SlideShare uma empresa Scribd logo

Criminal network investigation: Processes, tools, and techniques

Rasmus Petersen
Rasmus Petersen

Presentation given at my PhD defense December 13 2012

TecnologiaEducação
1 de 34
CRIMINAL NETWORK INVEST IGAT ION: PROCESSES, TOOLS, AND TECHNIQUES Ph.D. defense by Rasmus Rosenqvist PetersenDecem ber 13th
Outline  Evaluation  Conclus ions and future work  Introduction  Method  Crim inal network inves tigation  T heory and technology (brief, prom is e)  Problem definition (a clos er look)  Proces s model and tasks  Crim eF ighter Inves tigator concepts  Analys is and support of tas ks  Work flow support: node rem oval INTRODUCTION THE DOMAIN THE TOOL EVALUATION & CONCLUSION
Introduction Debunking a myth WHO DID IT?
Introduction B ut what is it about, then? Criminal Network Investigation  network dom ain  not crim inal: sus pects , relatives , random people  inform ation  as s ociations  proces s  inves tigation dom ain Organized crime Terrorism National security WMDs Fraud Extremism Right Left Homicide
Introduction Challenges and res earch focus Inform ationInvestigator centric Institution or environment centric Quantitative External Qualitative Internal Proces s Hum an factors Tacit knowledge Context Politics & legal framework Managem ent A software system addressing information, process, and human factors challenges would be a useful tool for assisting criminal network investigators in their work. Research hypothesis
Method B ardram ’s F is h Model Write the thes is Wrapping up! I started here I wanted to go here DONE! (really, this is where I wanted to go) Vis it to Imperial College and Univers ity of Hof, Tool developm ent Write papers , book chapter, journal paper Prototyping, tool tes ting Literature studies , conferences , cours es ,
Developm ent method P roof-of-concept prototyping
Crim inal network inves tigation Organizational crim inal network s tructures Hierarchy Cellular Flat
Crim inal network inves tigation Sub-s tructures in crim inal networks Clique Bridge Hub Crim inal network
Crim inal network inves tigation Linear proces s m odels
Crim inal network inves tigation Linear proces s exam ple
Crim inal network inves tigation Target-centric proces s m odels
Crim inal network inves tigation Exam ple: Daniel P earl inves tigation
Crim inal network inves tigation cas e: Daniel P earl inves tigation Screens hots from the movie ’A Mighty Heart’ Target AttributesEntities Relations
T heory and technology P illars
T heory and technology Hypertext I  Organizing and making sense of information has been the main focus of hypertext research from its very beginning.  Structure dom ains :  Ass ociative structures  Spatial structures  Taxonom ic structures  Iss ue-bas ed structures  Annotation and meta data structures
T heory and technology Hypertext II Associative structures Spatial structures
Problem definition Inform ation  Problem s :  Inform ation amount  inform ation incom pletenes s  inform ation com plexity “We typically have much less data, or not so many attributes, as it was the case in the investigation you presented” British Home Office analyst (2011)  Res earch focus requirem ents :  Information #1: em erging and fragile structure  Information #2: integrating inform ation sources  Information #3: awarenes s and notification  Information #4: vers ioning support
Problem definition P roces s  Problem s :  Increm ental deterioration  res pons ibility  overlapping proces s es  inform ation sharing  Res earch focus requirem ents :  Process #1: target-centric and iterative  Process #2: los s les s data abs tractions  Process #3: make everybody stakeholders  Process #4: integrate conceptual and com putational models “With a better working methodology and a wider focus, the Norwegian police security service (PST) could have tracked down the offender prior to July 22.” 22nd July Commission Report (2012)
Problem definition Hum an factors  Problem s :  Hum an cognition and creativity,  making hum ans more capable,  habitual and biased thinking,  trus t  Res earch focus requirem ents :  Human factors #1: augm ent hum an intellect  Human factors #2: trans parency and owners hip  Human factors #3: sim ple tools eas e-of-us e  Human factors #4: hum an-tool synergy The human mind … operates by association. With one item in its grasp, it snaps instantly to the next that is suggested by the association of thoughts. Vannevar Bush (1945)
P roces s m odel Target-centric, hum an-centered TARGET processing collection disseminationacquisition sense-making cooperation sense-making synthesis cooperation flowinformation flow investigative process shared investigative process Toolsupport synthesis customer investigatorinvestigator collector process influence
Tas ks  Acquis ition:  Acuis ition methods , dynam ic attributes , and attribute mapping.  Synthes is :  CRUD entities , CRUD ass ociations , re-s tructuring, grouping, collaps ing and expanding, brains torm ing, inform ation types , em erging attributes .  Sens e-m aking:  Retracing the steps , creating hypothes es , adaptive modeling, prediction, alias detection, exploring pres pectives , decis ion- making, social network analys is , terroris t network analys is .  Diss em ination:  Storytelling, report generation.  Co-operation:  Shared inform ation space, discover em ergent collaboration, shared work flows .
Crim eF ighter Inves tigator Concepts
Acquis ition tas ks Dynam ic attributes and attribute mapping
Synthes is tas ks Create entities and as s ociations
Sens e-m aking tas ks Create hypothes es and prediction
Tes ting the hypothes is Work flow s upport: ’what-if’ ques tions Novem ber 17, partially obs erved network Asking what-if ques tions
Tes ting the hypothes is Work flow s upport: node rem oval
Evaluation Methods and requirem ents coverage  T hree methods :  Capability com paris ons (m odels and tas ks )  End us er interviews  Meas ures of perform ance  Good coverage!
Evalution Capability com paris on of tas ks
Evaluation Sum m ary
Conclus ion Res earch focus requirem ents and hypothes is  Res earch focus requirem ents  Support of the hypothes is A software system addressing information, process, and human factors challenges would be a useful tool for assisting criminal network investigators in their work.
Conclus ion Contributions  Challenges  Proces s model  Tas k lis t  Tool support  Novel approach to tool support  Com ponents for tool support  Publications
F uture work Tool developm ent and evaluation  Tool developm ent Branched his tory Vis ualization and filtering Cus tom algorithm s (s ave work flows , dedicated editor) Prediction (im prove mops )  Tool evaluation Us ability experim ents Capability com paris ons

