Home // IMMM 2014, The Fourth International Conference on Advances in Information Mining and Management // View article

Improving Digital Forensics Through Data Mining

Authors:
Chrysoula Tsochataridou
Avi Arampatzis
Vasilios Katos

Keywords: Digital Forensics; Email Analysis;Text Mining; Clustering; Weka; Simple K-means.

Abstract:
In this paper, we reflect upon the challenges a forensic analyst faces when dealing with a complex investigation and develop an approach for handling and analyzing large amounts of data. As traditional digital forensic analysis tools fail to identify hidden relationships in complex modus operandi of perpetrators, in this paper, we employ data mining techniques in the digital forensics domain. We consider as a vehicle the Enron scandal, which is recognized to be the biggest audit failure in the U.S. corporate history. In particular, we focus on the textual analysis of the electronic messages sent by Enron employees, using clustering techniques. Our goal is to produce a methodology that could be applied by other researchers, who work on projects that involve email analysis. Preliminary findings show that it is possible to use clustering techniques in order to effectively identify malicious collaborative activities.

Pages: 45 to 52

Copyright: Copyright (c) IARIA, 2014

Publication date: July 20, 2014

Published in: conference

ISSN: 2326-9332

ISBN: 978-1-61208-364-3

Location: Paris, France

Dates: from July 20, 2014 to July 24, 2014