A Social Network Discovery Model for Digital Forensics Investigations

Our continued reliance on email communications ensures that this type of data remains a major source of evidence during a digital investigation. Due to the many applications and data types, there is no standard email format. Therefore, much current work in the forensic investigation of emails has focused on data extraction. This paper focuses on the investigatory process and posits a model for social network discovery for use in digital investigations. This model is applied to the widely used Enron email corpus to demonstrate its applicability.

[1]  Mark John Taylor,et al.  Social Network Visualization for Forensic Investigation of E-mail , 2009, WDFIA.

[2]  Hanhe Lin Predicting Sensitive Relationships from Email Corpus , 2010, 2010 Fourth International Conference on Genetic and Evolutionary Computing.

[3]  William A. Wallace,et al.  Automatic Text Analysis of Values in the Enron Email Dataset: Clustering a Social Network Using the Value Patterns of Actors , 2010, 2010 43rd Hawaii International Conference on System Sciences.

[4]  Anthony Skjellum,et al.  Mining spam email to identify common origins for forensic application , 2008, SAC '08.

[5]  Ronaldo Menezes,et al.  Assessing organizational stability via network analysis , 2009, 2009 IEEE Symposium on Computational Intelligence for Financial Engineering.

[6]  Mourad Debbabi,et al.  Towards an integrated e-mail forensic analysis framework , 2009, Digit. Investig..

[7]  Katherine Faust Centrality in affiliation networks , 1997 .

[8]  Giuseppe F. Italiano,et al.  Extracting social networks from seized smartphones and web data , 2009, 2009 First IEEE International Workshop on Information Forensics and Security (WIFS).

[9]  Penelope Hawe,et al.  Use of social network analysis to map the social relationships of staff and teachers at school. , 2007, Health education research.

[10]  Hui Soo Chae,et al.  Using social network analysis to highlight an emerging online community of practice , 2007, CSCL.

[11]  Valdis E. Krebs,et al.  Uncloaking Terrorist Networks , 2002, First Monday.

[12]  Stanley Wasserman,et al.  Social Network Analysis: Methods and Applications , 1994, Structural analysis in the social sciences.

[13]  J. Harding,et al.  Sociometry, experimental method and the science of society: An approach to a new political orientation. , 1952 .

[14]  Uffe Kock Wiil,et al.  Measuring Link Importance in Terrorist Networks , 2010, 2010 International Conference on Advances in Social Networks Analysis and Mining.

[15]  Michael Gertz,et al.  Mining email social networks , 2006, MSR '06.