Recomendados

Auto Mapping Texts for Human-Machine Analysis and Sensemaking
Auto Mapping Texts for Human-Machine Analysis and SensemakingAuto Mapping Texts for Human-Machine Analysis and Sensemaking
Auto Mapping Texts for Human-Machine Analysis and SensemakingShalin Hai-Jew
 
Survey & Review of Digital Forensic
Survey & Review of Digital ForensicSurvey & Review of Digital Forensic
Survey & Review of Digital ForensicAung Thu Rha Hein
 
6528 opensource intelligence as the new introduction in the graduate cybersec...
6528 opensource intelligence as the new introduction in the graduate cybersec...6528 opensource intelligence as the new introduction in the graduate cybersec...
6528 opensource intelligence as the new introduction in the graduate cybersec...Damir Delija
 
Why i hate digital forensics - draft
Why i hate digital forensics - draftWhy i hate digital forensics - draft
Why i hate digital forensics - draftDamir Delija
 
Podobnostní hledání v netextových datech (Pavel Zezula)
Podobnostní hledání v netextových datech (Pavel Zezula)Podobnostní hledání v netextových datech (Pavel Zezula)
Podobnostní hledání v netextových datech (Pavel Zezula)Národní technická knihovna (NTK)
 
DATAIA & TransAlgo
DATAIA & TransAlgoDATAIA & TransAlgo
DATAIA & TransAlgoNozha Boujemaa
 
Semi-automated metadata extraction in the long-term
Semi-automated metadata extraction in the long-termSemi-automated metadata extraction in the long-term
Semi-automated metadata extraction in the long-termPERICLES_FP7
 
Module 3 - Improving Current Business with External Data- Online
Module 3 - Improving Current Business with External Data- Online Module 3 - Improving Current Business with External Data- Online
Module 3 - Improving Current Business with External Data- Online caniceconsulting
 

Recomendados

Auto Mapping Texts for Human-Machine Analysis and Sensemaking
Auto Mapping Texts for Human-Machine Analysis and SensemakingAuto Mapping Texts for Human-Machine Analysis and Sensemaking
Auto Mapping Texts for Human-Machine Analysis and SensemakingShalin Hai-Jew
 
Survey & Review of Digital Forensic
Survey & Review of Digital ForensicSurvey & Review of Digital Forensic
Survey & Review of Digital ForensicAung Thu Rha Hein
 
6528 opensource intelligence as the new introduction in the graduate cybersec...
6528 opensource intelligence as the new introduction in the graduate cybersec...6528 opensource intelligence as the new introduction in the graduate cybersec...
6528 opensource intelligence as the new introduction in the graduate cybersec...Damir Delija
 
Why i hate digital forensics - draft
Why i hate digital forensics - draftWhy i hate digital forensics - draft
Why i hate digital forensics - draftDamir Delija
 
