An Automated Link Analysis Solution Applied to Digital Forensic Investigations

Brennan, Fergal; Udris, Martins; Gladyshev, Pavel

doi:10.1007/978-3-319-14289-0_13

Fergal Brennan¹⁸,
Martins Udris¹⁸ &
Pavel Gladyshev¹⁸

Part of the book series: Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering ((LNICST,volume 132))

Included in the following conference series:

International Conference on Digital Forensics and Cyber Crime

1336 Accesses
1 Citations

Abstract

The rapid growth of computer storage, new technologies, anti-forensics and hacking tools, as well as cheaper and easily accessible powerful computing equipment, has led to digital crimes becoming more frequent and often more sophisticated. These challenges have led to digital examinations becoming increasingly time-consuming and laborious, resulting in an urgent need for the automation of digital forensic analysis. In addition to in-depth analysis of particular digital devices, it is often necessary to establish that two devices and hence their owners are linked. This need arises, for example, when a suspect is apprehended and the investigator needs to establish grounds for the detention of a suspect. This paper proposes a methodology and a software solution to automate the detection of information linkage between two or more distinct digital devices.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 54.99; Price excludes VAT (USA)

Softcover Book: USD 72.00; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Wassermann, S., Faust, K.: Social Network Analysis: Methods and Applications. Cambridge University Press, New York (1994)
Book Google Scholar
Moreno, J.L.: Who Shall Survive? Foundations of Sociometry, Group Psychotherapy and Sociodrama. Beacon House, New York (1934, 1953, 1978)
Google Scholar
Almack, J.C.: The influence of intelligence on the selection of associates. Sch. Soc. 16, 529–530 (1922)
Google Scholar
Bott, H.: Observation of play activities in a nursery school. Genet. Psychol. Monogr. 4, 44–88 (1928)
Google Scholar
Scott, J.: Social Network Analysis: A Handbook, 2nd edn. Sage Publications Ltd., London (2000)
Google Scholar
Xu, J., Chen, H.: Criminal network analysis and visualization: a data mining perspective. Commun. ACM 48(6), 101–107 (2005)
Article Google Scholar
Sparrow, M.K.: The application of network analysis to criminal intelligence: an assessment of the prospects. Soc. Netw. 13, 251–274 (1991)
Article Google Scholar
Eades, P.: A heuristic for graph drawing. Congressus Numerantium 42, 149–160 (1984)
MathSciNet Google Scholar
Verisk Analytics: NetMap. http://www.iso.com/Products/NetMap-Suite-of-Products/NetMap-Suite-visual-link-analysis-to-fight-insurance-fraud.html. Accessed 16 Apr 2012
IBM i2: COPLINK Accelerating Law Enforcement. http://www.i2group.com/us/products/coplink-product-line. Accessed 4 Apr 2012
IBM i2: Analysts Notebook. http://www.i2group.com/us/products/analysis-product-line/ibm-i2-analysts-notebook. Accessed 2 Mar 2012
Paterva: Maltego. www.paterva.com/web5/. Accessed 1 Mar 2012
Bazzell, M.: Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information, CreateSpace Independent Publishing Platform (2013)
Google Scholar
Guidance Software: EnCase Forensic V7. http://www.guidancesoftware.com/encase-forensic.htm. Accessed 2 May 2012
X-Ways Software Technology AG: X-Ways Forensics: Integrated Computer Forensics Software. http://www.x-ways.net/forensics/index-m.html. Accessed 2 May 2012
Microsoft: Strings v2.5, Microsoft. http://technet.microsoft.com/en-us/sysinternals/bb897439.aspx. Accessed 15 Apr 2012

Download references

Author information

Authors and Affiliations

University College Dublin, Dublin, Ireland
Fergal Brennan, Martins Udris & Pavel Gladyshev

Authors

Fergal Brennan
View author publications
You can also search for this author in PubMed Google Scholar
Martins Udris
View author publications
You can also search for this author in PubMed Google Scholar
Pavel Gladyshev
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Fergal Brennan .

