| In a cyber crime investigation, investigators often have to examine and analyze log files. Due to the lack of standard format, they follow their own arbitrary formats which present a formidable challenge and complexity to analysis. Additionally, with these log files containing a huge number of log entries, it is difficult to extract and analyze the relevant evidential information efficiently and reliably. Since each log contains only a little information, a fragment of the whole, it is particularly beneficial for investigators to examine logs together. Visualization allows the investigator to correlate the information, see the patterns, and gain insight into the events under examination.This thesis provides the detailed design and implementation of FLI (Forensic Log Investigator). FLI is a powerful, advanced analysis and visualization tool built upon an enterprise infrastructure and the latest technologies to help computer forensics practitioners carry out investigations and perform analysis efficiently and effectively. |
PDF Full Text Request