Podobnostní hledání v netextových datech (Pavel Zezula)
Podobnostní hledání v netextových datech (Pavel Zezula)Podobnostní hledání v netextových datech (Pavel Zezula)
Podobnostní hledání v netextových datech (Pavel Zezula)Národní technická knihovna (NTK)
 
DATAIA & TransAlgo
DATAIA & TransAlgoDATAIA & TransAlgo
DATAIA & TransAlgoNozha Boujemaa
 
Semi-automated metadata extraction in the long-term
Semi-automated metadata extraction in the long-termSemi-automated metadata extraction in the long-term
Semi-automated metadata extraction in the long-termPERICLES_FP7
 
Module 3 - Improving Current Business with External Data- Online
Module 3 - Improving Current Business with External Data- Online Module 3 - Improving Current Business with External Data- Online
Module 3 - Improving Current Business with External Data- Online caniceconsulting
 
Soft computing from net
Soft computing from netSoft computing from net
Soft computing from netEasyMedico.com
 
Fueling the future with Semantic Web patterns - Keynote at WOP2014@ISWC
Fueling the future with Semantic Web patterns - Keynote at WOP2014@ISWCFueling the future with Semantic Web patterns - Keynote at WOP2014@ISWC
Fueling the future with Semantic Web patterns - Keynote at WOP2014@ISWCValentina Presutti
 
Excerpt from a letter of recommendation by Dr
Excerpt from a letter of recommendation by DrExcerpt from a letter of recommendation by Dr
Excerpt from a letter of recommendation by DrJohn Harvey
 
scklinkedin-v1
scklinkedin-v1scklinkedin-v1
scklinkedin-v1Sing Koo
 
Modeling Causal Reasoning in Complex Networks through NLP: an Introduction
Modeling Causal Reasoning in Complex Networks through NLP: an IntroductionModeling Causal Reasoning in Complex Networks through NLP: an Introduction
Modeling Causal Reasoning in Complex Networks through NLP: an IntroductionLuca Nannini
 
Big Data Social Network Analysis
Big Data Social Network AnalysisBig Data Social Network Analysis
Big Data Social Network AnalysisChamin Nalinda Loku Gam Hewage
 
Cover Letter and Resume
Cover Letter and ResumeCover Letter and Resume
Cover Letter and ResumeZhaolun Wang
 
Visualizing the neo4j graph database with key lines
Visualizing the neo4j graph database with key linesVisualizing the neo4j graph database with key lines
Visualizing the neo4j graph database with key linesCambridge Intelligence
 
Talk london quantified self (~sept 2014)
Talk london quantified self (~sept 2014)Talk london quantified self (~sept 2014)
Talk london quantified self (~sept 2014)Rasmus Petersen
 
Talk London Quantified Self meetup (~sept 2013)
Talk London Quantified Self meetup (~sept 2013)Talk London Quantified Self meetup (~sept 2013)
Talk London Quantified Self meetup (~sept 2013)Rasmus Petersen
 
Quantified Self and Behaviour Change: are we there yet?
Quantified Self and Behaviour Change: are we there yet?Quantified Self and Behaviour Change: are we there yet?
Quantified Self and Behaviour Change: are we there yet?Lukasz Piwek
 
SOA guest lecture at DIKU by Dr. Rasmus Petersen (Dec 17 2015)
SOA guest lecture at DIKU by Dr. Rasmus Petersen (Dec 17 2015)SOA guest lecture at DIKU by Dr. Rasmus Petersen (Dec 17 2015)
SOA guest lecture at DIKU by Dr. Rasmus Petersen (Dec 17 2015)Rasmus Petersen
 
Project management strategies at Netcompany - Guest lecture (May 13 2016)
Project management strategies at Netcompany - Guest lecture (May 13 2016)Project management strategies at Netcompany - Guest lecture (May 13 2016)
Project management strategies at Netcompany - Guest lecture (May 13 2016)Rasmus Petersen
 
Behavioral Analytics for Financial Intelligence
Behavioral Analytics for Financial IntelligenceBehavioral Analytics for Financial Intelligence
Behavioral Analytics for Financial IntelligenceJohn Liu
 
SAS for Claims Fraud
SAS for Claims FraudSAS for Claims Fraud
SAS for Claims Fraudstuartdrose
 
SAS Fraud Framework for Insurance
SAS Fraud Framework for InsuranceSAS Fraud Framework for Insurance
SAS Fraud Framework for Insurancestuartdrose
 
Fraud Management Solutions
Fraud Management SolutionsFraud Management Solutions
Fraud Management SolutionsSAS Institute India Pvt. Ltd
 
