Thumbnail Image

Security visualization intelligence model for law enforcement investigations

Data analytic methods and techniques have proven crucial in aiding law enforcement investigations and day-to-day operations. However, the rise of cyber-attacks across transnational jurisdictions creates a challenge to share information across law enforcement agencies. Malware, Bitcoin and social media datasets are some examples. Security visualization is a solution to facilitate information sharing across jurisdictions comfortably in enhancing investigations without revealing the underlying sensitive raw data therefore, reducing the time spent on analysing and processing such large dataset. In this paper we introduce the "Security Visualization Intelligence (SVInt) framework", a visualization intelligence model for investigations and situation awareness deployed for the international law enforcement domain. We provide an effective user-centric visual method of analysing, sharing and exchanging complex datasets using visualization to aid law enforcement investigations. Attribution and evidence preservation without revealing the underlying raw data is the primary goal for SVInt. The SVInt framework provide visualizations of Bitcoin transaction relationships and threat map visualization showing top malware threats using geo-locations. It also provides expendable visualization features for future investigation demands. Finally, we provide possible future work within the law enforcement security visualization domain.
Conference Contribution
Type of thesis
Garae, J., Ko, R. K. L., Apperley, M., & Schlickmann, S. J. (2018). Security visualization intelligence model for law enforcement investigations. In B. Cusack & R. Lutui (Eds.), Proceedings of 2018 Cyber Forensic & Security International Conference (2018 CFSIC) (pp. 165–177). Conference held Tonga.