Advertisement

An Extensible Platform for the Forensic Analysis of Social Media Data

  • Huw Read
  • Konstantinos Xynos
  • Iain Sutherland
  • Frode Roarson
  • Panagiotis Andriotis
  • George Oikonomou
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9190)

Abstract

Visualising data is an important part of the forensic analysis process. Many cell phone forensic tools have specialised visualisation components, but are as of yet able to tackle questions concerning the broad spectrum of social media communication sources. Visualisation tools tend to be stove-piped, it is difficult to take information seen in one visualisation tool and obtain a different perspective in another tool. If an interesting relationship is observed, needing to be explored in more depth, the process has to be reiterated by manually generating a subset of the data, converting it into the correct format, and invoking the new application. This paper describes a cloud-based data storage architecture and a set of interactive visualisation tools developed to allow for a more straightforward exploratory analysis. This approach developed in this tool suite is demonstrated using a case study consisting of social media data extracted from two mobile devices.

Keywords

Visualisation Social media Digital forensics Mobile device 

Notes

Acknowledgements

The research leading to these results has received funding from the European Research Council under the European Union’s Seventh Framework Programme (FP/2007-2013)/ERC Grant Agreement Number: HOME/2010/ISEC/AG/INT-002.

References

  1. 1.
  2. 2.
    Cellebrite: Cellebrite’ s outlook for the mobile forensics industry 2014. White Paper (2014). http://www.cellebrite.com/collateral/OUTLOOK_FOR_THE_MOBILE_FORENSICS_INDUSTRY_2014_WP.pdf
  3. 3.
    Catanese S.A., Fiumara, G.: A visual tool for forensic analysis of mobile phone traffic. In: Proceedings of the 2nd ACM workshop on Multimedia in Forensics, Security And Intelligence, pp. 71–76 (2010). ISBN:978-1-4503-0157-2, doi: 10.1145/1877972.1877992, http://dl.acm.org/citation.cfm?id=1877992
  4. 4.
    Perer, A., Shneiderman, B.: Balancing systematic and flexible, exploration of social networks. IEEE Trans. Visual. Comput. Graphics 12(5), 693–700 (2006). http://hcil2.cs.umd.edu/trs/2006-25/2006-25.pdf CrossRefGoogle Scholar
  5. 5.
    Andriotis, P., Tzermias, Z., Mparmpaki, A., Ioannidis, S., Oikonomou, G.: Multilevel visualization using enhanced social network analysis with smartphone data. Int. J. Digit. Crime Forensics 5, 34–54 (2013)CrossRefGoogle Scholar
  6. 6.
    Andriotis, P., Tryfonas, T., Oikonomou, G., Li, S., Tzermias, Z., Xynos, K., Read, H., Prevelakis, V.: On the development of automated forensic analysis methods for mobile devices. In: Holz, T., Ioannidis, S. (eds.) Trust 2014. LNCS, vol. 8564, pp. 212–213. Springer, Heidelberg (2014)Google Scholar
  7. 7.
    Garfinkel, S.L.: Forensics Visualizations with Open Source Tools (2013). http://simson.net/ref/2013/2013-11-05_VizSec.pdf
  8. 8.
    Browning, J.G.: Digging for the digital dirt: discovery and use of evidence from social media sites. SMU Sci Tech L Rev. 14, 465 (2010). http://heinonline.org/HOL/LandingPage?handle=hein.journals/comlrtj14&div=26&id=&page= Google Scholar
  9. 9.
    Al Mutawa, N., Baggili, I., Marrington, A.: Forensic analysis of social networking applications on mobile devices. In: Proceedings of the 2012 Digital Forensic Research Workshop. http://www.dfrws.org/2012/proceedings/DFRWS2012-3.pdf
  10. 10.
    Smith, M. A., Shneiderman, B., Milic-Frayling, N., Mendes Rodrigues, E., Barash, V., Dunne, C., Capone, T., Perer, A., Gleave, E.: Analyzing (social media) networks with NodeXL. In: Proceedings of the Fourth International Conference on Communities and Technologies, pp. 255–264, New York, NY, USA (2009). ISBN:978-1-60558-713-4, doi: 10.1145/1556460.1556497, http://hcil2.cs.umd.edu/trs/2009-11/2009-11.pdf
  11. 11.
    Afentis Facebook Forensics Tool. http://www.facebookforensics.com/features.html
  12. 12.
    Forte, D., Power, R.: Electronic discovery: digital forensics and beyond. Comput. Fraud Secur. 2006(4), 8–10 (2006)CrossRefGoogle Scholar
  13. 13.
  14. 14.
  15. 15.
    Xera I-conect. http://www.iconect.com/
  16. 16.
  17. 17.
    AccessData, Mobile Device data Visualization with MPE+ (2012). https://www.youtube.com/watch?v=bjcLDjju-kU
  18. 18.
    Micro Systemation, XAMN (2014). https://www.msab.com/xry/xamn
  19. 19.
  20. 20.
    Oxygen Forensics, Social Graph Tool (2014). http://www.oxygen-forensic.com/en/features/analyst/social-graph
  21. 21.
  22. 22.
    Ztedd, Whatsapp Xtract: Backup messages extractor (2012). http://forum.xda-developers.com/showthread.php?t=1583021
  23. 23.
    Garronski, N.: Skype Xtrator v.0.1.8.8 (2014). http://www.skypextractor.com/
  24. 24.
    Forensics WIKI: Graph and (Social) Network Visualization (2013). http://www.forensicswiki.org/wiki/Tools:Visualization#Graph_and_.28Social.29_Network_Visualization
  25. 25.
    Mulazzani, M., Huber, M., Weippl, E.R.: Social Network forensics: tapping the data pool of social networks. In: Eighth Annual IFIP WG 11.9 International Conference on Digital Forensics (2012). https://www.sba-research.org/wp-content/uploads/publications/socialForensics_preprint.pdf

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Huw Read
    • 1
    • 2
  • Konstantinos Xynos
    • 1
  • Iain Sutherland
    • 1
    • 4
  • Frode Roarson
    • 1
    • 2
  • Panagiotis Andriotis
    • 3
  • George Oikonomou
    • 3
  1. 1.University of South WalesPontypriddUK
  2. 2.Noroff University CollegeVest AgderNorway
  3. 3.University of BristolBristolUK
  4. 4.Security Research InstituteEdith Cowan UniversityPerthAustralia

Personalised recommendations