Fraud Detection presentation
Fraud Detection presentationFraud Detection presentation
Fraud Detection presentationHernan Huwyler
 
Transparency in ML and AI (humble views from a concerned academic)
Transparency in ML and AI (humble views from a concerned academic)Transparency in ML and AI (humble views from a concerned academic)
Transparency in ML and AI (humble views from a concerned academic)Paolo Missier
 
Dr. Da-Yu Kao - The Investigation, Forensics, and Governance of ATM Heist Thr...
Dr. Da-Yu Kao - The Investigation, Forensics, and Governance of ATM Heist Thr...Dr. Da-Yu Kao - The Investigation, Forensics, and Governance of ATM Heist Thr...
Dr. Da-Yu Kao - The Investigation, Forensics, and Governance of ATM Heist Thr...REVULN
 
Digital Reasoning at AirSummit 2014
Digital Reasoning at AirSummit 2014Digital Reasoning at AirSummit 2014
Digital Reasoning at AirSummit 2014Marten den Haring
 
Digital forensics research: The next 10 years
Digital forensics research: The next 10 yearsDigital forensics research: The next 10 years
Digital forensics research: The next 10 yearsMehedi Hasan
 

Mais conteúdo relacionado

Mais procurados

Soft computing from net
Soft computing from netSoft computing from net
Soft computing from netEasyMedico.com
 
Fueling the future with Semantic Web patterns - Keynote at WOP2014@ISWC
Fueling the future with Semantic Web patterns - Keynote at WOP2014@ISWCFueling the future with Semantic Web patterns - Keynote at WOP2014@ISWC
Fueling the future with Semantic Web patterns - Keynote at WOP2014@ISWCValentina Presutti
 
Excerpt from a letter of recommendation by Dr
Excerpt from a letter of recommendation by DrExcerpt from a letter of recommendation by Dr
Excerpt from a letter of recommendation by DrJohn Harvey
 
scklinkedin-v1
scklinkedin-v1scklinkedin-v1
scklinkedin-v1Sing Koo
 
Modeling Causal Reasoning in Complex Networks through NLP: an Introduction
Modeling Causal Reasoning in Complex Networks through NLP: an IntroductionModeling Causal Reasoning in Complex Networks through NLP: an Introduction
Modeling Causal Reasoning in Complex Networks through NLP: an IntroductionLuca Nannini
 
Cover Letter and Resume
Cover Letter and ResumeCover Letter and Resume
Cover Letter and ResumeZhaolun Wang
 

Mais procurados (7)

Soft computing from net
Soft computing from netSoft computing from net
Soft computing from net
 
Fueling the future with Semantic Web patterns - Keynote at WOP2014@ISWC
Fueling the future with Semantic Web patterns - Keynote at WOP2014@ISWCFueling the future with Semantic Web patterns - Keynote at WOP2014@ISWC
Fueling the future with Semantic Web patterns - Keynote at WOP2014@ISWC
 
Excerpt from a letter of recommendation by Dr
Excerpt from a letter of recommendation by DrExcerpt from a letter of recommendation by Dr
Excerpt from a letter of recommendation by Dr
 
scklinkedin-v1
scklinkedin-v1scklinkedin-v1
scklinkedin-v1
 
Modeling Causal Reasoning in Complex Networks through NLP: an Introduction
Modeling Causal Reasoning in Complex Networks through NLP: an IntroductionModeling Causal Reasoning in Complex Networks through NLP: an Introduction
Modeling Causal Reasoning in Complex Networks through NLP: an Introduction
 
Big Data Social Network Analysis
Big Data Social Network AnalysisBig Data Social Network Analysis
Big Data Social Network Analysis
 
Cover Letter and Resume
Cover Letter and ResumeCover Letter and Resume
Cover Letter and Resume
 

Destaque

Visualizing the neo4j graph database with key lines
Visualizing the neo4j graph database with key linesVisualizing the neo4j graph database with key lines
Visualizing the neo4j graph database with key linesCambridge Intelligence
 
Talk london quantified self (~sept 2014)
Talk london quantified self (~sept 2014)Talk london quantified self (~sept 2014)
Talk london quantified self (~sept 2014)Rasmus Petersen
 
Talk London Quantified Self meetup (~sept 2013)
Talk London Quantified Self meetup (~sept 2013)Talk London Quantified Self meetup (~sept 2013)
Talk London Quantified Self meetup (~sept 2013)Rasmus Petersen
 
