{"id":"https://openalex.org/W2330903175","doi":"https://doi.org/10.1109/jsyst.2015.2389518","title":"Using Geolocation for the Strategic Preincident Preparation of an IT Forensics Analysis","display_name":"Using Geolocation for the Strategic Preincident Preparation of an IT Forensics Analysis","publication_year":2015,"publication_date":"2015-02-16","ids":{"openalex":"https://openalex.org/W2330903175","doi":"https://doi.org/10.1109/jsyst.2015.2389518","mag":"2330903175"},"language":"en","primary_location":{"id":"doi:10.1109/jsyst.2015.2389518","is_oa":false,"landing_page_url":"https://doi.org/10.1109/jsyst.2015.2389518","pdf_url":null,"source":{"id":"https://openalex.org/S95999327","display_name":"IEEE Systems Journal","issn_l":"1932-8184","issn":["1932-8184","1937-9234","2373-7816"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Systems Journal","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5111886592","display_name":"Robert Koch","orcid":null},"institutions":[{"id":"https://openalex.org/I40527276","display_name":"Universit\u00e4t der Bundeswehr M\u00fcnchen","ror":"https://ror.org/05kkv3f82","country_code":"DE","type":"education","lineage":["https://openalex.org/I1315109972","https://openalex.org/I40527276","https://openalex.org/I4387152969"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Robert Koch","raw_affiliation_strings":["Research Center CODE (Cyber Defence), Faculty of Computer Science, Universit\u00e4t der Bundeswehr M\u00fcnchen, Neubiberg, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Research Center CODE (Cyber Defence), Faculty of Computer Science, Universit\u00e4t der Bundeswehr M\u00fcnchen, Neubiberg, Germany","institution_ids":["https://openalex.org/I40527276"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054818424","display_name":"Mario Golling","orcid":null},"institutions":[{"id":"https://openalex.org/I40527276","display_name":"Universit\u00e4t der Bundeswehr M\u00fcnchen","ror":"https://ror.org/05kkv3f82","country_code":"DE","type":"education","lineage":["https://openalex.org/I1315109972","https://openalex.org/I40527276","https://openalex.org/I4387152969"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Mario Golling","raw_affiliation_strings":["Research Center CODE (Cyber Defence), Faculty of Computer Science, Universit\u00e4t der Bundeswehr M\u00fcnchen, Neubiberg, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Research Center CODE (Cyber Defence), Faculty of Computer Science, Universit\u00e4t der Bundeswehr M\u00fcnchen, Neubiberg, Germany","institution_ids":["https://openalex.org/I40527276"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5040794817","display_name":"Lars Stiemert","orcid":null},"institutions":[{"id":"https://openalex.org/I40527276","display_name":"Universit\u00e4t der Bundeswehr M\u00fcnchen","ror":"https://ror.org/05kkv3f82","country_code":"DE","type":"education","lineage":["https://openalex.org/I1315109972","https://openalex.org/I40527276","https://openalex.org/I4387152969"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Lars Stiemert","raw_affiliation_strings":["Research Center CODE (Cyber Defence), Faculty of Computer Science, Universit\u00e4t der Bundeswehr M\u00fcnchen, Neubiberg, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Research Center CODE (Cyber Defence), Faculty of Computer Science, Universit\u00e4t der Bundeswehr M\u00fcnchen, Neubiberg, Germany","institution_ids":["https://openalex.org/I40527276"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5078551681","display_name":"Gabi Dreo Rodosek","orcid":"https://orcid.org/0000-0002-8702-8553"},"institutions":[{"id":"https://openalex.org/I40527276","display_name":"Universit\u00e4t der Bundeswehr M\u00fcnchen","ror":"https://ror.org/05kkv3f82","country_code":"DE","type":"education","lineage":["https://openalex.org/I1315109972","https://openalex.org/I40527276","https://openalex.org/I4387152969"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Gabi Dreo Rodosek","raw_affiliation_strings":["Research Center CODE (Cyber Defence), Faculty of Computer Science, Universit\u00e4t der Bundeswehr M\u00fcnchen, Neubiberg, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Research Center CODE (Cyber Defence), Faculty of Computer Science, Universit\u00e4t