The book first explores the cybersecurity's landscape and the inherent susceptibility of online communication system such as e-mail, chat conversation and social media in cybercrimes. Common sources and resources of digital crimes, their causes and effects together with the emerging threats for society are illustrated in this book. This book not only explores the growing needs of cybersecurity and digital forensics but also investigates relevant technologies and methods to meet the said needs. Knowledge discovery, machine learning and data analytics are explored for collecting cyber-intelligence and forensics evidence on cybercrimes.

Online communication documents, which are the main source of cybercrimes are investigated from two perspectives: the crime and the criminal. AI and machine learning methods are applied to detect illegal and criminal activities such as bot distribution, drug trafficking and child pornography. Authorship analysis is applied to identify the potential suspects and their social linguistics characteristics. Deep learning together with frequent pattern mining and link mining techniques are applied to trace the potential collaborators of the identified criminals.

Finally, the aim of the book is not only to investigate the crimes and identify the potential suspects but, as well, to collect solid and precise forensics evidence to prosecute the suspects in the court of law.

Contenu

1CYBERSECURITY AND CYBERCRIME INVESTIGATION1.1CYBERSECURITY1.2KEY COMPONENTS TO MINIMIZING CYBERCRIMES1.3DAMAGE RESULTING FROM CYBERCRIME1.4CYBERCRIMES1.4.1Major Categories of Cybercrime1.4.2Causes of and Motivations for Cybercrime1.5MAJOR CHALLENGES1.5.1Hacker Tools and Exploit Kits1.5.2Universal Access291.5.3Online Anonymity1.5.4Organized Crime301.5.5Nation State Threat Actors311.6CYBERCRIME INVESTIGATION322MACHINE LEARNING FRAMEWORK FOR MESSAGING FORENSICS342.1SOURCES OF CYBERCRIMES362.2FEW ANALYSIS TOOLS AND TECHNIQUES382.3PROPOSED FRAMEWORK FOR CYBERCRIMES INVESTIGATION392.4AUTHORSHIP ANALYSIS412.5INTRODUCTION TO CRIMINAL INFORMATION MINING432.5.1Existing Criminal Information Mining Approaches442.5.2WordNet-based Criminal Information Mining472.6WEKA483HEADER-LEVEL INVESTIGATION AND ANALYZING NETWORK INFORMATION503.1STATISTICAL EVALUATION523.2TEMPORAL ANALYSIS533.3GEOGRAPHICAL LOCALIZATION533.4SOCIAL NETWORK ANALYSIS553.5CLASSIFICATION563.6CLUSTERING584AUTHORSHIP ANALYSIS APPROACHES594.1HISTORICAL PERSPECTIVE594.2ONLINE ANONYMITY AND AUTHORSHIP ANALYSIS604.3STYLOMETRIC FEATURES614.4AUTHORSHIP ANALYSIS METHODS634.4.1Statistical Analysis Methods644.4.2Machine Learning Methods644.4.1Classification Method Fundamentals664.5AUTHORSHIP ATTRIBUTION674.6AUTHORSHIP CHARACTERIZATION694.7AUTHORSHIP VERIFICATION704.8LIMITATIONS OF EXISTING AUTHORSHIP TECHNIQUES725AUTHORSHIP ANALYSIS - WRITEPRINT MINING FOR AUTHORSHIP ATTRIBUTION745.1AUTHORSHIP ATTRIBUTION PROBLEM785.1.1Attribution without Stylistic Variation795.1.2Attribution with Stylistic Variation795.2BUILDING BLOCKS OF THE PROPOSED APPROACH805.3WRITEPRINT875.4PROPOSED APPROACHES875.4.1AuthorMiner1: Attribution without Stylistic Variation885.4.2AuthorMiner2: Attribution with Stylistic Variation926AUTHORSHIP ATTRIBUTION WITH FEW TRAINING SAMPLES976.1PROBLEM STATEMENT AND FUNDAMENTALS1006.2PROPOSED APPROACH1016.2.1Preprocessing1016.2.2Clustering by Stylometric Features1026.2.3Frequent Stylometric Pattern Mining1046.2.4Writeprint Mining1056.2.5Identifying Author1066.3EXPERIMENTS AND DISCUSSION1067AUTHORSHIP CHARACTERIZATION1137.1PROPOSED APPROACH1157.1.1Clustering Anonymous Messages1167.1.2Extracting Writeprints from Sample Messages1167.1.3Identifying Author Characteristics1167.2EXPERIMENTS AND DISCUSSION1178AUTHORSHIP VERIFICATION1208.1PROBLEM STATEMENT1238.2PROPOSED APPROACH1258.2.1Verification by Classification1268.2.2Verification by Regression1268.3EXPERIMENTS AND DISCUSSION1278.3.1Verification by Classification.1288.3.2Verification by Regression1289AUTHORSHIP ATTRIBUTION USING CUSTOMIZED ASSOCIATIVE CLASSIFICATION1319.1PROBLEM STATEMENT1329.1.1Extracting Stylometric Features1329.1.2Associative Classification Writeprint1339.1.3Refined Problem Statement1369.2CLASSIFICATION BY MULTIPLE ASSOCIATION RULE FOR AUTHORSHIP ANALYSIS1379.2.1Mining Class Association Rules1379.2.2Pruning Class Association Rules1399.2.3Authorship Classification1429.3EXPERIMENTAL EVALUATION14510CRIMINAL INFORMATION MINING151<d...