Quantified Self and Behaviour Change: are we there yet?
Quantified Self and Behaviour Change: are we there yet?Quantified Self and Behaviour Change: are we there yet?
Quantified Self and Behaviour Change: are we there yet?Lukasz Piwek
 
SOA guest lecture at DIKU by Dr. Rasmus Petersen (Dec 17 2015)
SOA guest lecture at DIKU by Dr. Rasmus Petersen (Dec 17 2015)SOA guest lecture at DIKU by Dr. Rasmus Petersen (Dec 17 2015)
SOA guest lecture at DIKU by Dr. Rasmus Petersen (Dec 17 2015)Rasmus Petersen
 
Project management strategies at Netcompany - Guest lecture (May 13 2016)
Project management strategies at Netcompany - Guest lecture (May 13 2016)Project management strategies at Netcompany - Guest lecture (May 13 2016)
Project management strategies at Netcompany - Guest lecture (May 13 2016)Rasmus Petersen
 
Behavioral Analytics for Financial Intelligence
Behavioral Analytics for Financial IntelligenceBehavioral Analytics for Financial Intelligence
Behavioral Analytics for Financial IntelligenceJohn Liu
 
SAS for Claims Fraud
SAS for Claims FraudSAS for Claims Fraud
SAS for Claims Fraudstuartdrose
 
SAS Fraud Framework for Insurance
SAS Fraud Framework for InsuranceSAS Fraud Framework for Insurance
SAS Fraud Framework for Insurancestuartdrose
 
Fraud Detection presentation
Fraud Detection presentationFraud Detection presentation
Fraud Detection presentationHernan Huwyler
 

Destaque (11)

Visualizing the neo4j graph database with key lines
Visualizing the neo4j graph database with key linesVisualizing the neo4j graph database with key lines
Visualizing the neo4j graph database with key lines
 
Talk london quantified self (~sept 2014)
Talk london quantified self (~sept 2014)Talk london quantified self (~sept 2014)
Talk london quantified self (~sept 2014)
 
Talk London Quantified Self meetup (~sept 2013)
Talk London Quantified Self meetup (~sept 2013)Talk London Quantified Self meetup (~sept 2013)
Talk London Quantified Self meetup (~sept 2013)
 
Quantified Self and Behaviour Change: are we there yet?
Quantified Self and Behaviour Change: are we there yet?Quantified Self and Behaviour Change: are we there yet?
Quantified Self and Behaviour Change: are we there yet?
 
SOA guest lecture at DIKU by Dr. Rasmus Petersen (Dec 17 2015)
SOA guest lecture at DIKU by Dr. Rasmus Petersen (Dec 17 2015)SOA guest lecture at DIKU by Dr. Rasmus Petersen (Dec 17 2015)
SOA guest lecture at DIKU by Dr. Rasmus Petersen (Dec 17 2015)
 
Project management strategies at Netcompany - Guest lecture (May 13 2016)
Project management strategies at Netcompany - Guest lecture (May 13 2016)Project management strategies at Netcompany - Guest lecture (May 13 2016)
Project management strategies at Netcompany - Guest lecture (May 13 2016)
 
Behavioral Analytics for Financial Intelligence
Behavioral Analytics for Financial IntelligenceBehavioral Analytics for Financial Intelligence
Behavioral Analytics for Financial Intelligence
 
SAS for Claims Fraud
SAS for Claims FraudSAS for Claims Fraud
SAS for Claims Fraud
 
SAS Fraud Framework for Insurance
SAS Fraud Framework for InsuranceSAS Fraud Framework for Insurance
SAS Fraud Framework for Insurance
 
Fraud Management Solutions
Fraud Management SolutionsFraud Management Solutions
Fraud Management Solutions
 
Fraud Detection presentation
Fraud Detection presentationFraud Detection presentation
Fraud Detection presentation
 

Semelhante a Criminal network investigation: Processes, tools, and techniques

Transparency in ML and AI (humble views from a concerned academic)
Transparency in ML and AI (humble views from a concerned academic)Transparency in ML and AI (humble views from a concerned academic)
Transparency in ML and AI (humble views from a concerned academic)Paolo Missier
 
Dr. Da-Yu Kao - The Investigation, Forensics, and Governance of ATM Heist Thr...
Dr. Da-Yu Kao - The Investigation, Forensics, and Governance of ATM Heist Thr...Dr. Da-Yu Kao - The Investigation, Forensics, and Governance of ATM Heist Thr...
Dr. Da-Yu Kao - The Investigation, Forensics, and Governance of ATM Heist Thr...REVULN
 
Digital Reasoning at AirSummit 2014
Digital Reasoning at AirSummit 2014Digital Reasoning at AirSummit 2014
Digital Reasoning at AirSummit 2014Marten den Haring
 
