Skip to main content
SpringerLink
Log in

Digital Evidence Composition in Fraud Detection

  • Conference paper
Digital Forensics and Cyber Crime (ICDF2C 2009)

Included in the following conference series:

  • 1858 Accesses

Abstract

In recent times, digital evidence has found its way into several digital devices. The storage capacity in these devices is also growing exponentially. When investigators come across such devices during a digital investigation, it may take several man-hours to completely analyze the contents. To date, there has been little achieved in the zone that attempts to bring together different evidence sources and attempt to correlate the events they record. In this paper, we present an evidence composition model based on the time of occurrence of such events. The time interval between events promises to reveal many key associations across events, especially when on multiple sources. The time interval is then used as a parameter to a correlation function which determines quantitatively the extent of correlation between the events. The approach has been demonstrated on a network capture sequence involving phishing of a bank website. The model is scalable to an arbitrary set of evidence sources and preliminary results indicate that the approach has tremendous potential in determining correlations on vast repositories of case data.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bogen, A.C., Dampier, D.A.: Unifying Computer Forensics Modeling Approaches: Engineering Perspective. In: Proceedings of the First Intl. Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE 2005). IEEE Publication, Los Alamitos (2005)

    Google Scholar 

  2. Carrier, B.D., Spafford, E.H.: Categories of digital investigation analysis techniques based on the computer history model. Digital Investigation. In: The Proceedings of the 6th Annual Digital Forensic Research Workshop (DFRWS 2006), vol. 3(supplement 1), pp. 121–130 (2006)

    Google Scholar 

  3. Case, A., Cristina, A., Marziale, L., Richard, G.G., Roussev, V.: FACE: Automated digital evidence discovery and correlation, Digital Investigation. In: The Proceedings of the Eighth Annual DFRWS Conference, September 2008, vol. 5(Supplement 1), pp. S65–S75 (2008)

    Google Scholar 

  4. Cohen, M.I.: PyFlag - An advanced network forensic framework, Digital Investigation. In: The Proceedings of the Eighth Annual DFRWS Conference, September 2008, vol. 5(Supplement 1), pp. S112–S120 (2008)

    Google Scholar 

  5. Gladyshev, P., Patel, A.: Finite state machine approach to digital event reconstruction. Digital Investigation 1(2), 130–149 (2004)

    Article  Google Scholar 

  6. Hosmer, C.: Digital evidence bag. Communications of the ACM 49(2), 69–70 (2006)

    Article  MathSciNet  Google Scholar 

  7. Jeyaraman, S., Atallah, M.J.: An Empirical Study of Automatic Event Reconstruction Systems, Digital Investigations. In: Proceedings of the 6th Annual Digital Forensic Research Workshop (DRFWS 2006), vol. 3(Supplement 1), pp. S108–S115 (2006)

    Google Scholar 

  8. Raghavan, S., Clark, A.J., Mohay, G.: FIA: An Open Forensic Integration Architecture for Composing Digital Evidence. In: Forensics in Telecommunications, Information and Multimedia. LNCS Series on Social Informatics and Telecommunications Engg., vol. 8, pp. 83–94. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  9. Wang, W., Daniels, T.E.: Network Forensic Analysis with Evidence Graphs. Paper presented at the 5th Annual Digital Forensic Research Workshop, DFRWS 2005 (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Security Institute, Queensland University of Technology, Brisbane, 4001, Australia

    Sriram Raghavan

  2. Network Systems Laboratory, Dept. of Computer Science & Engg., IIT Madras, Chennai, India

    S. V. Raghavan

Authors
  1. Sriram Raghavan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. S. V. Raghavan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. SUNY, School of Business, University of Albany, NY 12222, Albany, USA

    Sanjay Goel

Rights and permissions

Reprints and permissions

Copyright information

© 2010 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Raghavan, S., Raghavan, S.V. (2010). Digital Evidence Composition in Fraud Detection. In: Goel, S. (eds) Digital Forensics and Cyber Crime. ICDF2C 2009. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 31. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-11534-9_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-11534-9_1

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-11533-2

  • Online ISBN: 978-3-642-11534-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation