{"id":3164,"date":"2023-07-01T00:00:51","date_gmt":"2023-06-30T22:00:51","guid":{"rendered":"https:\/\/cyberawareness.sk\/?p=3164"},"modified":"2024-11-16T00:59:55","modified_gmt":"2024-11-15T23:59:55","slug":"identifikacia-podozrivych-forenznych-artefaktov","status":"publish","type":"post","link":"https:\/\/cyberawareness.sk\/en\/2023\/07\/01\/identifikacia-podozrivych-forenznych-artefaktov\/","title":{"rendered":"Identifik\u00e1cia podozriv\u00fdch forenzn\u00fdch artefaktov"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"3164\" class=\"elementor elementor-3164\">\n\t\t\t\t<div class=\"elementor-element elementor-element-fa18013 e-flex e-con-boxed e-con e-parent\" data-id=\"fa18013\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-6e108e7 e-flex e-con-boxed e-con e-child\" data-id=\"6e108e7\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-749fbad elementor-widget elementor-widget-ucaddon_square_icon_box\" data-id=\"749fbad\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"ucaddon_square_icon_box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\n<!-- start Icon Box -->\n\t\t<link id='font-awesome-css' href='https:\/\/cyberawareness.sk\/wp-content\/plugins\/unlimited-elements-for-elementor\/assets_libraries\/font-awesome6\/fontawesome-all.min.css' type='text\/css' rel='stylesheet' >\n\t\t<link id='font-awesome-4-shim-css' href='https:\/\/cyberawareness.sk\/wp-content\/plugins\/unlimited-elements-for-elementor\/assets_libraries\/font-awesome6\/fontawesome-v4-shims.min.css' type='text\/css' rel='stylesheet' >\n\t\t<link id='uc_ac_assets_file_blox_boxed_small_square_icon_box_css_0-css' href='https:\/\/cyberawareness.sk\/wp-content\/uploads\/ac_assets\/blox-boxed-small-square-icon-box\/blox-boxed-small-square-icon-box.css' type='text\/css' rel='stylesheet' >\n\n<style>\/* widget: Icon Box *\/\n\n#uc_square_icon_box_elementor_749fbad * { \n\tbox-sizing: border-box; \n}\n\n#uc_square_icon_box_elementor_749fbad{\n\tfont-family: inherit;\n    transition:0.3s;\n    position:relative;\n}\n\n#uc_square_icon_box_elementor_749fbad .blox-boxed-small-square-icon-box-icon{\n\t\n\tposition:relative;\n    display:flex;\n    justify-content:center;\n    align-items:center;\n    transform:rotate(0deg);\n    z-index:2;\n}\n#uc_square_icon_box_elementor_749fbad .ue-icon {\n  display:inline-block;\n}\n#uc_square_icon_box_elementor_749fbad .blox-boxed-small-square-icon-box-icon > div{\n\t\n\tposition:relative;\n    display:flex;\n    justify-content:center;\n    align-items:center;\n    transform:rotate(-0deg);\n}\n#uc_square_icon_box_elementor_749fbad .ue-icon-inner{\n    line-height:1em;\n\t} \t\n\n\n#uc_square_icon_box_elementor_749fbad .ue-icon-inner svg{\n    height:1em;\n    width:1em;\n\t} \t\n\t\n.blox-boxed-small-square-icon-box-heading{\n\tfont-size:21px;\n\t}\n\n\n#uc_square_icon_box_elementor_749fbad:hover\n{\n  position:relative;\n  z-index:1;\n}\n\n\n#uc_square_icon_box_elementor_749fbad .ue_box_button\n{\n  text-align:center;\n  text-decoration:none;\n  display:inline-block;\n  transition:0.3s;\n}\n\n\n#uc_square_icon_box_elementor_749fbad span.line\n{\n  display:block;\n  position:absolute;\n  top:0;\n  left:0;\n  width:0px;\n  transition:0.3s;\n}\n\n#uc_square_icon_box_elementor_749fbad:hover span.line\n{\n  width:100%;\n}\n\n#uc_square_icon_box_elementor_749fbad .ue-title-separator span\n{\n  display:inline-block;\n  