October 11, 2021
Device information can be too much of a good thing for law enforcement investigation
Umit Karabiyik, an assistant professor in computer and information technology, works in Purdue’s Cybersecurity and Forensics Lab. Karabiyik researches forensic intelligence and how investigators can use terabytes of evidence from a myriad of devices. (Purdue University photo/Rebecca McElhoe)
Usage growth results in terabytes of evidence data
WEST LAFAYETTE, Ind. — Take a walk outside and, Purdue University’s Umit Karabiyik says, video-enabled doorbells or street cameras are recording you. He says most people are carrying at least three devices that are each filing away different data about them.
For law enforcement investigations, all of this data is considered today’s digital “fingerprints” – information possibly needed to solve a crime.
Karabiyik, an assistant professor in computer and information technology in the Purdue Polytechnic Institute, is focused on that data – called forensic intelligence – to give law enforcement at all levels of the investigation the means to receive and handle potentially terabytes of such data.
“Think about the data on every device,” Karabiyik said. “Individuals leave ‘fingerprints’ digitally on their phones with their behaviors. Sometimes they are unique, and the data created by individuals on different devices help identify who the person is that was using the device.”
In a society devoted to myriad devices, most people are carrying on any given day a laptop, smartphone and, Karabiyik said, wearing a fitness tracker or smart watch. All three devices collect data ranging from photos and video, social media and even geo-location that can potentially help an investigation.
Karabiyik is working on the data collected in cases of mass incidents with multiple victims, including terrorist attacks domestic or international. The amount of data potentially available has grown exponentially in the years since 9/11, when investigators were faced with only 80 terabytes of data.
“Today, it could be 500 terabytes in an incident with thousands of people using smart phones, security cameras in the areas,” Karabiyik said. “It’s like trying to find a needle in a needle stack rather than a hay stack. Which needles are you interested in? Which one specific item is the piece of data you need?”
Focusing on the available data from a device and identifying tendencies of whoever the device user was at the time offers insight into what has been happening. Bringing together the evidence collected from multiple devices or shared devices allows investigators to make conclusions about who the user was at a given time.
Karabiyik is a member of Purdue’s Center for Education and Research in Information Assurance and Security (CERIAS). Purdue’s cybersecurity research and educational initiatives are centered under CERIAS and its 135 affiliated faculty members from 18 academic departments.
Cybersecurity is a critical topic under Purdue’s Next Moves, the ongoing strategic initiatives that will advance the university’s competitive advantage. Cybersecurity research is a key component of Purdue’s National Security and Technology enterprise.
Karabiyik is part of a team that has been working since 2016 on a faster way for anyone who wants to share data with law enforcement while still preserving their security and privacy. Applied to any forensic investigation – large or small – a victim or witness simply needs to download an app to pass along potential information to law enforcement.
As part of the research, Karabiyik said nothing is shared with law enforcement unless specific consent is given on specific data from the person via the app. Current investigation tools allow for only a transfer of all information, such as dumping all the photos from a phone rather than a select two or three.
“I believe there has to be a balance between national security and personal privacy,” Karabiyik said. “This helps establish a trust between the public and the law enforcement agency so the public can share their data in a secured-manner situation.”
About Purdue University
Purdue University is a top public research institution developing practical solutions to today’s toughest challenges. Ranked in each of the last four years as one of the 10 Most Innovative universities in the United States by U.S. News & World Report, Purdue delivers world-changing research and out-of-this-world discovery. Committed to hands-on and online, real-world learning, Purdue offers a transformative education to all. Committed to affordability and accessibility, Purdue has frozen tuition and most fees at 2012-13 levels, enabling more students than ever to graduate debt-free. See how Purdue never stops in the persistent pursuit of the next giant leap at https://purdue.edu/.
Writer, Media contact: Brian Huchel, 765-494-2084, bhuchel@purdue.edu
Source: Umit Karabiyik, 765-496-6877, umit@purdue.edu
Note to journalists: An image of Umit Karabiyik is available on Google Drive. Journalists visiting campus should follow visitor health guidelines.