Digital forensics research: The next 10 years
Digital forensics research: The next 10 yearsDigital forensics research: The next 10 years
Digital forensics research: The next 10 yearsMehedi Hasan
 
CRIME-INVEST-PPP.pptx
CRIME-INVEST-PPP.pptxCRIME-INVEST-PPP.pptx
CRIME-INVEST-PPP.pptxoluobes
 
Crime Analysis using Data Analysis
Crime Analysis using Data AnalysisCrime Analysis using Data Analysis
Crime Analysis using Data AnalysisChetan Hireholi
 
Text Analytics: From Colored Pens and Crumbly Papers to Custom Machine Classi...
Text Analytics: From Colored Pens and Crumbly Papers to Custom Machine Classi...Text Analytics: From Colored Pens and Crumbly Papers to Custom Machine Classi...
Text Analytics: From Colored Pens and Crumbly Papers to Custom Machine Classi...Stuart Shulman
 
Digital Forensics: The next 10 years
Digital Forensics: The next 10 yearsDigital Forensics: The next 10 years
Digital Forensics: The next 10 yearsAl Imran, CISA
 
Forensics for IT, final attempt
Forensics for IT, final attemptForensics for IT, final attempt
Forensics for IT, final attemptj9lai
 
Forensics for IT - ACC 626
Forensics for IT - ACC 626Forensics for IT - ACC 626
Forensics for IT - ACC 626j9lai
 
Acc 626 slidecast - Forensics for IT
Acc 626 slidecast - Forensics for ITAcc 626 slidecast - Forensics for IT
Acc 626 slidecast - Forensics for ITj9lai
 
Acc 626 slidecast
Acc 626 slidecastAcc 626 slidecast
Acc 626 slidecastj9lai
 
ACC 626 - Forensics for IT
ACC 626 - Forensics for ITACC 626 - Forensics for IT
ACC 626 - Forensics for ITj9lai
 
ACC 626 - Forensics for IT
ACC 626 - Forensics for ITACC 626 - Forensics for IT
ACC 626 - Forensics for ITj9lai
 
Acc 626 slidecast - Forensics for IT
Acc 626 slidecast - Forensics for ITAcc 626 slidecast - Forensics for IT
Acc 626 slidecast - Forensics for ITj9lai
 
Acc 626 slidecast
Acc 626 slidecastAcc 626 slidecast
Acc 626 slidecastj9lai
 
Graphs in Government
Graphs in GovernmentGraphs in Government
Graphs in GovernmentNeo4j
 
Human Trafficking-A Perspective from Computer Science and Organizational Lead...
Human Trafficking-A Perspective from Computer Science and Organizational Lead...Human Trafficking-A Perspective from Computer Science and Organizational Lead...
Human Trafficking-A Perspective from Computer Science and Organizational Lead...Turner Sparks
 
Frontiers of Computational Journalism week 8 - Visualization and Network Anal...
Frontiers of Computational Journalism week 8 - Visualization and Network Anal...Frontiers of Computational Journalism week 8 - Visualization and Network Anal...
Frontiers of Computational Journalism week 8 - Visualization and Network Anal...Jonathan Stray
 
Data fluency for the 21st century
Data fluency for the 21st centuryData fluency for the 21st century
Data fluency for the 21st centuryMartinFrigaard
 

Semelhante a Criminal network investigation: Processes, tools, and techniques (20)

Transparency in ML and AI (humble views from a concerned academic)
Transparency in ML and AI (humble views from a concerned academic)Transparency in ML and AI (humble views from a concerned academic)
Transparency in ML and AI (humble views from a concerned academic)
 
Dr. Da-Yu Kao - The Investigation, Forensics, and Governance of ATM Heist Thr...
Dr. Da-Yu Kao - The Investigation, Forensics, and Governance of ATM Heist Thr...Dr. Da-Yu Kao - The Investigation, Forensics, and Governance of ATM Heist Thr...
Dr. Da-Yu Kao - The Investigation, Forensics, and Governance of ATM Heist Thr...
 
