TY - GEN
T1 - User relationship classification of facebook messenger mobile data using WEKA
AU - Umair, Amber
AU - Nanda, Priyadarsi
AU - He, Xiangjian
AU - Choo, Kim Kwang Raymond
N1 - Publisher Copyright:
© Springer Nature Switzerland AG 2018.
PY - 2018
Y1 - 2018
N2 - Mobile devices are a wealth of information about its user and their digital and physical activities (e.g. online browsing and physical location). Therefore, in any crime investigation artifacts obtained from a mobile device can be extremely crucial. However, the variety of mobile platforms, applications (apps) and the significant size of data compound existing challenges in forensic investigations. In this paper, we explore the potential of machine learning in mobile forensics, and specifically in the context of Facebook messenger artifact acquisition and analysis. Using Quick and Choo (2017)’s Digital Forensic Intelligence Analysis Cycle (DFIAC) as the guiding framework, we demonstrate how one can acquire Facebook messenger app artifacts from an Android device and an iOS device (the latter is, using existing forensic tools. Based on the acquired evidence, we create 199 data-instances to train WEKA classifiers (i.e. ZeroR, J48 and Random tree) with the aim of classifying the device owner’s contacts and determine their mutual relationship strength.
AB - Mobile devices are a wealth of information about its user and their digital and physical activities (e.g. online browsing and physical location). Therefore, in any crime investigation artifacts obtained from a mobile device can be extremely crucial. However, the variety of mobile platforms, applications (apps) and the significant size of data compound existing challenges in forensic investigations. In this paper, we explore the potential of machine learning in mobile forensics, and specifically in the context of Facebook messenger artifact acquisition and analysis. Using Quick and Choo (2017)’s Digital Forensic Intelligence Analysis Cycle (DFIAC) as the guiding framework, we demonstrate how one can acquire Facebook messenger app artifacts from an Android device and an iOS device (the latter is, using existing forensic tools. Based on the acquired evidence, we create 199 data-instances to train WEKA classifiers (i.e. ZeroR, J48 and Random tree) with the aim of classifying the device owner’s contacts and determine their mutual relationship strength.
KW - Mobile forensics
KW - Social network information forensics
KW - Weka
UR - http://www.scopus.com/inward/record.url?scp=85059035204&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-02744-5_25
DO - 10.1007/978-3-030-02744-5_25
M3 - Conference contribution
AN - SCOPUS:85059035204
SN - 9783030027438
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 337
EP - 348
BT - Network and System Security - 12th International Conference, NSS 2018, Proceedings
A2 - Au, Man Ho
A2 - Luo, Xiapu
A2 - Li, Jin
A2 - Kluczniak, Kamil
A2 - Yiu, Siu Ming
A2 - Wang, Cong
A2 - Castiglione, Aniello
PB - Springer Verlag
T2 - 12th International Conference on Network and System Security, NSS 2018
Y2 - 27 August 2018 through 29 August 2018
ER -