transition:0.3s;\n}\n\n\n\n\n\n<\/style>\n\n<div class=\"square_icon_box\" id=\"uc_square_icon_box_elementor_749fbad\">\n  \n  \t\t  \n  \n              <div class=\"ue-icon\">\n       <a style=\"display:inline-block; text-decoration:none;\" href=\"https:\/\/cyberawareness.sk\/wp-content\/uploads\/2024\/10\/559DA0989ACB4897B62F0EA45DC093CE.pdf\" >         <div class=\"blox-boxed-small-square-icon-box-icon\" style=\"background-color: ;\">\n           <div class=\"ue-icon-inner\"><i class='fas fa-book'><\/i><\/div>\n         <\/div>\n       <\/a>       <\/div>\n         \n  \t\t        <div class=\"blox-boxed-small-square-icon-box-heading\">\n        \tPr\u00e1ca\n        <\/div>\n          \n  \t\t  \n  \n          \n  \t\t        \n          \n  \t\t  \n<\/div>\n<!-- end Icon Box -->\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8e851db elementor-widget elementor-widget-text-editor\" data-id=\"8e851db\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>Autor: <\/strong>Boris Hamadej <br \/><strong>\u0160kolite\u013e: <\/strong>Mgr. Eva Markov\u00e1<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e5a0a23 elementor-widget elementor-widget-heading\" data-id=\"e5a0a23\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Abstrakt<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b77c4c2 elementor-widget elementor-widget-text-editor\" data-id=\"b77c4c2\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Digit\u00e1lna forenzn\u00e1 anal\u00fdza sa stala nevyhnutnou s\u00fa\u010das\u0165ou reakcie na po\u010d\u00edta\u010dov\u00e9 bezpe\u010dnostn\u00e9 incidenty ako aj s\u00fa\u010das\u0165ou vy\u0161etrovania kybernetickej kriminality. D\u00f4le\u017eit\u00fdmi krokmi forenzn\u00e9ho vy\u0161etrovania s\u00fa identifik\u00e1cia digit\u00e1lnych st\u00f4p potenci\u00e1lnych \u00fato\u010dn\u00edkov, ich zber, anal\u00fdza a ich n\u00e1sledn\u00e9 zdokumentovanie. V na\u0161ej pr\u00e1ci sa venujeme met\u00f3dam a postupom na \u010do najpresnej\u0161ie identifikovanie podozriv\u00fdch forenzn\u00fdch artefaktov v opera\u010dnom syst\u00e9me Windows a ich efekt\u00edvnemu vyu\u017eitiu pri anal\u00fdze a detekcii anom\u00e1li\u00ed. Ako n\u00e1\u0161 modelov\u00fd pr\u00edpad pou\u017e\u00edvame \u201ePr\u00edpad ukradnutej se\u010du\u00e1nskej om\u00e1\u010dky\u201c z port\u00e1lu DFIR Madness. Tieto d\u00e1ta sa v predo\u0161lom v\u00fdskume predspracovali a na tomto upravenom datasete sme otestovali nieko\u013eko existuj\u00facich met\u00f3d na detekciu anom\u00e1li\u00ed bez u\u010dite\u013ea, ako napr\u00edklad ECOD, IForest \u010di PCA. Analyzovali sme v\u00fdsledky a \u00faspe\u0161nos\u0165 jednotliv\u00fdch met\u00f3d pri detekcii anom\u00e1li\u00ed, \u010d\u00edm sme z\u00edskali lep\u0161\u00ed preh\u013ead o mo\u017enostiach ich uplatnenia pri digit\u00e1lnej forenznej anal\u00fdze. Na z\u00e1klade na\u0161ej anal\u00fdzy sme vybrali najlep\u0161ie met\u00f3dy a implementovali ich do jednoduch\u00e9ho n\u00e1stroja, ktor\u00fd u\u017e\u00edvate\u013eom poskytne mo\u017enos\u0165 vybra\u0165 si met\u00f3dy, ktor\u00e9 chc\u00fa pou\u017ei\u0165. Tento n\u00e1stroj n\u00e1sledne porovn\u00e1va \u010das behu jednotliv\u00fdch met\u00f3d a ich v\u00fdsledky, \u010do u\u017e\u00edvate\u013eom umo\u017en\u00ed lep\u0161ie porozumie\u0165 v\u00fdhod\u00e1m a nev\u00fdhod\u00e1m jednotliv\u00fdch met\u00f3d a vybra\u0165 si z nich tie najvhodnej\u0161ie pre ich konkr\u00e9tny pr\u00edpad.