der Bundeswehr M\u00fcnchen, Neubiberg, Germany","institution_ids":["https://openalex.org/I40527276"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.052,"has_fulltext":false,"cited_by_count":16,"citation_normalized_percentile":{"value":0.82092118,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":"10","issue":"4","first_page":"1338","last_page":"1349"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9976999759674072,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/geolocation","display_name":"Geolocation","score":0.9102452993392944},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7075777649879456},{"id":"https://openalex.org/keywords/network-forensics","display_name":"Network forensics","score":0.5581230521202087},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.500781774520874},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.4906848669052124},{"id":"https://openalex.org/keywords/traceability","display_name":"Traceability","score":0.47196921706199646},{"id":"https://openalex.org/keywords/geographic-information-system","display_name":"Geographic information system","score":0.4289546310901642},{"id":"https://openalex.org/keywords/reliability","display_name":"Reliability (semiconductor)","score":0.41050219535827637},{"id":"https://openalex.org/keywords/digital-forensics","display_name":"Digital forensics","score":0.2501200735569},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.20130077004432678},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.09166651964187622}],"concepts":[{"id":"https://openalex.org/C22041718","wikidata":"https://www.wikidata.org/wiki/Q638949","display_name":"Geolocation","level":2,"score":0.9102452993392944},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7075777649879456},{"id":"https://openalex.org/C50747538","wikidata":"https://www.wikidata.org/wiki/Q7001032","display_name":"Network forensics","level":3,"score":0.5581230521202087},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.500781774520874},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.4906848669052124},{"id":"https://openalex.org/C153876917","wikidata":"https://www.wikidata.org/wiki/Q899704","display_name":"Traceability","level":2,"score":0.47196921706199646},{"id":"https://openalex.org/C41856607","wikidata":"https://www.wikidata.org/wiki/Q483130","display_name":"Geographic information system","level":2,"score":0.4289546310901642},{"id":"https://openalex.org/C43214815","wikidata":"https://www.wikidata.org/wiki/Q7310987","display_name":"Reliability (semiconductor)","level":3,"score":0.41050219535827637},{"id":"https://openalex.org/C84418412","wikidata":"https://www.wikidata.org/wiki/Q3246940","display_name":"Digital forensics","level":2,"score":0.2501200735569},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.20130077004432678},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.09166651964187622},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C163258240","wikidata":"https://www.wikidata.org/wiki/Q25342","display_name":"Power (physics)","level":2,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C62649853","wikidata":"https://www.wikidata.org/wiki/Q199687","display_name":"Remote sensing","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/jsyst.2015.2389518","is_oa":false,"landing_page_url":"https://doi.org/10.1109/jsyst.2015.2389518","pdf_url":null,"source":{"id":"https://openalex.org/S95999327","display_name":"IEEE Systems Journal","issn_l":"1932-8184","issn":["1932-8184","1937-9234","2373-7816"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Systems Journal","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.41999998688697815,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":55,"referenced_works":["https://openalex.org/W24678375","https://openalex.org/W84379194","https://openalex.org/W303618598","https://openalex.org/W1483446075","https://openalex.org/W1503244953","https://openalex.org/W1536198084","https://openalex.org/W1542045205","https://openalex.org/W1565390122","https://openalex.org/W1608970403","https://openalex.org/W1729709998","https://openalex.org/W1828150029","https://openalex.org/W1888668546","https://openalex.org/W1908407729","https://openalex.org/W1938118830","https://openalex.org/W1970399