Skip to content

Statistical Methods for the Forensic Analysis of Geolocated Event Data

Conference/Workshop:
US Digital Forensic Reserach Workshop
Published: 2020
Primary Author: Christopher Galbraith
Secondary Authors: Padhraic Smyth, Hal S. Stern
Research Area: Digital

A common question in forensic analysis is whether two observed data sets originated from the same source or from different sources. Statistical approaches to addressing this question have been widely adopted within the forensics community, particularly for DNA evidence. Here we investigate the application of statistical approaches to same-source forensic questions for spatial event data, such as determining the likelihood that two sets of observed GPS locations were generated by the same individual. We develop two approaches to quantify the strength of evidence in this setting. The first is a likelihood ratio approach based on modeling the spatial event data directly. The second approach is to instead measure the similarity of the two observed data sets via a score function and then assess the strength of the observed score resulting in the score-based likelihood ratio. A comparative evaluation using geolocated Twitter event data from two large metropolitan areas shows the potential efficacy of such techniques.

Related Resources

LibDroid: Summarizing information flow of Android Native Libraries via Static Analysis

LibDroid: Summarizing information flow of Android Native Libraries via Static Analysis

With advancements in technology, people are taking advantage of mobile devices to access e-mails, search the web, and video chat. Therefore, extracting evidence from mobile phones is an important component…
Evaluating Reference Sets for Score-Based Likelihood Ratios for Camera Device Identification

Evaluating Reference Sets for Score-Based Likelihood Ratios for Camera Device Identification

An investigator wants to know if an illicit image captured by an unknown camera was taken by a person of interest’s (POI’s) phone. Score-based likelihood ratios (SLRs) have been used…
Likelihood Ratios for Categorical Evidence with Applications to Digital Forensics

Likelihood Ratios for Categorical Evidence with Applications to Digital Forensics

In forensic investigations, the goal of evidence evaluation is often to address source-/identity-based questions in which the evidence consists of two sets of observations: one from an unknown source tied…
Automatic Detection of Android Steganography Apps via Symbolic Execution and Tree Matching

Automatic Detection of Android Steganography Apps via Symbolic Execution and Tree Matching

The recent focus of cyber security on automated detection of malware for Android apps has omitted the study of some apps used for “legitimate” purposes, such as steganography apps. Mobile…