Editor information

Editors and Affiliations

School of Computer Science and Informatics, University College Dublin, Dublin, Ireland
Pavel Gladyshev
College of Technical Innovation, Zayed University, Dubai, Utd.Arab.Emir.
Andrew Marrington
Tagliatela College of Engineering, University of New Haven, West Haven, USA
Ibrahim Baggili

Appendix A – Keyword Comparison Results

Individual	Keyword	Individual	Weight
John Smith	tobysskeeperTobys	P Patterson – Image 2	96
John Smith	novye.denginovye	P Patterson – Image 2	102
John Smith	tobysskeeperN7	P Patterson – Image 2	114
John Smith	runtime.overide@gmail.com	P Patterson – Image 2	380
John Smith	novye.dengi	P Patterson – Image 2	420
John Smith	Tobysskeeper	P Patterson – Image 2	531
John Smith	paeder.patterson@mobileemail.vodafone.ie	P Patterson – Image 3	294
John Smith	paeder.ucd	P Patterson – Image 3	330
John Smith	skype.outbound.ed10.com	P Patterson – Image 3	351
John Smith	lorna.bubbles@gmail.com	P Patterson – Image 3	513
John Smith	paeder.patterson @ucd.ie	P Patterson – Image 3	22644
John Smith	paeder.ucd@gmail.com	P Patterson – Image 3	64005
John Smith	Patterson	P Patterson – Image 3	75504
John Smith	lorna.bubbles.byrne@gmail.com	P Patterson – Image 3	203194
John Smith	john.ucd@gmail.com	P Patterson – Image 3	415692
John Smith	john.smith@ucd.ie	P Patterson – Image 3	44818818
John Smith	smithtoby.smith	Toby Smith	6
John Smith	lorna.bubblesLorna	Toby Smith	6
John Smith	lorna.bubblesA	Toby Smith	6
John Smith	toby.smithToby	Toby Smith	10
John Smith	lorna.bubbles.byrne@gmail.comByrne	Toby Smith	36
John Smith	novye.dengi	Toby Smith	60
John Smith	skype.com	Toby Smith	68
John Smith	TrueCrypt.exe	Toby Smith	80
John Smith	skype.outbound.ed10.com	Toby Smith	80
John Smith	toby.smithN1	Toby Smith	92
John Smith	lorna.bubbles	Toby Smith	220
John Smith	Welcome@email.skype.com	Toby Smith	666
John Smith	toby.smith	Toby Smith	1352
John Smith	TrueCrypt	Toby Smith	5330
John Smith	runtime.overide@gmail.com	Toby Smith	11400
John Smith	lorna.bubbles.byrne@gmail.com	Toby Smith	196954
John Smith	john.ucd@gmail.com	Toby Smith	230971
John Smith	toby.paul.smith@gmail.com	Toby Smith	796500
P Patterson – Image 2	novye.dengi	Toby Smith	1176
P Patterson – Image 2	runtime.overide@gmail.com	Toby Smith	42560
P Patterson – Image 2	skype.outbound.ed10.com	Toby Smith	337
P Patterson – Image 2	lorna.bubbles.byrne@gmail.com	Toby Smith	569204

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Brennan, F., Udris, M., Gladyshev, P. (2014). An Automated Link Analysis Solution Applied to Digital Forensic Investigations. In: Gladyshev, P., Marrington, A., Baggili, I. (eds) Digital Forensics and Cyber Crime. ICDF2C 2013. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 132. Springer, Cham. https://doi.org/10.1007/978-3-319-14289-0_13

Download citation

DOI: https://doi.org/10.1007/978-3-319-14289-0_13
Published: 23 December 2014
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-14288-3
Online ISBN: 978-3-319-14289-0
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

An Automated Link Analysis Solution Applied to Digital Forensic Investigations

Abstract

Access this chapter

References

Author information

Authors and Affiliations

Corresponding author

Editor information

Editors and Affiliations

Appendix A – Keyword Comparison Results

Appendix A – Keyword Comparison Results

Rights and permissions

Copyright information

About this paper

Cite this paper

Download citation

Share this paper

Publish with us

Search

Navigation