One of the greatest challenges facing modern society is the rising tide of cyber crimes. These crimes, since they rarely fit the model of conventional crimes, are difficult to investigate, hard to analyze, and difficult to prosecute. Collecting data in a unified framework is a mandatory step that will assist the investigator in sorting through the mountains of data. In this paper, we explore designing a dimensional model for a data warehouse that can be used in analyzing cyber crime data. We also present some interesting queries and the types of cyber crime analyses that can be performed based on the data warehouse. We discuss several ways of utilizing the data warehouse using OLAP and data mining technologies. We finally discuss legal issues and data population issues for the data warehouse.


1. Bhaskar, R. State and local law enforcement is not ready for a cyber Katrina. Communications of the ACM, 49 (2). 81-83.

2. Brown, R., Pham, B. and de Vel, O. Design of a digital forensics image mining system. in Khosla, R., Howlett, R.J. and Jain, L.C. eds. Lecture Notes in Computer Science, 2005, 395-404.

3. Cap, C.H., Maibaum, N. and Heyden, L., Extending the data storage capabilities of a Java-Based smartcard. in Sixth IEEE Symposium on Computers and Communications, (Hammamet, Tunisia, 2001), 680-685.

4. Chen, H., Zeng, D., Atabakhsh, H., Wyzga, W. and Schroeder, J. COPLINK: Managing law enforcement data and knowledge Communications of the ACM, 46 (1). 28-34.

5. Claburn, T. Banks, law agencies team up to fight Phishing, 2004.

6. Common Digital Evidence Storage Format Working Group Standardizing digital evidence storage. Communications of the ACM, 49 (2). 67-68.

7. Cunningham, C., Song, I.-Y. and Chen, P.P., Data warehouse design to support customer relationship management analyses. in 7th ACM international workshop on Data warehousing and OLAP, (Washington DC, 2004), ACM Press, 14-22.

8. Hall, G.A. and Davis, W.P. Toward defining the intersection of forensics and information technology. International Journal of Digital Evidence, 4 (1). 1-20.

9. Hannan, M.B., Turner, P. and Broucek, V., Refining the Taxonomy of forensic computing in the era of E-crime: Insights from a survey of Australian Forensic Computing Investigation (FCI) teams. in 4th Australian Information Warfare and IT Security Conference, (Edith Cowan University, Perth, Western Australia 2003), 151-158.

10. Howard, J.D. and Longstaff, T.A. A common language for computer security incidents Sandia Report, Sandia National Laboratories, 1998.

11. Icove, D.J. Collaring the cybercrook: An investigator’s view IEEE Spectrum, 1997, 31-36.

12. Kimball, R. and Ross, M. The data warehouse toolkit. Wiley, New York, 2002.

13. Kruse, W.G. and Heiser, J.G. Computer forensics: Incident response essentials. Addison-Wesley, 2002.

14. Kurlander, N. Fighting crime and terrorism through data integration, 2005.

15. Marcella, A.J. and Greenfield, R. (eds.). Cyber forensics: a field manual for collecting, examining, and preserving evidence of computer crimes. Auerbach Publications/CRC Press, Boca Raton, FL, 2002.

16. Moore, A.P., Ellison, R.J. and Linger, R.C. Attack modeling for information security and survivability CMU SEI Technical Note, CMU Software Engineering Institute, 2001.

17. Prosise, C., Mandia, K. and Pepe, M. Incident response: computer forensics. McGraw-Hill, New York, 2003.

18. Schultz, E.E. and Shumway, R. Incident response: A strategic guide to handling system and network security breaches New Riders, Indianapolis, 2002.

19. Solomon, M., Barrett, D. and Broom, N. Computer forensics jumpstart. SYBEX, San Francisco, 2005.

20. Thomsen, E. OLAP solutions: Building multidimensional information systems. Wiley, New York, 2002.

21. Turvey, B.E. Criminal profiling : an introduction to behavioral evidence analysis Academic Press, San Diego, CA, 2002.

22. Vacca, J.R. Computer forensics: computer crime scene investigation. Charles River Media, Hingham, MA, 2002.

23. Wegman, J., Legal issues in computer forensics. in Allied Academies International Conference, (New Orleans, LA, 2004), 45-49.

24. Xu, J.J. and Chen, H. CrimeNet explorer: A framework for criminal network knowledge discovery. ACM Transactions on Information Systems, 23 (2). 201-226.

25. Xu, J.J. and Chen, H. Criminal network analysis and visualization. Communications of the ACM, 48 (6). 100-107.



To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.