Creating and understanding email communication networks to aid digital forensic investigations
MetadataShow full item record
Digital forensic analysts depend on the ability to understand the social networks of the individuals they investigate. We develop a novel method for automatically constructing these networks from collected hard drives. We accomplish this by scanning the raw storage media for email addresses, constructing co-reference networks based on the proximity of email addresses to each other, then selecting connected components that correspond to real communication networks. We validate our analysis against a tagged data-set of networks for which we determined ground truth through interviews with the drive owners. In the resulting social networks, we find that classical measures of centrality and community detection algorithms are effective for identifying important nodes and close associates.
Showing items related by title, author, creator and subject.
Torner, Linus P. (Monterey, California: Naval Postgraduate School, 2015-09);Several recent terrorist attacks in Western countries have highlighted the need for strategies to disrupt dark networks, and social network analysis (SNA) has proven to be a useful tool for analyzing network structure and ...
Alderson, David; Ubiquity Staff (Association for Computing Machinery (ACM), 2009-08);Since Duncan Watts and Steve Strogatz published “Collective Dynamics of Small-World Networks” in Nature in 1998, there has been an explosion of interest in mathematical models of large networks, leading to numerous research ...
Hafsia, Raouf. (2001-03);Ad hoc wireless networks are decentralized networks whose members join and leave the network in an asynchronous manner and for short periods of time. Each node participating in the network acts both as host and a router ...