Lessons Learned Developing a Visual Analytics Solution for Investigative Analysis of Scamming Activities.

Abstract

The forensic investigation of communication datasets which contain unstructured text, social network information, and metadata is a complex task that is becoming more important due to the immense amount of data being collected. Currently there are limited approaches that allow an investigator to explore the network, text and metadata in a unified manner. We developed Beagle as a forensic tool for email datasets that allows investigators to flexibly form complex queries in order to discover important information in email data. Beagle was successfully deployed at a security firm which had a large email dataset that was difficult to properly investigate. We discuss our experience developing Beagle as well as the lessons we learned applying visual analytic techniques to a difficult real-world problem.