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e39a89a elementor-widget elementor-widget-heading\" data-id=\"e39a89a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Ciele<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-05fb267 elementor-widget elementor-widget-text-editor\" data-id=\"05fb267\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<ul><li>Anal\u00fdza forenzn\u00fdch artefaktov vo vybranom opera\u010dnom syst\u00e9me.<\/li><li>Porovnanie existuj\u00facich pr\u00edstupov k identifik\u00e1cii anom\u00e1lii pri forenznom vy\u0161etrovan\u00ed.<\/li><li>N\u00e1vrh n\u00e1stroja pre identifik\u00e1ciu podozriv\u00fdch forenzn\u00fdch artefaktov vo vybranom opera\u010dnom syst\u00e9me, otestovanie n\u00e1stroja a zhodnotenie v\u00fdsledkov.<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-89aa96b elementor-widget elementor-widget-heading\" data-id=\"89aa96b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Literat\u00fara<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d149794 elementor-widget elementor-widget-text-editor\" data-id=\"d149794\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<ul><li>Baddar, S. A. H., Merlo, A., &amp; Migliardi, M. (2019). Behavioral-anomaly detection in forensics analysis. IEEE Security &amp; Privacy, 17(1), 55-62.<\/li><li>Pang, G., Shen, C., Cao, L., &amp; Hengel, A. V. D. (2021). Deep learning for anomaly detection: A review. ACM Computing Surveys (CSUR), 54(2), 1-38.<\/li><li>Pourhabibi, T., Ong, K. L., Kam, B. H., &amp; Boo, Y. I.. (2020). Fraud detection: A systematic literature review of graph-based anomaly detection approaches. Decision Support Systems, 133, 113303.<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a432df6 elementor-widget elementor-widget-heading\" data-id=\"a432df6\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Priebeh pr\u00e1ce<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f13991a elementor-widget elementor-widget-text-editor\" data-id=\"f13991a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Zatia\u013e nezverejnen\u00e9<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>Autor: Mgr. Eva Markov\u00e1<br \/>\n\u0160kolite\u013e: RNDr. JUDr. Pavol Sokol, PhD.<\/p>","protected":false},"author":9,"featured_media":2397,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ocean_post_layout":"full-width","ocean_both_sidebars_style":"","ocean_both_sidebars_content_width":0,"ocean_both_sidebars_sidebars_width":0,"ocean_sidebar":"","ocean_second_sidebar":"","ocean_disable_margins":"enable","ocean_add_body_class":"","ocean_shortcode_before_top_bar":"","ocean_shortcode_after_top_bar":"","ocean_shortcode_before_header":"","ocean_shortcode_after_header":"","ocean_has_shortcode":"","ocean_shortcode_after_title":"","ocean_shortcode_before_footer_widgets":"","ocean_shortcode_after_footer_widgets":"","ocean_shortcode_before_footer_bottom":"","ocean_shortcode_after_footer_bottom":"","ocean_display_top_bar":"default","ocean_display_header":"default","ocean_header_style":"","ocean_center_header_left_menu":"","ocean_custom_header_template":"","ocean_custom_logo":0,"ocean_custom_retina_logo":0,"ocean_custom_logo_max_width":0,"ocean_custom_logo_tablet_max_width":0,"ocean_custom_logo_mobile_max_width":0,"ocean_custom_logo_max_height":0,"ocean_custom_logo_tablet_max_height":0,"ocean_custom_logo_mobile_max