1 CYBERSECURITY AND CYBERCRIME INVESTIGATION 1.1 CYBERSECURITY 1.2 KEY COMPONENTS TO MINIMIZING CYBERCRIMES 1.3 DAMAGE RESULTING FROM CYBERCRIME 1.4 CYBERCRIMES 1.4.1 Major Categories of Cybercrime 1.4.
2 Causes of and Motivations for Cybercrime 1.5 MAJOR CHALLENGES 1.5.1 Hacker Tools and Exploit Kits 1.5.2 Universal Access 29 1.5.3 Online Anonymity 1.
5.4 Organized Crime 30 1.5.5 Nation State Threat Actors 31 1.6 CYBERCRIME INVESTIGATION 32 2 MACHINE LEARNING FRAMEWORK FOR MESSAGING FORENSICS 34 2.1 SOURCES OF CYBERCRIMES 36 2.2 FEW ANALYSIS TOOLS AND TECHNIQUES 38 2.3 PROPOSED FRAMEWORK FOR CYBERCRIMES INVESTIGATION 39 2.
4 AUTHORSHIP ANALYSIS 41 2.5 INTRODUCTION TO CRIMINAL INFORMATION MINING 43 2.5.1 Existing Criminal Information Mining Approaches 44 2.5.2 WordNet-based Criminal Information Mining 47 2.6 WEKA 48 3 HEADER-LEVEL INVESTIGATION AND ANALYZING NETWORK INFORMATION 50 3.1 STATISTICAL EVALUATION 52 3.
2 TEMPORAL ANALYSIS 53 3.3 GEOGRAPHICAL LOCALIZATION 53 3.4 SOCIAL NETWORK ANALYSIS 55 3.5 CLASSIFICATION 56 3.6 CLUSTERING 58 4 AUTHORSHIP ANALYSIS APPROACHES 59 4.1 HISTORICAL PERSPECTIVE 59 4.2 ONLINE ANONYMITY AND AUTHORSHIP ANALYSIS 60 4.3 STYLOMETRIC FEATURES 61 4.
4 AUTHORSHIP ANALYSIS METHODS 63 4.4.1 Statistical Analysis Methods 64 4.4.2 Machine Learning Methods 64 4.4.1 Classification Method Fundamentals 66 4.5 AUTHORSHIP ATTRIBUTION 67 4.
6 AUTHORSHIP CHARACTERIZATION 69 4.7 AUTHORSHIP VERIFICATION 70 4.8 LIMITATIONS OF EXISTING AUTHORSHIP TECHNIQUES 72 5 AUTHORSHIP ANALYSIS - WRITEPRINT MINING FOR AUTHORSHIP ATTRIBUTION 74 5.1 AUTHORSHIP ATTRIBUTION PROBLEM 78 5.1.1 Attribution without Stylistic Variation 79 5.1.2 Attribution with Stylistic Variation 79 5.
2 BUILDING BLOCKS OF THE PROPOSED APPROACH 80 5.3 WRITEPRINT 87 5.4 PROPOSED APPROACHES 87 5.4.1 AuthorMiner1: Attribution without Stylistic Variation 88 5.4.2 AuthorMiner2: Attribution with Stylistic Variation 92 6 AUTHORSHIP ATTRIBUTION WITH FEW TRAINING SAMPLES 97 6.1 PROBLEM STATEMENT AND FUNDAMENTALS 100 6.
2 PROPOSED APPROACH 101 6.2.1 Preprocessing 101 6.2.2 Clustering by Stylometric Features 102 6.2.3 Frequent Stylometric Pattern Mining 104 6.2.
4 Writeprint Mining 105 6.2.5 Identifying Author 106 6.3 EXPERIMENTS AND DISCUSSION 106 7 AUTHORSHIP CHARACTERIZATION 113 7.1 PROPOSED APPROACH 115 7.1.1 Clustering Anonymous Messages 116 7.1.
2 Extracting Writeprints from Sample Messages 116 7.1.3 Identifying Author Characteristics 116 7.2 EXPERIMENTS AND DISCUSSION 117 8 AUTHORSHIP VERIFICATION 120 8.1 PROBLEM STATEMENT 123 8.2 PROPOSED APPROACH 125 8.2.1 Verification by Classification 126 8.
2.2 Verification by Regression 126 8.3 EXPERIMENTS AND DISCUSSION 127 8.3.1 Verification by Classification. 128 8.3.2 Verification by Regression 128 9 AUTHORSHIP ATTRIBUTION USING CUSTOMIZED ASSOCIATIVE CLASSIFICATION 131 9.
1 PROBLEM STATEMENT 132 9.1.1 Extracting Stylometric Features 132 9.1.2 Associative Classification Writeprint 133 9.1.3 Refined Problem Statement 136 9.2 CLASSIFICATION BY MULTIPLE ASSOCIATION RULE FOR AUTHORSHIP ANALYSIS 137 9.
2.1 Mining Class Association Rules 137 9.2.2 Pruning Class Association Rules 139 9.2.3 Authorship Classification 142 9.3 EXPERIMENTAL EVALUATION 145 10 CRIMINAL INFORMATION MINING 151 10.1 PROBLEM STATEMENT 153 10.
1.1 Subproblem: Clique Mining 154 10.1.2 Subproblem: Concept Analysis 156 10.2 PROPOSED APPROACH 156 10.2.1 Clique Miner 157 10.2.
2 Concept Miner 160 10.2.3 Information Visualizer 165 10.3 EXPERIMENTS AND DISCUSSION 166 11 ARTIFICIAL INTELLIGENCE AND DIGITAL FORENSICS 172 11.1 AI TECHNIQUES 173 11.2 DEEP LEARNING FOR SOCIAL MEDIA MINING 176 11.2.1 Tweet Crawler 178 11.
2.2 Preprocessing 178 11.2.3 Event Identifier 178 11.2.4 Event Filter 180 11.2.5 Information Extractor 180 11.
3 FUTURE APPLICATION AND IMPLICATIONS FOR DIGITAL FORENSICS 183.