•  
  •  
 

Publisher

The Association of Digital Forensics, Security and Law (ADFSL)

Abstract

To learn from the past, we analyse 1,088 "computer as a target" judgements for evidential reasoning by extracting four case elements: decision, intent, fact, and evidence. Analysing the decision element is essential for studying the scale of sentence severity for cross-jurisdictional comparisons. Examining the intent element can facilitate future risk assessment. Analysing the fact element can enhance an organization's capability of analysing criminal activities for future offender profiling. Examining the evidence used against a defendant from previous judgements can facilitate the preparation of evidence for upcoming legal disclosure. Follow the concepts of argumentation diagrams, we develop an automatic judgement summarizing system to enhance the accessibility of judgements and avoid repeating past mistakes. Inspired by the feasibility of extracting legal knowledge for argument construction and employing grounds of inadmissibility for probability assessment, we conduct evidential reasoning of kernel traces for forensic readiness. We integrate the narrative methods from attack graphs/languages for preventing confirmation bias, the argumentative methods from argumentation diagrams for constructing legal arguments, and the probabilistic methods from Bayesian networks for comparing hypotheses.

References

Alharbi, S., Weber-Jahnke, J., & Traore, I. (2011, August). The Proactive and Reactive Digital Forensics Investigation Process: A Systematic Literature Review. In T.-h. Kim, H. Adeli, R. J. Robles, & M. Balitanas (Eds.), Information Security and Assurance (pp. 87–100). Springer Berlin Heidelberg. (DOI: 10.1007/978-3-642-23141-4 9)

Bex, F., Van den Braak, S., Van Oostendorp, H., Prakken, H., Verheij, B., & Vreeswijk, G. (2007). Sense-making software for crime investigation: how to combine stories and arguments? Law, Probability and Risk, 6(1-4), 145–168. Retrieved 2016-02-28, from http://lpr.oxfordjournals.org/ content/6/1-4/145.short

Bex, F. J., Koppen, P. J. v., Prakken, H., & Verheij, B. (2010, July). A hybrid formal theory of arguments, stories and criminal evidence. Artificial Intelligence and Law, 18(2), 123–152. doi: 10.1007/s10506-010-9092-x

Bradford, P. G., Brown, M., Perdue, J., & Self, B. (2004, April). Towards proactive computer-system forensics. In International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004 (Vol. 2, pp. 648–652 Vol.2). doi: 10.1109/ITCC.2004.1286727

Brenner, S. W., Carrier, B., & Henninger, J. (2004). The Trojan Horse Defense in Cybercrime Cases. Santa Clara Computer and High Technology Law Journal, 21, 1–1.

Carrier, B., Spafford, E. H., & others. (2003). Getting physical with the digital investigation process. International Journal of digital evidence, 2(2), 1–20.

Cheng, L. (2010). A semiotic interpretation of genre: Judgments as an example. Semiotica, 2010(182), 89–113.

Chesevar, C., Modgil, S., Rahwan, I., Reed, C., Simari, G., South, M., ... Willmott, S. (2006). Towards an argument interchange format. The Knowledge Engineering Review, 21(04), 293–316.

Cheung, S., Lindqvist, U., & Fong, M. W. (2003, April). Modeling multistep cyber attacks for scenario recognition. In DARPA Information Survivability Conference and Exposition, 2003. Proceedings (Vol. 1, pp. 284–292 vol.1). doi: 10.1109/DISCEX.2003.1194892

Chieze, E., Farzindar, A., & Lapalme, G. (2010). An Automatic System for Summarization and Information Extraction of Legal Information. In E. Francesconi, S. Montemagni, W. Peters, & D. Tiscornia (Eds.), Semantic Processing of Legal Texts (pp. 216–234). Springer Berlin Heidelberg. (DOI: 10.1007/978-3-642-12837-0 12)

Condliffe, P., Abrahams, B., & Zeleznikow, J. (2010). An OWL Ontology and Bayesian Network to Support Legal Reasoning in the Owners Corporation Domain. In ODR (pp. 51–62). Retrieved 2016-02-28, from http://ceur-ws.org/Vol-684/ paper5.pdf?1323a5d8

