User Relationship Classification of Facebook Messenger Mobile Data using WEKA
Mobile devices are a wealth of information about its user and their digital and physical activities (e.g. online browsing and physical location). Therefore, in any crime investigation artifacts obtained from a mobile device can be extremely crucial. However, the variety of mobile platforms, applications (apps) and the significant size of data compound existing challenges in forensic investigations. In this paper, we explore the potential of machine learning in mobile forensics, and specifically in the context of Facebook messenger artifact acquisition and analysis. Using Quick and Choo (2017)’s Digital Forensic Intelligence Analysis Cycle (DFIAC) as the guiding framework, we demonstrate how one can acquire Facebook messenger app artifacts from an Android device and an iOS device (the latter is, using existing forensic tools. Based on the acquired evidence, we create 199 data-instances to train WEKA classifiers (i.e. ZeroR, J48 and Random tree) with the aim of classifying the device owner’s contacts and determine their mutual relationship strength.
KeywordsMobile forensics Social network information forensics Weka
The first author is supported by the Australian Government Research Training Program Scholarship.
- 7.Dezfouli, F.N., Dehghantanha, A., Eterovic-Soric, B., Choo, K.K.R.: Investigating social networking applications on smartphones detecting Facebook, Twitter, LinkedIn and Google+ artefacts on android and iOS platforms. Aust. J. Forensic Sci. 48(4), 469–488 (2016). https://doi.org/10.1080/00450618.2015.1066854CrossRefGoogle Scholar
- 8.Lee, K., Palsetia, D., Narayanan, R., Patwary, M.M.A., Agrawal, A., Choudhary, A.: Twitter trending topic classification. In: IEEE 11th International Conference on Data Mining Workshops, pp. 251–258, December 2011. https://doi.org/10.1109/ICDMW.2011.171
- 9.Marturana, F., Me, G., Berte, R., Tacconi, S.: A quantitative approach to triaging in mobile forensics. In: IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications, pp. 582–588, November 2011. https://doi.org/10.1109/TrustCom.2011.75
- 10.Patil, T.R., Sherekar, S.: Performance analysis of Naive Bayes and J48 classification algorithm for data classification. Int. J. Comput. Sci. Appl. 6(2), 256–261 (2013)Google Scholar
- 13.Umair, A., Nanda, P., He, X.: Online social network information forensics: a survey on use of various tools and determining how cautious Facebook users are? In: IEEE Trustcom/BigDataSE/ICESS, pp. 1139–1144, August 2017. https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.364
- 14.Walnycky, D., Baggili, I., Marrington, A., Moore, J., Breitinger, F.: Network and device forensic analysis of android social-messaging applications. Digit. Invest. 14, S77–S84 (2015). https://doi.org/10.1016/j.diin.2015.05.009. http://www.sciencedirect.com/science/article/pii/S1742287615000547. The Proceedings of the Fifteenth Annual DFRWS ConferenceCrossRefGoogle Scholar