Learning
A forensic investigator creates a timeline from a forensic disk image after an occurrence of a security incident. This procedure aims to acquire the time for all events identified from the investigated artifacts. An investigator usually looks for events of interest by manually searching the timeline...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2020-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/9047947/ |
| _version_ | 1818428223032131584 |
|---|---|
| author | Hudan Studiawan Ferdous Sohel Christian Payne |
| author_facet | Hudan Studiawan Ferdous Sohel Christian Payne |
| author_sort | Hudan Studiawan |
| collection | DOAJ |
| description | A forensic investigator creates a timeline from a forensic disk image after an occurrence of a security incident. This procedure aims to acquire the time for all events identified from the investigated artifacts. An investigator usually looks for events of interest by manually searching the timeline. One of the sources from which to build a timeline is log files, and these events are often found in log messages. In this paper, we propose a sentiment analysis technique to automatically extract events of interest from log messages in the forensic timeline. We use a deep learning technique with a context and content attention model to identify aspect terms and the corresponding sentiments in the forensic timeline. Terms with negative sentiments indicate events of interest and are highlighted in the timeline. Therefore, the investigator can quickly examine the events and other activities recorded within the surrounding time frame. Experimental results on four public forensic case studies show that the proposed method achieves 98.43% and 99.64% for the F1 score and accuracy, respectively. |
| first_indexed | 2024-12-14T14:58:12Z |
| format | Article |
| id | doaj.art-f6e41c66aa7c4b09a5d7a38dd66d3a2b |
| institution | Directory Open Access Journal |
| issn | 2169-3536 |
| language | English |
| last_indexed | 2024-12-14T14:58:12Z |
| publishDate | 2020-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj.art-f6e41c66aa7c4b09a5d7a38dd66d3a2b2022-12-21T22:56:56ZengIEEEIEEE Access2169-35362020-01-018606646067510.1109/ACCESS.2020.29834359047947Sentiment Analysis in a Forensic Timeline With Deep LearningHudan Studiawan0https://orcid.org/0000-0002-8884-6208Ferdous Sohel1https://orcid.org/0000-0003-1557-4907Christian Payne2College of Science, Health, Engineering, and Education, Murdoch University, Perth, WA, AustraliaCollege of Science, Health, Engineering, and Education, Murdoch University, Perth, WA, AustraliaCollege of Science, Health, Engineering, and Education, Murdoch University, Perth, WA, AustraliaA forensic investigator creates a timeline from a forensic disk image after an occurrence of a security incident. This procedure aims to acquire the time for all events identified from the investigated artifacts. An investigator usually looks for events of interest by manually searching the timeline. One of the sources from which to build a timeline is log files, and these events are often found in log messages. In this paper, we propose a sentiment analysis technique to automatically extract events of interest from log messages in the forensic timeline. We use a deep learning technique with a context and content attention model to identify aspect terms and the corresponding sentiments in the forensic timeline. Terms with negative sentiments indicate events of interest and are highlighted in the timeline. Therefore, the investigator can quickly examine the events and other activities recorded within the surrounding time frame. Experimental results on four public forensic case studies show that the proposed method achieves 98.43% and 99.64% for the F1 score and accuracy, respectively.https://ieeexplore.ieee.org/document/9047947/Forensic timelinedeep learningcontext attentioncontent attentionsentiment analysisevent logs |
| spellingShingle | Hudan Studiawan Ferdous Sohel Christian Payne Sentiment Analysis in a Forensic Timeline With Deep Learning IEEE Access Forensic timeline deep learning context attention content attention sentiment analysis event logs |
| title | Sentiment Analysis in a Forensic Timeline With Deep Learning |
| title_full | Sentiment Analysis in a Forensic Timeline With Deep Learning |
| title_fullStr | Sentiment Analysis in a Forensic Timeline With Deep Learning |
| title_full_unstemmed | Sentiment Analysis in a Forensic Timeline With Deep Learning |
| title_short | Sentiment Analysis in a Forensic Timeline With Deep Learning |
| title_sort | sentiment analysis in a forensic timeline with deep learning |
| topic | Forensic timeline deep learning context attention content attention sentiment analysis event logs |
| url | https://ieeexplore.ieee.org/document/9047947/ |
| work_keys_str_mv | AT hudanstudiawan sentimentanalysisinaforensictimelinewithdeeplearning AT ferdoussohel sentimentanalysisinaforensictimelinewithdeeplearning AT christianpayne sentimentanalysisinaforensictimelinewithdeeplearning |