Machine Learning Forensics for Law Enforcement, Security, and Intelligence: 1st Edition (Hardback) book cover

Machine Learning Forensics for Law Enforcement, Security, and Intelligence

1st Edition

By Jesus Mena

Auerbach Publications

349 pages | 60 B/W Illus.

Purchasing Options:$ = USD
Hardback: 9781439860694
pub: 2011-06-23
SAVE ~$18.19
eBook (VitalSource) : 9780429105326
pub: 2016-04-19
from $45.48

FREE Standard Shipping!


Increasingly, crimes and fraud are digital in nature, occurring at breakneck speed and encompassing large volumes of data. To combat this unlawful activity, knowledge about the use of machine learning technology and software is critical. Machine Learning Forensics for Law Enforcement, Security, and Intelligence integrates an assortment of deductive and instructive tools, techniques, and technologies to arm professionals with the tools they need to be prepared and stay ahead of the game.

Step-by-step instructions

The book is a practical guide on how to conduct forensic investigations using self-organizing clustering map (SOM) neural networks, text extraction, and rule generating software to "interrogate the evidence." This powerful data is indispensable for fraud detection, cybersecurity, competitive counterintelligence, and corporate and litigation investigations. The book also provides step-by-step instructions on how to construct adaptive criminal and fraud detection systems for organizations.

Prediction is the key

Internet activity, email, and wireless communications can be captured, modeled, and deployed in order to anticipate potential cyber attacks and other types of crimes. The successful prediction of human reactions and server actions by quantifying their behaviors is invaluable for pre-empting criminal activity. This volume assists chief information officers, law enforcement personnel, legal and IT professionals, investigators, and competitive intelligence analysts in the strategic planning needed to recognize the patterns of criminal activities in order to predict when and where crimes and intrusions are likely to take place.

Table of Contents

What Is Machine Learning Forensics?


Digital Maps and Models: Strategies and Technologies

Extractive Forensics: Link Analysis and Text Mining

Inductive Forensics: Clustering Incidents and Crimes

Deductive Forensics: Anticipating Attacks and Precrime

Fraud Detection: On the Web, Wireless, and in Real Time

Cybersecurity Investigations: Self-Organizing and Evolving Analyses

Corporate Counterintelligence: Litigation and Competitive Investigations

A Machine Learning Forensic Worksheet

Digital Investigative Maps and Models: Strategies and Techniques

Forensic Strategies

Decompose the Data

Criminal Data Sets, Reports, and Networks

Real Estate, Auto, and Credit Data Sets

Psychographic and Demographic Data Sets

Internet Data Sets

Deep Packet Inspection (DPI)

Designing a Forensic Framework

Tracking Mechanisms

Assembling Data Streams

Forensic Techniques

Investigative Maps

Investigative Models

Extractive Forensics: Link Analysis and Text Mining

Data Extraction

Link Analysis

Link Analysis Tools

Text Mining

Text Mining Tools

Online Text Mining Analytics Tools

Commercial Text Mining Analytics Software

From Extraction to Clustering

Inductive Forensics: Clustering Incidents and Crimes

Autonomous Forensics

Self-Organizing Maps

Clustering Software

Commercial Clustering Software

Free and Open-Source Clustering Software

Mapping Incidents

Clustering Crimes

From Induction to Deduction

Deductive Forensics: Anticipating Attacks and Precrime

Artificial Intelligence and Machine Learning

Decision Trees

Decision Tree Techniques

Rule Generators

Decision Tree Tools

Free and Shareware Decision Tree Tools

Rule Generator Tools

Free Rule Generator Tools

The Streaming Analytical Forensic Processes

Forensic Analysis of Streaming Behaviors

Forensic Real-Time Modeling

Deductive Forensics for Precrime

Fraud Detection: On the Web, Wireless, and in Real Time

Definition and Techniques: Where, Who, and How

The Interviews: The Owners, Victims, and Suspects

The Scene of the Crime: Search for Digital Evidence

Four Key Steps in Dealing with Digital Evidence

Searches for Associations: Discovering Links and Text Concepts

Rules of Fraud: Conditions and Clues

A Forensic Investigation Methodology

Step One: Understand the Investigation Objective

Step Two: Understand the Data

Step Three: Data Preparation Strategy

Step Four: Forensic Modeling

Step Five: Investigation Evaluation

Step Six: Detection Deployment

Forensic Ensemble Techniques

Stage One: Random Sampling

Stage Two: Balance the Data

Stage Three: Split the Data

Stage Four: Rotate the Data

Stage Five: Evaluate Multiple Models

Stage Six: Create an Ensemble Model

Stage Seven: Measure False Positives and Negatives

Stage Eight: Deploy and Monitor

Stage Nine: Anomaly Detection

Fraud Detection Forensic Solutions

Assembling an Evolving Fraud Detection Framework

Cybersecurity Investigations: Self - Organizing and Evolving Analyses

What Is Cybersecurity Forensics?

Cybersecurity and Risk

Machine Learning Forensics for Cybersecurity

Deep Packet Inspection (DPI)

Layer 7: Application

Layer 6: Presentation

Layer 5: Session

Layer 4: Transport

Layer 3: Network

Layer 2: Data Link

Layer 1: Physical

Software Tools Using DPI

Network Security Tools

Combating Phishing

Hostile Code

The Foreign Threat

The CNCI Initiative Details

Forensic Investigator Toolkit

Wireless Hacks

Incident Response Check-Off Checklists

Digital Fingerprint

Corporate Counterintelligence: Litigation and Competitive Investigations

Corporate Counterintelligence

Ratio, Trending, and Anomaly Analyses

E-Mail Investigations

Legal Risk Assessment Audit

Inventory of External Inputs to the Process

Identify Assets and Threats

List Risk Tolerance for Major Events

List and Evaluate Existing Protection Mechanisms

List and Assess Underprotected Assets and Unaddressed Threats

Competitive Intelligence Investigations

Triangulation Investigations


About the Author

Jesús Mena is a former Internal Revenue Service Artificial Intelligence specialist and the author of numerous data mining, web analytics, law enforcement, homeland security, forensic, and marketing books. Mena has also written dozens of articles and consulted with several businesses and governmental agencies. He has over 20 years’ experience in expert systems, rule induction, decision trees, neural networks, self-organizing maps, regression, visualization, and machine learning and has worked on data mining projects involving clustering, segmentation, classification, profiling and personalization with government, web, retail, insurance, credit card, financial and healthcare data sets. He has worked, written, and lectured on various behavioral analytics and social networking techniques, personalization mechanisms, web and mobile networks, real-time psychographics, tracking and profiling engines, log analyzing tools, packet sniffers, voice and text recognition software, geolocation and behavioral targeting systems, real-time streaming analytical software, ensemble techniques, and digital fingerprinting.

Subject Categories

BISAC Subject Codes/Headings:
COMPUTERS / Database Management / Data Mining
COMPUTERS / Information Technology
COMPUTERS / Security / General
LAW / Criminal Law / General
LAW / Forensic Science