Lessons Learned Developing and Extending a Visual Analytics Solution for Investigative Analysis of Scamming Activities
This work addresses the need for better investigative tools for cybersecurity analysts, but it is incremental as it builds upon an existing solution.
The paper tackles the problem of analyzing large email datasets for scamming activities by extending the Beagle visual analytics tool with additional visualizations to improve grouping and analysis efficiency, demonstrated through a case study.
Cybersecurity analysts work on large communication data sets to perform investigative analysis by painstakingly going over thousands of email conversations to find potential scamming activities and the network of cyber scammers. Traditionally,experts used email clients, database systems and text editors to perform this investigation. With the advent of technology,elaborate tools that summarize data more efficiently by using cutting edge data visualization techniques have come out. Beagle[1] is one such tool which visualizes the large communication data using different panels such that the inspector has better chances of finding the scam network. This paper is a report on our work to implement and improve the work done by Jay Koven et al. [1]. We have proposed and demonstrated via implementation, a few more visualizations that we feel would help in grouping and analyzing the e-mail data more efficiently. Lastly, we have also presented a case study that shows the potential use of our tool in a real-world scenario.