Digital Reasoning at AirSummit 2014
Digital Reasoning at AirSummit 2014Digital Reasoning at AirSummit 2014
Digital Reasoning at AirSummit 2014
 
Digital forensics research: The next 10 years
Digital forensics research: The next 10 yearsDigital forensics research: The next 10 years
Digital forensics research: The next 10 years
 
CRIME-INVEST-PPP.pptx
CRIME-INVEST-PPP.pptxCRIME-INVEST-PPP.pptx
CRIME-INVEST-PPP.pptx
 
Crime Analysis using Data Analysis
Crime Analysis using Data AnalysisCrime Analysis using Data Analysis
Crime Analysis using Data Analysis
 
Text Analytics: From Colored Pens and Crumbly Papers to Custom Machine Classi...
Text Analytics: From Colored Pens and Crumbly Papers to Custom Machine Classi...Text Analytics: From Colored Pens and Crumbly Papers to Custom Machine Classi...
Text Analytics: From Colored Pens and Crumbly Papers to Custom Machine Classi...
 
Digital Forensics: The next 10 years
Digital Forensics: The next 10 yearsDigital Forensics: The next 10 years
Digital Forensics: The next 10 years
 
Forensics for IT, final attempt
Forensics for IT, final attemptForensics for IT, final attempt
Forensics for IT, final attempt
 
Forensics for IT - ACC 626
Forensics for IT - ACC 626Forensics for IT - ACC 626
Forensics for IT - ACC 626
 
Acc 626 slidecast - Forensics for IT
Acc 626 slidecast - Forensics for ITAcc 626 slidecast - Forensics for IT
Acc 626 slidecast - Forensics for IT
 
Acc 626 slidecast
Acc 626 slidecastAcc 626 slidecast
Acc 626 slidecast
 
ACC 626 - Forensics for IT
ACC 626 - Forensics for ITACC 626 - Forensics for IT
ACC 626 - Forensics for IT
 
ACC 626 - Forensics for IT
ACC 626 - Forensics for ITACC 626 - Forensics for IT
ACC 626 - Forensics for IT
 
Acc 626 slidecast - Forensics for IT
Acc 626 slidecast - Forensics for ITAcc 626 slidecast - Forensics for IT
Acc 626 slidecast - Forensics for IT
 
Acc 626 slidecast
Acc 626 slidecastAcc 626 slidecast
Acc 626 slidecast
 
Graphs in Government
Graphs in GovernmentGraphs in Government
Graphs in Government
 
Human Trafficking-A Perspective from Computer Science and Organizational Lead...
Human Trafficking-A Perspective from Computer Science and Organizational Lead...Human Trafficking-A Perspective from Computer Science and Organizational Lead...
Human Trafficking-A Perspective from Computer Science and Organizational Lead...
 
Frontiers of Computational Journalism week 8 - Visualization and Network Anal...
Frontiers of Computational Journalism week 8 - Visualization and Network Anal...Frontiers of Computational Journalism week 8 - Visualization and Network Anal...
Frontiers of Computational Journalism week 8 - Visualization and Network Anal...
 
Data fluency for the 21st century
Data fluency for the 21st centuryData fluency for the 21st century
Data fluency for the 21st century
 

Último

Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 

Último (20)

Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 

Criminal network investigation: Processes, tools, and techniques

  • 1. CRIMINAL NETWORK INVEST IGAT ION: PROCESSES, TOOLS, AND TECHNIQUES Ph.D. defense by Rasmus Rosenqvist PetersenDecem ber 13th
  • 2. Outline  Evaluation  Conclus ions and future work  Introduction  Method  Crim inal network inves tigation  T heory and technology (brief, prom is e)  Problem definition (a clos er look)  Proces s model and tasks  Crim eF ighter Inves tigator concepts  Analys is and support of tas ks  Work flow support: node rem oval INTRODUCTION THE DOMAIN THE TOOL EVALUATION & CONCLUSION
  • 4. Introduction B ut what is it about, then? Criminal Network Investigation  network dom ain  not crim inal: sus pects , relatives , random people  inform ation  as s ociations  proces s  inves tigation dom ain Organized crime Terrorism National security WMDs Fraud Extremism Right Left Homicide
  • 5. Introduction Challenges and res earch focus Inform ationInvestigator centric Institution or environment centric Quantitative External Qualitative Internal Proces s Hum an factors Tacit knowledge Context Politics & legal framework Managem ent A software system addressing information, process, and human factors challenges would be a useful tool for assisting criminal network investigators in their work. Research hypothesis
  • 6. Method B ardram ’s F is h Model Write the thes is Wrapping up! I started here I wanted to go here DONE! (really, this is where I wanted to go) Vis it to Imperial College and Univers ity of Hof, Tool developm ent Write papers , book chapter, journal paper Prototyping, tool tes ting Literature studies , conferences , cours es ,
  • 7. Developm ent method P roof-of-concept prototyping
  • 8. Crim inal network inves tigation Organizational crim inal network s tructures Hierarchy Cellular Flat
  • 9. Crim inal network inves tigation Sub-s tructures in crim inal networks Clique Bridge Hub Crim inal network
  • 10. Crim inal network inves tigation Linear proces s m odels
  • 11. Crim inal network inves tigation Linear proces s exam ple
  • 12. Crim inal network inves tigation Target-centric proces s m odels
  • 13. Crim inal network inves tigation Exam ple: Daniel P earl inves tigation
  • 14. Crim inal network inves tigation cas e: Daniel P earl inves tigation Screens hots from the movie ’A Mighty Heart’ Target AttributesEntities Relations
  • 15. T heory and technology P illars
  • 16. T heory and technology Hypertext I  Organizing and making sense of information has been the main focus of hypertext research from its very beginning.  Structure dom ains :  Ass ociative structures  Spatial structures  Taxonom ic structures  Iss ue-bas ed structures  Annotation and meta data structures
  • 17. T heory and technology Hypertext II Associative structures Spatial structures
  • 18. Problem definition Inform ation  Problem s :  Inform ation amount  inform ation incom pletenes s  inform ation com plexity “We typically have much less data, or not so many attributes, as it was the case in the investigation you presented” British Home Office analyst (2011)  Res earch focus requirem ents :  Information #1: em erging and fragile structure  Information #2: integrating inform ation sources  Information #3: awarenes s and notification  Information #4: vers ioning support
  • 19. Problem definition P roces s  Problem s :  Increm ental deterioration  res pons ibility  overlapping proces s es  inform ation sharing  Res earch focus requirem ents :  Process #1: target-centric and iterative  Process #2: los s les s data abs tractions  Process #3: make everybody stakeholders  Process #4: integrate conceptual and com putational models “With a better working methodology and a wider focus, the Norwegian police security service (PST) could have tracked down the offender prior to July 22.” 22nd July Commission Report (2012)
  • 20. Problem definition Hum an factors  Problem s :  Hum an cognition and creativity,  making hum ans more capable,  habitual and biased thinking,  trus t  Res earch focus requirem ents :  Human factors #1: augm ent hum an intellect  Human factors #2: trans parency and owners hip  Human factors #3: sim ple tools eas e-of-us e  Human factors #4: hum an-tool synergy The human mind … operates by association. With one item in its grasp, it snaps instantly to the next that is suggested by the association of thoughts. Vannevar Bush (1945)
  • 21. P roces s m odel Target-centric, hum an-centered TARGET processing collection disseminationacquisition sense-making cooperation sense-making synthesis cooperation flowinformation flow investigative process shared investigative process Toolsupport synthesis customer investigatorinvestigator collector process influence
  • 22. Tas ks  Acquis ition:  Acuis ition methods , dynam ic attributes , and attribute mapping.  Synthes is :  CRUD entities , CRUD ass ociations , re-s tructuring, grouping, collaps ing and expanding, brains torm ing, inform ation types , em erging attributes .  Sens e-m aking:  Retracing the steps , creating hypothes es , adaptive modeling, prediction, alias detection, exploring pres pectives , decis ion- making, social network analys is , terroris t network analys is .  Diss em ination:  Storytelling, report generation.  Co-operation:  Shared inform ation space, discover em ergent collaboration, shared work flows .
  • 23. Crim eF ighter Inves tigator Concepts
  • 24. Acquis ition tas ks Dynam ic attributes and attribute mapping
  • 25. Synthes is tas ks Create entities and as s ociations
  • 26. Sens e-m aking tas ks Create hypothes es and prediction
  • 27. Tes ting the hypothes is Work flow s upport: ’what-if’ ques tions Novem ber 17, partially obs erved network Asking what-if ques tions
  • 28. Tes ting the hypothes is Work flow s upport: node rem oval
  • 29. Evaluation Methods and requirem ents coverage  T hree methods :  Capability com paris ons (m odels and tas ks )  End us er interviews  Meas ures of perform ance  Good coverage!
  • 32. Conclus ion Res earch focus requirem ents and hypothes is  Res earch focus requirem ents  Support of the hypothes is A software system addressing information, process, and human factors challenges would be a useful tool for assisting criminal network investigators in their work.
  • 33. Conclus ion Contributions  Challenges  Proces s model  Tas k lis t  Tool support  Novel approach to tool support  Com ponents for tool support  Publications
  • 34. F uture work Tool developm ent and evaluation  Tool developm ent Branched his tory Vis ualization and filtering Cus tom algorithm s (s ave work flows , dedicated editor) Prediction (im prove mops )  Tool evaluation Us ability experim ents Capability com paris ons