Social Network Forensic By Xing Liu CSC153 Spring 2009.
-
Upload
colleen-davidson -
Category
Documents
-
view
223 -
download
1
Transcript of Social Network Forensic By Xing Liu CSC153 Spring 2009.
![Page 1: Social Network Forensic By Xing Liu CSC153 Spring 2009.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697bfc81a28abf838ca8630/html5/thumbnails/1.jpg)
Social Network Forensic
By Xing Liu
CSC153Spring 2009
![Page 2: Social Network Forensic By Xing Liu CSC153 Spring 2009.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697bfc81a28abf838ca8630/html5/thumbnails/2.jpg)
Background of Social Network
Bring people with special interests together.
Classmates.com(1995) sixDegrees.com(1997) on
indirect ties. Myspace(2003) Facebook(2003) Flickr(2004) - Photos Ning(2005) - Own Social
Network twitter(2006)-text-based
posts
![Page 3: Social Network Forensic By Xing Liu CSC153 Spring 2009.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697bfc81a28abf838ca8630/html5/thumbnails/3.jpg)
Background of Social Network con't
Huge amount of people related in social network.
75% of software developers belong to at least one social network.
Social networking among US broadband users has grown 93% since 2006.
Twitter - From Feb '08 to Feb '09, it clocked in at a whopping 1,382% growth rate.
Source: http://www.socialnetworkingwatch.com/all_social_networking_statistics/
![Page 4: Social Network Forensic By Xing Liu CSC153 Spring 2009.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697bfc81a28abf838ca8630/html5/thumbnails/4.jpg)
Technical Details of Social Networks
• Mostly web-based systems.
• Web servers and databases in the backend.
• Have its own API services and application languages.
• Facebook – FBML(Facebook Markup Language).
• MySpace Developer Platform – based on the OpenSocial model from Google Code.
![Page 5: Social Network Forensic By Xing Liu CSC153 Spring 2009.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697bfc81a28abf838ca8630/html5/thumbnails/5.jpg)
Issues with Social Networking
• Privacy – easy accesses to personal information such as birthday or personal images.
• Potential misuse – fake identities.
• Child safety – online sexual predators.
![Page 6: Social Network Forensic By Xing Liu CSC153 Spring 2009.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697bfc81a28abf838ca8630/html5/thumbnails/6.jpg)
Social Networking Cases
• October 2005, pictures from Facebook were used to cite violators at North Carolina State University for under age drinking.
• In November 2005, student used the message board of a Facebook group to share class information without authorization of professor at Kansas State University.
• February 2007, following the fatal hit-and-run death of freshman in University of Connecticut, police was able to link to the suspect driver by identifying suspect's girlfriend with the help of Facebook.
Sources: http://en.wikipedia.org/wiki/Use_of_social_network_websites_in_investigations
![Page 7: Social Network Forensic By Xing Liu CSC153 Spring 2009.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697bfc81a28abf838ca8630/html5/thumbnails/7.jpg)
Forensic Methods for Social Networking Cases
• Client Side – seize victims' or suspects' computers.
• Server Side – contact social network service providers to grab information from their servers.
• Real Time – intercept the message sent in real time.
![Page 8: Social Network Forensic By Xing Liu CSC153 Spring 2009.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697bfc81a28abf838ca8630/html5/thumbnails/8.jpg)
Forensic Methods – Client Side
• Use forensic tools such as FTK to look for any deleted browser history or messages in the hard drive.
• Check the registry for device connection information.
• If a case is involved in photo evidence, we can do a FTK keyword search for related photo information.
• Steganography Tools for hidden message within photos.
![Page 9: Social Network Forensic By Xing Liu CSC153 Spring 2009.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697bfc81a28abf838ca8630/html5/thumbnails/9.jpg)
Forensic Methods – Server Side
• Contact service providers to give out server information.
• Log files in the web servers, such as Access Log in Apache web server – get IP address of clients.
• FTP log for uploaded images' information.
• Live system imaging using dd & Netcat. (Discussed in Chapter 6)
![Page 10: Social Network Forensic By Xing Liu CSC153 Spring 2009.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697bfc81a28abf838ca8630/html5/thumbnails/10.jpg)
Forensic Methods – Real Time
• Contact ISP provider to monitor information sent between the client and server machines.
• Monitor suspect's router for live traffic data stream.
• Install Keylogger in the suspect's machine.
![Page 11: Social Network Forensic By Xing Liu CSC153 Spring 2009.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697bfc81a28abf838ca8630/html5/thumbnails/11.jpg)
Social Networking Forensic – obstacles
• The the impact of social network is getting bigger and bigger.
• From acquiring evidence standpoint, it's getting harder to acquire because of more servers involved.
• Computer forensic experts need to be more familiar to different web and database server settings.
• Learn different web services application languages such as FBML and OpenSocial.
![Page 12: Social Network Forensic By Xing Liu CSC153 Spring 2009.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697bfc81a28abf838ca8630/html5/thumbnails/12.jpg)
Social Networking Forensic – advantages
• Information in social network can be easily searched by investigators.
• Photos posted in the social network profiles may be used as evidence.
• Because of the social network links of degrees, investigators can learn important information by identifying related personnels in the network.
![Page 13: Social Network Forensic By Xing Liu CSC153 Spring 2009.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697bfc81a28abf838ca8630/html5/thumbnails/13.jpg)
Questions?
![Page 14: Social Network Forensic By Xing Liu CSC153 Spring 2009.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697bfc81a28abf838ca8630/html5/thumbnails/14.jpg)
The End
Thank You