ESR09 | Aggregation and Linkage of Evidential Values and Big Data Analytics
Research project
Aggregation and Linkage of Evidential Values and Big Data Analytics.
Host institution
Norwegian University of Science and Technology (NTNU), Norway.
Objectives
Evidence derived from computing and network infrastructures using digital forensics techniques is playing an increasingly important role, e.g. in corporate compliance activities, criminal investigations, counter terrorism and intelligence operations. Investigators and intelligence analysts demand the possibility to enrich the collected evidence with information from open sources, e.g. data available on the Internet. The objective of the research is to establish an evidence value and quality-assessment framework that allows the linkage and aggregation of digital evidence in a closed and in an open ecosystem. This position has strong links to data fusion and Big Data/Machine-learning analytics.
Expected outcomes
The research will produce (i) quantified and measurable indicators for social-technical ecosystems (context), (ii) quantified and measurable indicators for quality of evidence (artefact), (iii) statistical framework and methods to establish the evidential value of an artefact/abnormality given a certain context, (iv) evidence analysis, aggregation and decision making by means of proof-of-concept. The ESR will be required to publish two peer-reviewed articles, participate and present in one workshop, write two research reports, produce 1 software demonstrator and a final dissertation.
Main supervisor
Prof. dr. Katrin Franke (NTNU).
Co-supervisor
Prof. dr. Craig Valli, Edith Cowan University – Security Research Institute (ECU), Australia.
Planned secondments
Host 1: Edith Cowan University – Security Research Institute (Australia).
Host 2: Consiglio Nazionale Delle Ricerche (CNR), Italy.
Host 3: Netherlands Forensic Institute (NFI), Netherlands.