788","https://openalex.org/W2009217060","https://openalex.org/W2010573219","https://openalex.org/W2010854666","https://openalex.org/W2016242872","https://openalex.org/W2034373897","https://openalex.org/W2068593619","https://openalex.org/W2101843742","https://openalex.org/W2106828752","https://openalex.org/W2108759094","https://openalex.org/W2109708952","https://openalex.org/W2115082527","https://openalex.org/W2127836235","https://openalex.org/W2130850880","https://openalex.org/W2132878099","https://openalex.org/W2137958869","https://openalex.org/W2144015590","https://openalex.org/W2147343274","https://openalex.org/W2155845143","https://openalex.org/W2170873916","https://openalex.org/W2171331105","https://openalex.org/W2254965060","https://openalex.org/W2399121719","https://openalex.org/W2399380432","https://openalex.org/W3139855023","https://openalex.org/W3148090787","https://openalex.org/W4243435663","https://openalex.org/W4254487626","https://openalex.org/W6601015418","https://openalex.org/W6628725010","https://openalex.org/W6632534612","https://openalex.org/W6639335120","https://openalex.org/W6640094731","https://openalex.org/W6640663072","https://openalex.org/W6675948838","https://openalex.org/W6679023214","https://openalex.org/W6681180008","https://openalex.org/W6681995896","https://openalex.org/W6685188846","https://openalex.org/W6712304622","https://openalex.org/W6712921537"],"related_works":["https://openalex.org/W2163194970","https://openalex.org/W3105229732","https://openalex.org/W2799094075","https://openalex.org/W2892370851","https://openalex.org/W2187946387","https://openalex.org/W2052024186","https://openalex.org/W2939141610","https://openalex.org/W1518655271","https://openalex.org/W2380692702","https://openalex.org/W2144015590"],"abstract_inverted_index":{"Attack":[0],"traceability":[1],"and":[2,59,74,134,137,169,183,187,193],"attribution":[3],"are":[4],"two":[5],"of":[6,10,61,89,165,185],"the":[7,25,32,84,87,102,110,113,115,145,150,163],"main":[8],"tasks":[9],"IT":[11,16],"forensics.":[12],"To":[13],"support":[14],"this,":[15,81],"forensics":[17],"is":[18,47,72,92,97],"not":[19,93],"limited":[20],"to":[21,42,55,80,83,130,135,161,175],"investigate":[22],"data":[23,121],"after":[24],"attack":[26,132],"has":[27,41],"taken":[28],"place.":[29],"Already":[30],"before":[31],"attack,":[33],"an":[34,198],"optimal":[35],"environment":[36],"for":[37,67,109,153],"a":[38,194],"subsequent":[39],"investigation":[40],"be":[43,127,156],"created.":[44],"While":[45],"this":[46,178],"primarily":[48],"focused":[49],"on":[50,64],"ordinary":[51],"logging,":[52,62],"we":[53],"propose":[54],"set":[56],"both":[57],"degree":[58],"characteristics":[60],"based":[63],"geolocation.":[65],"Thus,":[66],"conspicuous":[68],"locations,":[69],"more":[70],"knowledge":[71],"gathered":[73],"stored":[75,98],"in":[76,173],"advance":[77],"(georeputation).":[78],"Next":[79],"due":[82],"fact":[85],"that":[86,125],"distribution":[88],"IP":[90,111,146],"addresses":[91],"static,":[94],"additional":[95,120],"information":[96,168],"to,":[99],"e.g.,":[100],"determine":[101],"Internet":[103],"service":[104],"provider,":[105],"which":[106],"was":[107,117],"responsible":[108],"at":[112],"time":[114],"crime":[116],"committed.":[118],"This":[119],"also":[122,180],"contains":[123],"geoinformation":[124,186],"can":[126],"used":[128],"later":[129],"reconstruct":[131],"routes":[133],"identify":[136],"analyze":[138],"distributed":[139],"attacks.":[140],"For":[141],"these":[142],"purposes,":[143],"however,":[144],"localization":[147],"mechanisms,":[148],"i.e.,":[149],"underlying":[151],"method":[152],"geolocation,":[154],"must":[155],"very":[157],"accurate.":[158],"Therefore,":[159],"next":[160],"highlighting,":[162],"benefits":[164],"including":[166,197],"geobased":[167],"providing":[170],"our":[171],"architecture":[172,192],"order":[174],"do":[176],"so,":[177],"publication":[179],"investigates":[181],"accuracy":[182],"reliability":[184],"provides":[188],"its":[189],"own":[190],"geolocation":[191],"corresponding":[195],"prototype,":[196],"evaluation.":[199]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":1},{"year":2017,"cited_by_count":1},{"year":2015,"cited_by_count":2}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}