1st Edition

Machine Learning Forensics for Law Enforcement, Security, and Intelligence

By Jesus Mena Copyright 2011
    350 Pages 60 B/W Illustrations
    by Auerbach Publications

    Increasingly, crimes and fraud are digital in nature, occurring at breakneck speed and encompassing large volumes of data. To combat this unlawful activity, knowledge about the use of machine learning technology and software is critical. Machine Learning Forensics for Law Enforcement, Security, and Intelligence integrates an assortment of deductive and instructive tools, techniques, and technologies to arm professionals with the tools they need to be prepared and stay ahead of the game.

    Step-by-step instructions

    The book is a practical guide on how to conduct forensic investigations using self-organizing clustering map (SOM) neural networks, text extraction, and rule generating software to "interrogate the evidence." This powerful data is indispensable for fraud detection, cybersecurity, competitive counterintelligence, and corporate and litigation investigations. The book also provides step-by-step instructions on how to construct adaptive criminal and fraud detection systems for organizations.

    Prediction is the key

    Internet activity, email, and wireless communications can be captured, modeled, and deployed in order to anticipate potential cyber attacks and other types of crimes. The successful prediction of human reactions and server actions by quantifying their behaviors is invaluable for pre-empting criminal activity. This volume assists chief information officers, law enforcement personnel, legal and IT professionals, investigators, and competitive intelligence analysts in the strategic planning needed to recognize the patterns of criminal activities in order to predict when and where crimes and intrusions are likely to take place.

    What Is Machine Learning Forensics?
    Digital Maps and Models: Strategies and Technologies
    Extractive Forensics: Link Analysis and Text Mining
    Inductive Forensics: Clustering Incidents and Crimes
    Deductive Forensics: Anticipating Attacks and Precrime
    Fraud Detection: On the Web, Wireless, and in Real Time
    Cybersecurity Investigations: Self-Organizing and Evolving Analyses
    Corporate Counterintelligence: Litigation and Competitive Investigations
    A Machine Learning Forensic Worksheet
    Digital Investigative Maps and Models: Strategies and Techniques
    Forensic Strategies
    Decompose the Data
    Criminal Data Sets, Reports, and Networks
    Real Estate, Auto, and Credit Data Sets
    Psychographic and Demographic Data Sets
    Internet Data Sets
    Deep Packet Inspection (DPI)
    Designing a Forensic Framework
    Tracking Mechanisms
    Assembling Data Streams
    Forensic Techniques
    Investigative Maps
    Investigative Models
    Extractive Forensics: Link Analysis and Text Mining
    Data Extraction
    Link Analysis
    Link Analysis Tools
    Text Mining
    Text Mining Tools
    Online Text Mining Analytics Tools
    Commercial Text Mining Analytics Software
    From Extraction to Clustering
    Inductive Forensics: Clustering Incidents and Crimes
    Autonomous Forensics
    Self-Organizing Maps
    Clustering Software
    Commercial Clustering Software
    Free and Open-Source Clustering Software
    Mapping Incidents
    Clustering Crimes
    From Induction to Deduction
    Deductive Forensics: Anticipating Attacks and Precrime
    Artificial Intelligence and Machine Learning
    Decision Trees
    Decision Tree Techniques
    Rule Generators
    Decision Tree Tools
    Free and Shareware Decision Tree Tools
    Rule Generator Tools
    Free Rule Generator Tools
    The Streaming Analytical Forensic Processes
    Forensic Analysis of Streaming Behaviors
    Forensic Real-Time Modeling
    Deductive Forensics for Precrime
    Fraud Detection: On the Web, Wireless, and in Real Time
    Definition and Techniques: Where, Who, and How
    The Interviews: The Owners, Victims, and Suspects
    The Scene of the Crime: Search for Digital Evidence
    Four Key Steps in Dealing with Digital Evidence
    Searches for Associations: Discovering Links and Text Concepts
    Rules of Fraud: Conditions and Clues
    A Forensic Investigation Methodology
    Step One: Understand the Investigation Objective
    Step Two: Understand the Data
    Step Three: Data Preparation Strategy
    Step Four: Forensic Modeling
    Step Five: Investigation Evaluation
    Step Six: Detection Deployment
    Forensic Ensemble Techniques
    Stage One: Random Sampling
    Stage Two: Balance the Data
    Stage Three: Split the Data
    Stage Four: Rotate the Data
    Stage Five: Evaluate Multiple Models
    Stage Six: Create an Ensemble Model
    Stage Seven: Measure False Positives and Negatives
    Stage Eight: Deploy and Monitor
    Stage Nine: Anomaly Detection
    Fraud Detection Forensic Solutions
    Assembling an Evolving Fraud Detection Framework
    Cybersecurity Investigations: Self - Organizing and Evolving Analyses
    What Is Cybersecurity Forensics?
    Cybersecurity and Risk
    Machine Learning Forensics for Cybersecurity
    Deep Packet Inspection (DPI)
    Layer 7: Application
    Layer 6: Presentation
    Layer 5: Session
    Layer 4: Transport
    Layer 3: Network
    Layer 2: Data Link
    Layer 1: Physical
    Software Tools Using DPI
    Network Security Tools
    Combating Phishing
    Hostile Code
    The Foreign Threat
    The CNCI Initiative Details
    Forensic Investigator Toolkit
    Wireless Hacks
    Incident Response Check-Off Checklists
    Digital Fingerprint
    Corporate Counterintelligence: Litigation and Competitive Investigations
    Corporate Counterintelligence
    Ratio, Trending, and Anomaly Analyses
    E-Mail Investigations
    Legal Risk Assessment Audit
    Inventory of External Inputs to the Process
    Identify Assets and Threats
    List Risk Tolerance for Major Events
    List and Evaluate Existing Protection Mechanisms
    List and Assess Underprotected Assets and Unaddressed Threats
    Competitive Intelligence Investigations
    Triangulation Investigations


    Jesús Mena is a former Internal Revenue Service Artificial Intelligence specialist and the author of numerous data mining, web analytics, law enforcement, homeland security, forensic, and marketing books. Mena has also written dozens of articles and consulted with several businesses and governmental agencies. He has over 20 years’ experience in expert systems, rule induction, decision trees, neural networks, self-organizing maps, regression, visualization, and machine learning and has worked on data mining projects involving clustering, segmentation, classification, profiling and personalization with government, web, retail, insurance, credit card, financial and healthcare data sets. He has worked, written, and lectured on various behavioral analytics and social networking techniques, personalization mechanisms, web and mobile networks, real-time psychographics, tracking and profiling engines, log analyzing tools, packet sniffers, voice and text recognition software, geolocation and behavioral targeting systems, real-time streaming analytical software, ensemble techniques, and digital fingerprinting.