An Automated Log Analyzer for Digital Forensics Investigation

Main Article Content

มงคล พิรารักษ์
ศุภกร กังพิศดาร


- In this paper, we propose a study and development of an automated log analyzer in order to acquire critical evidence of crime and find potential suspects. We analyze several existingnetwork forensics models and propose a new model for automated log analyzer that can provide andsummarize necessary evidence. We create a prototype of the proposed model. The results of ourimplementation show that the proposed model can assist users analyze and report evidence for forensics investigation.

Article Details

How to Cite
พิรารักษ์ ม. and กังพิศดาร ศ., “An Automated Log Analyzer for Digital Forensics Investigation”, JIST, vol. 2, no. 1, pp. 31–40, Jun. 2011.
Research Article: Soft Computing (Detail in Scope of Journal)


1. E. S. Pilli, R. C. Joshi, and R. Niyogi. Network Forensic Framework: Survey and Research Challenges. Digital Investigation (2010), doi:10.1016/j.diin.2010.02.003..

2. C. Lin, L. Zhitang, and G. Cuixia. Automated Analysis of Multi-source Logs for Network Forensics. 2009 First International Workshop on Education Technology and Computer Science.

3. B. J. Nikkel. Generalizing Sources of Live Network Evidence. Digital Investigation (2005) 2, 193-200..

4. Bruce J. Nikkel. A portable network forensic evidence collector. Digital investigation (2006) 3, 127–135.

5. Hou Ming, Shen LiZhong. A New System Design of Network Invastion Forensics. 2009 Second International Conference on Computer and Electrical Engineering.

6. ณัฐพล กิตติรุ่งเรือง, พงษ์สุรีย์ ลิTมมณีวิจิตร, ศุภกรกังพิศดาร.การออกแบบและพัฒนาล็อคเซิร์ฟเวอร์สำหรับระบบปฎิบัติการวินโดวส์

7. Tcpdump,

8. Wireshark,

9. pads,

10. Sebek,

11. ntop,

12. P0f,

13. Bro,

14. Snort,

15. TCPFlow,

16. NfDump,

17. TCPReplay,

18. Flow-tools,

19. AES (Advanced Encryption Standard),

20. SHA-1,

21. Base64,