Abstract
The rapid growth of computer storage, new technologies, anti-forensics and hacking tools, as well as cheaper and easily accessible powerful computing equipment, has led to digital crimes becoming more frequent and often more sophisticated. These challenges have led to digital examinations becoming increasingly time-consuming and laborious, resulting in an urgent need for the automation of digital forensic analysis. In addition to in-depth analysis of particular digital devices, it is often necessary to establish that two devices and hence their owners are linked. This need arises, for example, when a suspect is apprehended and the investigator needs to establish grounds for the detention of a suspect. This paper proposes a methodology and a software solution to automate the detection of information linkage between two or more distinct digital devices.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Wassermann, S., Faust, K.: Social Network Analysis: Methods and Applications. Cambridge University Press, New York (1994)
Moreno, J.L.: Who Shall Survive? Foundations of Sociometry, Group Psychotherapy and Sociodrama. Beacon House, New York (1934, 1953, 1978)
Almack, J.C.: The influence of intelligence on the selection of associates. Sch. Soc. 16, 529–530 (1922)
Bott, H.: Observation of play activities in a nursery school. Genet. Psychol. Monogr. 4, 44–88 (1928)
Scott, J.: Social Network Analysis: A Handbook, 2nd edn. Sage Publications Ltd., London (2000)
Xu, J., Chen, H.: Criminal network analysis and visualization: a data mining perspective. Commun. ACM 48(6), 101–107 (2005)
Sparrow, M.K.: The application of network analysis to criminal intelligence: an assessment of the prospects. Soc. Netw. 13, 251–274 (1991)
Eades, P.: A heuristic for graph drawing. Congressus Numerantium 42, 149–160 (1984)
Verisk Analytics: NetMap. http://www.iso.com/Products/NetMap-Suite-of-Products/NetMap-Suite-visual-link-analysis-to-fight-insurance-fraud.html. Accessed 16 Apr 2012
IBM i2: COPLINK Accelerating Law Enforcement. http://www.i2group.com/us/products/coplink-product-line. Accessed 4 Apr 2012
IBM i2: Analysts Notebook. http://www.i2group.com/us/products/analysis-product-line/ibm-i2-analysts-notebook. Accessed 2 Mar 2012
Paterva: Maltego. www.paterva.com/web5/. Accessed 1 Mar 2012
Bazzell, M.: Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information, CreateSpace Independent Publishing Platform (2013)
Guidance Software: EnCase Forensic V7. http://www.guidancesoftware.com/encase-forensic.htm. Accessed 2 May 2012
X-Ways Software Technology AG: X-Ways Forensics: Integrated Computer Forensics Software. http://www.x-ways.net/forensics/index-m.html. Accessed 2 May 2012
Microsoft: Strings v2.5, Microsoft. http://technet.microsoft.com/en-us/sysinternals/bb897439.aspx. Accessed 15 Apr 2012
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendix A – Keyword Comparison Results
Appendix A – Keyword Comparison Results
Individual | Keyword | Individual | Weight |
---|---|---|---|
John Smith | tobysskeeperTobys | P Patterson – Image 2 | 96 |
John Smith | novye.denginovye | P Patterson – Image 2 | 102 |
John Smith | tobysskeeperN7 | P Patterson – Image 2 | 114 |
John Smith | runtime.overide@gmail.com | P Patterson – Image 2 | 380 |
John Smith | novye.dengi | P Patterson – Image 2 | 420 |
John Smith | Tobysskeeper | P Patterson – Image 2 | 531 |
John Smith | paeder.patterson@mobileemail.vodafone.ie | P Patterson – Image 3 | 294 |
John Smith | paeder.ucd | P Patterson – Image 3 | 330 |
John Smith | skype.outbound.ed10.com | P Patterson – Image 3 | 351 |
John Smith | lorna.bubbles@gmail.com | P Patterson – Image 3 | 513 |
John Smith | paeder.patterson @ucd.ie | P Patterson – Image 3 | 22644 |
John Smith | paeder.ucd@gmail.com | P Patterson – Image 3 | 64005 |
John Smith | Patterson | P Patterson – Image 3 | 75504 |
John Smith | lorna.bubbles.byrne@gmail.com | P Patterson – Image 3 | 203194 |
John Smith | john.ucd@gmail.com | P Patterson – Image 3 | 415692 |
John Smith | john.smith@ucd.ie | P Patterson – Image 3 | 44818818 |
John Smith | smithtoby.smith | Toby Smith | 6 |
John Smith | lorna.bubblesLorna | Toby Smith | 6 |
John Smith | lorna.bubblesA | Toby Smith | 6 |
John Smith | toby.smithToby | Toby Smith | 10 |
John Smith | lorna.bubbles.byrne@gmail.comByrne | Toby Smith | 36 |
John Smith | novye.dengi | Toby Smith | 60 |
John Smith | skype.com | Toby Smith | 68 |
John Smith | TrueCrypt.exe | Toby Smith | 80 |
John Smith | skype.outbound.ed10.com | Toby Smith | 80 |
John Smith | toby.smithN1 | Toby Smith | 92 |
John Smith | lorna.bubbles | Toby Smith | 220 |
John Smith | Welcome@email.skype.com | Toby Smith | 666 |
John Smith | toby.smith | Toby Smith | 1352 |
John Smith | TrueCrypt | Toby Smith | 5330 |
John Smith | runtime.overide@gmail.com | Toby Smith | 11400 |
John Smith | lorna.bubbles.byrne@gmail.com | Toby Smith | 196954 |
John Smith | john.ucd@gmail.com | Toby Smith | 230971 |
John Smith | toby.paul.smith@gmail.com | Toby Smith | 796500 |
P Patterson – Image 2 | novye.dengi | Toby Smith | 1176 |
P Patterson – Image 2 | runtime.overide@gmail.com | Toby Smith | 42560 |
P Patterson – Image 2 | skype.outbound.ed10.com | Toby Smith | 337 |
P Patterson – Image 2 | lorna.bubbles.byrne@gmail.com | Toby Smith | 569204 |
Rights and permissions
Copyright information
© 2014 Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Brennan, F., Udris, M., Gladyshev, P. (2014). An Automated Link Analysis Solution Applied to Digital Forensic Investigations. In: Gladyshev, P., Marrington, A., Baggili, I. (eds) Digital Forensics and Cyber Crime. ICDF2C 2013. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 132. Springer, Cham. https://doi.org/10.1007/978-3-319-14289-0_13
Download citation
DOI: https://doi.org/10.1007/978-3-319-14289-0_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-14288-3
Online ISBN: 978-3-319-14289-0
eBook Packages: Computer ScienceComputer Science (R0)