VizSec 2010, Ottawa, ON, Canada, September 14, 2010

The Need to Support of Data Flow Graph Visualization of Forensic Lucid Programs, Forensic

Evidence, and their Evaluation by GIPSYSerguei A. Mokhov, Joey Paquet, Mourad Debbabi

Faculty of ENCS, Concordia University, Montreal, QC, Canada

INITIAL BACKGROUND

DEVELOPMENTS TO EHANCE FORENSIC LUCID WITH CREDIBILITY AND VISUALIZATION

Forensic

Lucid Context

Encoder

PRISM

Evaluation

Forensic data (logs, states),

evidence, encoded as

Forensic Lucid HOIL context

expressions

Credibility weights of the

evidence items and witness

accounts assigned by the

investigator

GEER GEER Pool

GEE

GEE PRISM

Code Generation

Intensional

Distributed

Evaluation

AspectJ-based

Evaluation and

Tracing

Credibility-enhanced

Syntax Analysis

Credibility-enhanced

Semantic Analsys

Evidential Statement with Credibilities

(Knowledge Base Context Pool, and crime

scene “description”) GIPC

Forensic Lucid

Compiler

Modeling of the Crime Scene

by the Investigator Using a

DFG to create Transition

Function

GEER Linking

THE GIPSY PROCESS

Lucid programs

as 2D or 3D

DFGs with

nested evidential

“bubbles”.

Operational

Semantics to

encode forensic

transition func.

and evaluate.

Evaluation of forensic expressions and

probabilities and evidence modeling

as nested interconnected objects