Abstract
Mobile devices are a wealth of information about its user and their digital and physical activities (e.g. online browsing and physical location). Therefore, in any crime investigation artifacts obtained from a mobile device can be extremely crucial. However, the variety of mobile platforms, applications (apps) and the significant size of data compound existing challenges in forensic investigations. In this paper, we explore the potential of machine learning in mobile forensics, and specifically in the context of Facebook messenger artifact acquisition and analysis. Using Quick and Choo (2017)’s Digital Forensic Intelligence Analysis Cycle (DFIAC) as the guiding framework, we demonstrate how one can acquire Facebook messenger app artifacts from an Android device and an iOS device (the latter is, using existing forensic tools. Based on the acquired evidence, we create 199 data-instances to train WEKA classifiers (i.e. ZeroR, J48 and Random tree) with the aim of classifying the device owner’s contacts and determine their mutual relationship strength.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Anglano, C., Canonico, M., Guazzone, M.: Forensic analysis of telegram messenger on android smartphones. Digit. Invest. 23, 31–49 (2017)
Azuaje, F.: Witten IH, Frank E: data mining: practical machine learning tools and techniques 2nd edition. BioMed. Eng. OnLine 5(1), 51 (2006). https://doi.org/10.1186/1475-925X-5-51
Barmpatsalou, K., Cruz, T., Monteiro, E., Simoes, P.: Current and future trends in mobile device forensics - a survey. ACM Comput. Surv. 51, 46 (2018)
Breiman, L.: Random forests. Mach. Learn. 45(1), 5–32 (2001)
Cahyani, N.D.W., Ab Rahman, N.H., Glisson, W.B., Choo, K.K.R.: The role of mobile forensics in terrorism investigations involving the use of cloud storage service and communication apps. Mob. Netw. Appl. 22(2), 240–254 (2017)
Daryabar, F., Dehghantanha, A., Choo, K.K.R.: Cloud storage forensics: mega as a case study. Aust. J. Forensic Sci. 49(3), 344–357 (2017). https://doi.org/10.1080/00450618.2016.1153714
Dezfouli, F.N., Dehghantanha, A., Eterovic-Soric, B., Choo, K.K.R.: Investigating social networking applications on smartphones detecting Facebook, Twitter, LinkedIn and Google+ artefacts on android and iOS platforms. Aust. J. Forensic Sci. 48(4), 469–488 (2016). https://doi.org/10.1080/00450618.2015.1066854
Lee, K., Palsetia, D., Narayanan, R., Patwary, M.M.A., Agrawal, A., Choudhary, A.: Twitter trending topic classification. In: IEEE 11th International Conference on Data Mining Workshops, pp. 251–258, December 2011. https://doi.org/10.1109/ICDMW.2011.171
Marturana, F., Me, G., Berte, R., Tacconi, S.: A quantitative approach to triaging in mobile forensics. In: IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications, pp. 582–588, November 2011. https://doi.org/10.1109/TrustCom.2011.75
Patil, T.R., Sherekar, S.: Performance analysis of Naive Bayes and J48 classification algorithm for data classification. Int. J. Comput. Sci. Appl. 6(2), 256–261 (2013)
Quick, D., Choo, K.K.R.: Pervasive social networking forensics: intelligence and evidence from mobile device extracts. J. Netw. Comput. Appl. 86, 24–33 (2017)
Refaeilzadeh, P., Tang, L., Liu, H.: Cross-validation. In: Liu, L., Özsu, M.T. (eds.) Encyclopedia of Database Systems, pp. 532–538. Springer, Boston (2009). https://doi.org/10.1007/978-0-387-39940-9_565
Umair, A., Nanda, P., He, X.: Online social network information forensics: a survey on use of various tools and determining how cautious Facebook users are? In: IEEE Trustcom/BigDataSE/ICESS, pp. 1139–1144, August 2017. https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.364
Walnycky, D., Baggili, I., Marrington, A., Moore, J., Breitinger, F.: Network and device forensic analysis of android social-messaging applications. Digit. Invest. 14, S77–S84 (2015). https://doi.org/10.1016/j.diin.2015.05.009. http://www.sciencedirect.com/science/article/pii/S1742287615000547. The Proceedings of the Fifteenth Annual DFRWS Conference
Yang, T.Y., Dehghantanha, A., Choo, K.K.R., Muda, Z.: Windows instant messaging app forensics: Facebook and skype as case studies. PLoS ONE 11(3), 1–29 (2016). https://doi.org/10.1371/journal.pone.0150300
Acknowledgments
The first author is supported by the Australian Government Research Training Program Scholarship.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Umair, A., Nanda, P., He, X., Choo, KK.R. (2018). User Relationship Classification of Facebook Messenger Mobile Data using WEKA. In: Au, M., et al. Network and System Security. NSS 2018. Lecture Notes in Computer Science(), vol 11058. Springer, Cham. https://doi.org/10.1007/978-3-030-02744-5_25
Download citation
DOI: https://doi.org/10.1007/978-3-030-02744-5_25
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02743-8
Online ISBN: 978-3-030-02744-5
eBook Packages: Computer ScienceComputer Science (R0)