Abstract
With hundreds of millions of users worldwide, forensic data extraction from social networks has become an important research problem. However, forensic data collection is tightly connected to social network operators, which leads to problems related to data completeness and data compatibility. This paper discusses the important data sources and analytical methods for the forensic analysis of social networks. It shows how the data sources can be evaluated in an automated fashion without assistance from social network operators. While the proposed methods apply to the vast majority of social networks, their feasibility is demonstrated using a Facebook case study.
Chapter PDF
Similar content being viewed by others
References
M. Bastian, S. Heymann and M. Jacomy, Gephi: An open source software for exploring and manipulating networks, Proceedings of the Third AAAI International Conference on Weblogs and Social Media, pp. 361–362, 2009.
D. Beaver, S. Kumar, H. Li, J. Sobel and P. Vajgel, Finding a needle in Haystack: Facebook’s photo storage, Proceedings of the Ninth USENIX Conference on Operating Systems Design and Implementation, 2010.
V. Blondel, J. Guillaume, R. Lambiotte and E. Lefebvre, Fast unfolding of communities in large networks, Journal of Statistical Mechanics: Theory and Experiment, vol. 2008(10), 2008.
J. Bonneau, J. Anderson, R. Anderson and F. Stajano, Eight friends are enough: Social graph approximation via public listings, Proceedings of the Second ACM EuroSys Workshop on Social Network Systems, pp. 13–18, 2009.
E. Butler, Firesheep ( codebutler.com/firesheep ), 2011.
D. Brezinski and T. Killalea, RFC 3227: Guidelines for Evidence Collection and Archiving ( www.faqs.org/rfcs/rfc3227.html ), 2002.
B. Carrier, File System Forensic Analysis, Pearson, Upper Saddle River, New Jersey, 2005.
B. Chen, Apple promises fix for location-gathering “bug” on iPhone, Wired ( www.wired.com/gadgetlab/2011/04/iphone-location-bug ), April 27, 2011.
M. Cohen, PyFlag – An advanced network forensic framework, Digital Investigation, vol. 5(S), pp. S112–S120, 2008.
G. Conti, Security Data Visualization: Graphical Techniques for Network Analysis, No Starch Press, San Francisco, California, 2007.
X. Ding and H. Zou, Time based data forensic and cross-reference analysis, Proceedings of the ACM Symposium on Applied Computing, pp. 185–190, 2011.
Facebook, Facebook Law Enforcement Guidelines, Menlo Park, California ( www.eff.org/sites/default/files/filenode/social_network/Facebook2010_SN_LEG-DOJ.PDF ), 2010.
Facebook, Facebook Statistics, Menlo Park, California ( www.face book.com/press/info.php?statistics ).
Foursquare Labs, foursquare, New York ( foursquare.com ).
M. Huber, M. Mulazzani, M. Leithner, S. Schrittwieser, G. Wondracek and E. Weippl, Social snapshots: Digital forensics for online social networks, Proceedings of the Twenty-Seventh Annual Computer Security Applications Conference, pp. 113–122, 2011.
M. Huber, M. Mulazzani, E. Weippl, G. Kitzler and S. Goluch, Friend-in-the-middle attacks: Exploiting social networking sites for spam, IEEE Internet Computing, vol. 15(3), pp. 28–34, 2011.
S. Morrissey, iOS Forensic Analysis, Apress, New York, 2010.
S. Teelink and R. Erbacher, Improving the computer forensic analysis process through visualization, Communications of the ACM, vol. 49(2), pp. 71–75, 2006.
Trustedsignal – Blog, Facebook Artifact Parser version .02 ( trustedsignal.com/code/fbartiparse.py ), 2011.
P. Warden, iPhone Tracker ( petewarden.github.com/iPhoneTracker ).
S. Wasserman and K. Faust, Social Network Analysis: Methods and Applications, Cambridge University Press, Cambridge, United Kingdom, 1994.
Xplico, Network Forensic Analysis Tool ( www.xplico.org ).
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 IFIP International Federation for Information Processing
About this paper
Cite this paper
Mulazzani, M., Huber, M., Weippl, E. (2012). Data Visualization for Social Network Forensics. In: Peterson, G., Shenoi, S. (eds) Advances in Digital Forensics VIII. DigitalForensics 2012. IFIP Advances in Information and Communication Technology, vol 383. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33962-2_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-33962-2_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33961-5
Online ISBN: 978-3-642-33962-2
eBook Packages: Computer ScienceComputer Science (R0)