Constructing Social Networks From Secondary Storage With Bulk Analysis Tools
Abstract
Intelligence analysts depend on the ability to understand the social networks of suspects and adversaries. We develop a novel method for automatically discovering this information from digital storage media by analyzing byte-offset proximity between digital artifacts on the raw media. We show that this method can be used to group email addresses that indicate real communication between users and those that do not. Furthermore, in the case where addresses do represent communication between users, our analysis indicates that classic measures of centrality are effective for identifying important nodes and close associates, and that further study of modularity classes may be a promising method of partitioning complex components. Finally, in support of the above work, we also created a tagged dataset of graphs for which ground truth was determined by interviews with the owners, and which can be used for future study in this area. Two objectives motivated this thesis, both of which serve the greater goal of making analysts more efficient. The first was to reduce the time digital analysts consume sorting through the results, in order to complete cases in a timely manner. The second was to eliminate data that was not relevant to discovering social networks, in order to achieve the ultimate goal of eventually paving the way for an automated process that identifies social structures.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jun 01, 2016
- Accession Number
- AD1026592
Entities
People
- Janina L. Green
Organizations
- Naval Postgraduate School