Enhancing Log File Analysis in Digital Forensics and Incident Response through Machine Learning
- Title
- Enhancing Log File Analysis in Digital Forensics and Incident Response through Machine Learning
- Creator
- Natarajan, Arul Kumar; Galety, Mohammad Gouse; Mishra, Nilamadhab; Prabu, M.; Manimaran, A.; Ramasamy, Gobi
- Description
- Log file analysis is crucial for identifying and exploring digital security incidents by recording system and network traffic. The growing volume and complexity of log data do not allow traditional analytical methods to be used, which led to the need for the development of more advanced analytical tools. This chapter shows a new method to infer practical information from the log file analysis using machine learning algorithms combined with Python programming. The technique has the following structure: Data preprocessing, Feature extraction, and then using multiple machine learning models such as RandomForestClassifier, Gradient Boosting Classifier, SVM, XGBoostClassifier, and MLPClassifier. Adding Python greatly improves these advanced models' accuracy and efficiency in analyzing log files. The XGBoostClassifier achieved the highest accuracy, which was 0.9198 as precision, and it indicates good applicability to complicated log data compared to another model in our test. This section compares the machine learning models using the UNSWNb15 dataset, which provides a broad range of network traffic data. The chapter contains some visualizations of flagship results and a detailed discussion about the results, discussing the challenges and limitations of the proposed approach. It also suggests future research directions. The results also typify the specifics of how Python and machine learning can be disrupted to develop digital forensics incident response practicability, bringing forth such innovations that cater to solving the cyber world's rapidly transitioning threat landscapes and tooling up valued scientific knowledge in the domain. 2026 selection and editorial matter, Vinay Aseri, Sumit Kumar Choudhary, and Adarsh Kumar; individual chapters, the contributors.
- Source
- Cyber Security, Forensics and National Security;pp.378-396
- Date
- 01-01-2025
- Publisher
- CRC Press
- Coverage
- Natarajan A.K., Samarkand International University of Technology, Samarkand, Uzbekistan; Galety M.G., Samarkand International University of Technology, Samarkand, Uzbekistan; Mishra N., VIT Bhopal University, Bhopal, India; Prabu M., Amrita Vishwa Vidyapeetham Erachakulam, Andhra Pradesh, India; Manimaran A., VIT-AP University, Amaravati, India; Ramasamy G., Christ University, Bengaluru, India
- Rights
- Restricted Access; Hardcopy may be available in the library
- Relation
- ISBN: 978-104041196-4; 978-104041198-8;
- Format
- online
- Language
- English
- Type
- Book chapter
Collection
Citation
Natarajan, Arul Kumar; Galety, Mohammad Gouse; Mishra, Nilamadhab; Prabu, M.; Manimaran, A.; Ramasamy, Gobi, “Enhancing Log File Analysis in Digital Forensics and Incident Response through Machine Learning,” CHRIST (Deemed To Be University) Institutional Repository, accessed June 18, 2026, https://archives.christuniversity.in/items/show/24347.