_height":0,"ocean_header_custom_menu":"","ocean_menu_typo_font_family":"","ocean_menu_typo_font_subset":"","ocean_menu_typo_font_size":0,"ocean_menu_typo_font_size_tablet":0,"ocean_menu_typo_font_size_mobile":0,"ocean_menu_typo_font_size_unit":"px","ocean_menu_typo_font_weight":"","ocean_menu_typo_font_weight_tablet":"","ocean_menu_typo_font_weight_mobile":"","ocean_menu_typo_transform":"","ocean_menu_typo_transform_tablet":"","ocean_menu_typo_transform_mobile":"","ocean_menu_typo_line_height":0,"ocean_menu_typo_line_height_tablet":0,"ocean_menu_typo_line_height_mobile":0,"ocean_menu_typo_line_height_unit":"","ocean_menu_typo_spacing":0,"ocean_menu_typo_spacing_tablet":0,"ocean_menu_typo_spacing_mobile":0,"ocean_menu_typo_spacing_unit":"","ocean_menu_link_color":"","ocean_menu_link_color_hover":"","ocean_menu_link_color_active":"","ocean_menu_link_background":"","ocean_menu_link_hover_background":"","ocean_menu_link_active_background":"","ocean_menu_social_links_bg":"","ocean_menu_social_hover_links_bg":"","ocean_menu_social_links_color":"","ocean_menu_social_hover_links_color":"","ocean_disable_title":"default","ocean_disable_heading":"default","ocean_post_title":"","ocean_post_subheading":"","ocean_post_title_style":"","ocean_post_title_background_color":"","ocean_post_title_background":0,"ocean_post_title_bg_image_position":"","ocean_post_title_bg_image_attachment":"","ocean_post_title_bg_image_repeat":"","ocean_post_title_bg_image_size":"","ocean_post_title_height":0,"ocean_post_title_bg_overlay":0.5,"ocean_post_title_bg_overlay_color":"","ocean_disable_breadcrumbs":"default","ocean_breadcrumbs_color":"","ocean_breadcrumbs_separator_color":"","ocean_breadcrumbs_links_color":"","ocean_breadcrumbs_links_hover_color":"","ocean_display_footer_widgets":"default","ocean_display_footer_bottom":"default","ocean_custom_footer_template":"","ocean_post_oembed":"","ocean_post_self_hosted_media":"","ocean_post_video_embed":"","ocean_link_format":"","ocean_link_format_target":"self","ocean_quote_format":"","ocean_quote_format_link":"post","ocean_gallery_link_images":"on","ocean_gallery_id":[],"footnotes":""},"categories":[12],"tags":[],"class_list":["post-3164","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-bakalarske-prace","entry","has-media"],"_links":{"self":[{"href":"https:\/\/cyberawareness.sk\/en\/wp-json\/wp\/v2\/posts\/3164","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyberawareness.sk\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberawareness.sk\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberawareness.sk\/en\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberawareness.sk\/en\/wp-json\/wp\/v2\/comments?post=3164"}],"version-history":[{"count":25,"href":"https:\/\/cyberawareness.sk\/en\/wp-json\/wp\/v2\/posts\/3164\/revisions"}],"predecessor-version":[{"id":3741,"href":"https:\/\/cyberawareness.sk\/en\/wp-json\/wp\/v2\/posts\/3164\/revisions\/3741"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberawareness.sk\/en\/wp-json\/wp\/v2\/media\/2397"}],"wp:attachment":[{"href":"https:\/\/cyberawareness.sk\/en\/wp-json\/wp\/v2\/media?parent=3164"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberawareness.sk\/en\/wp-json\/wp\/v2\/categories?post=3164"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberawareness.sk\/en\/wp-json\/wp\/v2\/tags?post=3164"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}