1 / 14

Social Network Forensic

Social Network Forensic. By Xing Liu CSC153 Spring 2009. Background of Social Network. Bring people with special interests together. Classmates.com(1995) sixDegrees.com(1997) on indirect ties. Myspace(2003) Facebook(2003) Flickr(2004) - Photos Ning(2005) - Own Social Network

webb
Download Presentation

Social Network Forensic

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Social Network Forensic By Xing Liu CSC153 Spring 2009

  2. Background of Social Network • Bring people with special interests together. • Classmates.com(1995) • sixDegrees.com(1997) on indirect ties. • Myspace(2003) • Facebook(2003) • Flickr(2004) - Photos • Ning(2005) - Own Social Network • twitter(2006)-text-based posts

  3. Background of Social Network con't • Huge amount of people related in social network. • 75% of software developers belong to at least one social network. • Social networking among US broadband users has grown 93% since 2006. • Twitter - From Feb '08 to Feb '09, it clocked in at a whopping 1,382% growth rate. Source: http://www.socialnetworkingwatch.com/all_social_networking_statistics/

  4. Technical Details of Social Networks • Mostly web-based systems. • Web servers and databases in the backend. • Have its own API services and application languages. • Facebook – FBML(Facebook Markup Language). • MySpace Developer Platform – based on the OpenSocial model from Google Code.

  5. Issues with Social Networking • Privacy – easy accesses to personal information such as birthday or personal images. • Potential misuse – fake identities. • Child safety – online sexual predators.

  6. Social Networking Cases • October 2005, pictures from Facebook were used to cite violators at North Carolina State University for under age drinking. • In November 2005, student used the message board of a Facebook group to share class information without authorization of professor at Kansas State University. • February 2007, following the fatal hit-and-run death of freshman in University of Connecticut, police was able to link to the suspect driver by identifying suspect's girlfriend with the help of Facebook. • Sources: http://en.wikipedia.org/wiki/Use_of_social_network_websites_in_investigations

  7. Forensic Methods for Social Networking Cases • Client Side – seize victims' or suspects' computers. • Server Side – contact social network service providers to grab information from their servers. • Real Time – intercept the message sent in real time.

  8. Forensic Methods – Client Side • Use forensic tools such as FTK to look for any deleted browser history or messages in the hard drive. • Check the registry for device connection information. • If a case is involved in photo evidence, we can do a FTK keyword search for related photo information. • Steganography Tools for hidden message within photos.

  9. Forensic Methods – Server Side • Contact service providers to give out server information. • Log files in the web servers, such as Access Log in Apache web server – get IP address of clients. • FTP log for uploaded images' information. • Live system imaging using dd & Netcat. (Discussed in Chapter 6)

  10. Forensic Methods – Real Time • Contact ISP provider to monitor information sent between the client and server machines. • Monitor suspect's router for live traffic data stream. • Install Keylogger in the suspect's machine.

  11. Social Networking Forensic – obstacles • The the impact of social network is getting bigger and bigger. • From acquiring evidence standpoint, it's getting harder to acquire because of more servers involved. • Computer forensic experts need to be more familiar to different web and database server settings. • Learn different web services application languages such as FBML and OpenSocial.

  12. Social Networking Forensic – advantages • Information in social network can be easily searched by investigators. • Photos posted in the social network profiles may be used as evidence. • Because of the social network links of degrees, investigators can learn important information by identifying related personnels in the network.

  13. Questions?

  14. The EndThank You

More Related