Council of Europe. (2008, March). Cybercrime legislation-country profile: People’s Republic of China (Tech. Rep.). Retrieved 2015-09-18, from https://rm.coe.int/ CoERMPublicCommonSearchServices/ DisplayDCTMContent?documentId= 09000016803042ef

Cunningham, H. (2002, May). GATE, a General Architecture for Text Engineering. Computers and the Humanities, 36(2), 223–254. doi: 10.1023/A:1014348124664

Cunningham, H., Maynard, D., Bontcheva, K., Tablan, V., Ursu, C., Dimitrov, M., ... others (2014). Developing Language Processing Components with GATE Version 8. University of Sheffield Department of Computer Science. Retrieved 2015-10-04, from https://gate.ac.uk/sale/tao/tao.pdf

Cuppens, F., & Ortalo, R. (2000, October). LAMBDA: A Language to Model a Database for Detection of Attacks. In H. Debar, L. M, & S. F. Wu (Eds.), Recent Advances in Intrusion Detection (pp. 197–216). Springer Berlin Heidelberg. (DOI: 10.1007/3-540-39945-3 13)

Eckmann, S. T., Vigna, G., & Kemmerer, R. A. (2002). STATL: An attack language for state-based intrusion detection. Journal of computer security, 10(1, 2), 71–103. Retrieved 2016-02-28, from http:// content.iospress.com/articles/ journal-of-computer-security/jcs158

Ellson, J., Gansner, E., Koutsofios, L., North, S. C., & Woodhull, G. (2001, September). Graphviz Open Source Graph Drawing Tools. In P. Mutzel, M. Jnger, & S. Leipert (Eds.), Graph Drawing (pp. 483–484). Springer Berlin Heidelberg. (DOI: 10.1007/3-540-45848-4 57)

Endicott-Popovsky, B., Frincke, D. A., & Taylor, C. A. (2007). A theoretical framework for organizational network forensic readiness. Journal of Computers, 2(3), 1–11.

Farzindar, A., & Lapalme, G. (2004). Letsum, an automatic legal text summarizing system. Legal knowledge and information systems, JURIX, 11–18.

Fenton, N., Neil, M., & Lagnado, D. A. (2013). A general structure for legal arguments about evidence using Bayesian networks. Cognitive science, 37(1), 61–102. Retrieved 2016-02-28, from http://onlinelibrary.wiley.com/doi/ 10.1111/cogs.12004/full

Galgani, F., Compton, P., & Hoffmann, A. (2012, March). Towards Automatic Generation of Catchphrases for Legal Case Reports. In A. Gelbukh (Ed.), Computational Linguistics and Intelligent Text Processing (pp. 414–425). Springer Berlin Heidelberg. (DOI: 10.1007/978-3-642-28601-8 35)

Gelbart, D., & Smith, J. C. (1993). FLEXICON: An Evaluation of a Statistical Ranking Model Adapted to Intelligent Legal Text Management. In Proceedings of the 4th International Conference on Artificial Intelligence and Law (pp. 142–151). New York, NY, USA: ACM. doi: 10.1145/158976.158994

Giraldeau, F., Desfossez, J., Goulet, D., Dagenais, M., & Desnoyers, M. (2011). Recovering system metrics from kernel trace. In Linux Symposium (Vol. 109). Retrieved 2016-02-28, from http://landley.net/kdocs/mirror/ ols2011.pdf#page=109

Goodwin, J. (2000). Wigmore’s Chart Method. Informal Logic, 20(3).

Gordon, T. F. (2007). Visualizing Carneades argument graphs. Law, Probability and Risk, 6(1-4), 109–117. Retrieved 2016-02-28, from http://lpr.oxfordjournals.org/ content/6/1-4/109.short

Graves, K. (2007). CEH: Official Certified Ethical Hacker Review Guide (1st ed.). Sybex.

