Constructing social networks from secondary storage with bulk analysis tools

Loading...
Thumbnail Image
Authors
Green, Janina L.
Subjects
social network analysis
social network structure
digital forensics
digital fingerprinting
bulk data analysis
visualization
email address analysis
Advisors
McCarrin, Michael R.
Gera, Ralucca
Date of Issue
2016-06
Date
Jun-16
Publisher
Monterey, California: Naval Postgraduate School
Language
Abstract
Intelligence analysts depend on the ability to understand the social networks of suspects and adversaries. We develop a novel method for automatically discovering this information from digital storage media by analyzing byte-offset proximity between digital artifacts on the raw media.We show that this method can be used to group email addresses that indicate real communication between users and those that do not. Furthermore, in the case where addresses do represent communication between users, our analysis indicates that classic measures of centrality are effective for identifying important nodes and close associates, and that further study of modularity classes may be a promising method of partitioning complex components. Finally, in support of the above work, we also created a tagged dataset of graphs for which ground truth was determined by interviews with the owners, and which can be used for future study in this area. Two objectives motivated this thesis, both of which serve the greater goal of making analysts more efficient. The first was to reduce the time digital analysts consume sorting through the results, in order to complete cases in a timely manner. The second was to eliminate data that was not relevant to discovering social networks, in order to achieve the ultimate goal of eventually paving the way for an automated process that identifies social structures.
Type
Thesis
Description
Series/Report No
Department
Computer Science
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
Citation
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Collections