Grobler, C. P., & Louwrens, C. P. (2007, May). Digital Forensic Readiness as a Component of Information Security Best Practice. In H. Venter, M. Eloff, L. Labuschagne, J. Eloff, & R. v. Solms (Eds.), New Approaches for Security, Privacy and Trust in Complex Environments (pp. 13–24). Springer US. (DOI: 10.1007/978-0-387-72367-9 2)

Grobler, C. P., Louwrens, C. P., & Solms, S. H. v. (2010, February). A Multi-component View of Digital Forensics. In ARES ’10 International Conference on Availability, Reliability, and Security, 2010 (pp. 647–652). doi: 10.1109/ARES.2010.61

Hachey, B., & Grover, C. (2007, March). Extractive summarisation of legal texts. Artificial Intelligence and Law, 14(4), 305–345. doi: 10.1007/s10506-007-9039-z

Hepler, A. B., Dawid, A. P., & Leucari, V. (2007). Object-oriented graphical representations of complex patterns of evidence. Law, Probability and Risk, 6(1-4), 275–293. Retrieved 2016-02-28, from http://lpr.oxfordjournals.org/ content/6/1-4/275.short

International Organization for Standardization. (2015, March). ISO/IEC 30121:2015 - Information technology – Governance of digital forensic risk framework (Tech. Rep.).

Keppens, J. (2007). Towards Qualitative Approaches to Bayesian Evidential Reasoning. In Proceedings of the 11th International Conference on Artificial Intelligence and Law (pp. 17–25). New York, NY, USA: ACM. doi: 10.1145/1276318.1276322

Keppens, J. (2012, March). Argument diagram extraction from evidential Bayesian networks. Artificial Intelligence and Law, 20(2), 109–143. doi: 10.1007/s10506-012-9121-z

Keppens, J., & Schafer, B. (2006, February). Knowledge based crime scenario modelling. Expert Systems with Applications, 30(2), 203–222. doi: 10.1016/j.eswa.2005.07.011

Mailhot, L., & Carnwath, J. D. (1998). Decisions, Decisions: A Handbook for Judicial Writing. Cowansville, Qubec: ditions Y. Blais.

Michel, C., & M, L. (2002). ADeLe: An Attack Description Language for Knowledge-Based Intrusion Detection. In M. Dupuy & P. Paradinas (Eds.), Trusted Information (pp. 353–368). Springer US. (DOI: 10.1007/0-306-46998-7 25)

Noel, S., Jajodia, S., O’Berry, B., & Jacobs, M. (2003, December). Efficient minimum-cost network hardening via exploit dependency graphs. In Computer Security Applications Conference, 2003. Proceedings. 19th Annual (pp. 86–95). doi: 10.1109/CSAC.2003.1254313

Ortalo, R., Deswarte, Y., & Kaaniche, M. (1999, September). Experimenting with quantitative evaluation tools for monitoring operational security. IEEE Transactions on Software Engineering, 25(5), 633–650. doi: 10.1109/32.815323

Ou, X., Boyer, W. F., & McQueen, M. A. (2006). A Scalable Approach to Attack Graph Generation. In Proceedings of the 13th ACM Conference on Computer and Communications Security (pp. 336–345). New York, NY, USA: ACM. doi: 10.1145/1180405.1180446

Pangalos, G., & Katos, V. (2009, September). Information Assurance and Forensic Readiness. In A. B. Sideridis & C. Z. Patrikakis (Eds.), Next Generation Society. Technological and Legal Issues (pp. 181–188). Springer Berlin Heidelberg. (DOI: 10.1007/978-3-642-11631-5 17)

Phillips, C., & Swiler, L. P. (1998). A Graph-based System for Network-vulnerability Analysis. In Proceedings of the 1998 Workshop on New Security Paradigms (pp. 71–79). New York, NY, USA: ACM. doi: 10.1145/310889.310919

Reed, C., & Rowe, G. (2004). Araucaria: Software for argument analysis, diagramming and representation. International Journal on Artificial Intelligence Tools, 13(04), 961–979. Retrieved 2016-02-28, from http://www.worldscientific.com/doi/ abs/10.1142/S0218213004001922

Ritchey, R. W., & Ammann, P. (2000). Using model checking to analyze network vulnerabilities. In 2000 IEEE Symposium on Security and Privacy, 2000. S P 2000. Proceedings (pp. 156–165). doi: 10.1109/SECPRI.2000.848453

Rowlingson, R. (2004). A ten step process for forensic readiness. International Journal of Digital Evidence, 2(3), 1–28.

Saravanan, M., Ravindran, B., & Raman, S. (2008). Automatic Identification of Rhetorical Roles using Conditional Random Fields for Legal Document Summarization. In Third International Joint Conference on Natural Language Processing (p. 481).

Schweighofer, E., Winiwarter, W., & Merkl, D. (1995). Information Filtering: The Computation of Similarities in Large Corpora of Legal Texts. In Proceedings of the 5th International Conference on Artificial Intelligence and Law (pp. 119–126). New York, NY, USA: ACM. doi: 10.1145/222092.222205

Scrapinghub, Ltd. (2015, June). Scrapy. Retrieved from http://scrapy.org

Shum, S. B. (2003). The Roots of Computer Supported Argument Visualization. In Visualizing Argumentation (pp. 3–24). Springer London. (DOI:10.1007/978-1-4471-0037-9_1)

Tan, J. (2001). Forensic readiness. Cambridge, MA:@ Stake.

Templeton, S. J., & Levitt, K. (2000). A Requires/Provides Model for Computer Attacks. In Proceedings of the 2000 Workshop on New Security Paradigms (pp. 31–38). New York, NY, USA: ACM. doi: 10.1145/366173.366187

Timmer, S. T., Meyer, J.-J. C., Prakken, H., Renooij, S., & Verheij, B. (2015). A Structure-guided Approach to Capturing Bayesian Reasoning About Legal Evidence in Argumentation. In Proceedings of the 15th International Conference on Artificial Intelligence and Law (pp. 109–118). New York, NY, USA: ACM. doi: 10.1145/2746090.2746093

Torpey, E. M. (2009). Careers in Forensics: Analysis, Evidence, and Law. Occupational Outlook Quarterly, 53(1), 14–19. Retrieved 2016-02-28, from http://eric.ed.gov/?id=EJ875430

Toulmin, S. E. (2003). The uses of argument. Cambridge University Press.

Tu, M., Xu, D., Butler, E., & Schwartz, A. (2012). Forensic Evidence Identification and Modeling for Attacks against a Simulated Online Business Information System. The Journal of Digital Forensics, Security and Law: JDFSL, 7(4), 73.

Uyttendaele, C., Moens, M.-F., & Dumortier, J. (1998, March). Salomon: Automatic Abstracting of Legal Cases for Effective Access to Court Decisions. Artificial Intelligence and Law, 6(1), 59–79. doi: 10.1023/A:1008256030548

Verheij, B. (2003, November). Artificial argument assistants for defeasible argumentation. Artificial Intelligence, 150(12), 291–324. doi: 10.1016/S0004-3702(03)00107-3

Verheij, B. (2014). To catch a thief with and without numbers: arguments, scenarios and probabilities in evidential reasoning. Law, Probability and Risk, 13(3-4), 307–325. Retrieved 2016-02-28, from http://lpr.oxfordjournals.org/ content/13/3-4/307.short

Vlek, C., Prakken, H., Renooij, S., & Verheij, B. (2013). Modeling Crime Scenarios in a Bayesian Network. In Proceedings of the Fourteenth International Conference on Artificial Intelligence and Law (pp. 150–159). New York, NY, USA: ACM. doi: 10.1145/2514601.2514618

Wyner, A. Z. (2010). Towards annotating and extracting textual legal case elements. Informatica e Diritto: special issue on legal ontologies and artificial intelligent techniques, 19(1-2), 9–18.

Yousfi-Monod, M., Farzindar, A., & Lapalme, G. (2010, May). Supervised Machine Learning for Summarizing Legal Documents. In A. Farzindar & V. Keelj (Eds.), Advances in Artificial Intelligence (pp. 51–62). Springer Berlin Heidelberg. (DOI: 10.1007/978-3-642-13059-5 8)

Zukerman, I., McConachy, R., & Korb, K. B. (1998). Bayesian reasoning in an abductive mechanism for argument generation and analysis. In AAAI/IAAI (pp. 833–838). Retrieved 2016-02-28, from http://www.aaai.org/Papers/AAAI/ 1998/AAAI98-118.pdf

DOI

https://doi.org/10.15394/jdfsl.2016.1372

 

To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.