Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 31108
Ontologies for Social Media Digital Evidence

Authors: Edlira Kalemi, Sule Yildirim-Yayilgan


Online Social Networks (OSNs) are nowadays being used widely and intensively for crime investigation and prevention activities. As they provide a lot of information they are used by the law enforcement and intelligence. An extensive review on existing solutions and models for collecting intelligence from this source of information and making use of it for solving crimes has been presented in this article. The main focus is on smart solutions and models where ontologies have been used as the main approach for representing criminal domain knowledge. A framework for a prototype ontology named SC-Ont will be described. This defines terms of the criminal domain ontology and the relations between them. The terms and the relations are extracted during both this review and the discussions carried out with domain experts. The development of SC-Ont is still ongoing work, where in this paper, we report mainly on the motivation for using smart ontology models and the possible benefits of using them for solving crimes.

Keywords: Social Media, Ontologies, Reasoning, criminal digital evidence

Digital Object Identifier (DOI):

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1980


[1] Justin P. Murphy & Adrian Fontecilla, Social Media Evidence in Government Investigations and Criminal Proceedings: A Frontier of New Legal Issues, 19 RICH. J.L. & TECH 11 (2013). Available from:
[2] Benjamin Turnbull ·Suneel Randhawa · Automated event and social network extraction from digital evidence sources with ontological mapping·Digital Investigation 13 (2015) 94-106.
[3] Google Inc. Introducing the knowledge graph: things, not strings. 2012.
[4] Project Authors: Sebastian Denef, Nico Kaptein, Petra S. Bayerl, Leonardo Ramirez, © 2012 by COMPOSITE,
[5] LexisNexis® Risk Solutions. (2014). (Survey of Law Enforcement Personnel and Their Use of Social Media).
[6] Eyder Peralta, Betrayed By Metadata: John McAfee Admits He’s Really in Guatemala, NPR (Dec. 4, 2012, 12:24 PM),
[7] Community Oriented Policing Services, & Police Executive Research Forum. (2013). Social Media and Tactical Considerations For Law Enforcement. pp.29.
[8] Adnan Abdalla, Sule Yildirim Yayilgan:A Review of Using Online Social Networks for Investigative Activities. HCI (22) 2014: 3-12.
[9] Lococitato Mapping Social Networks. Accessed: (20.10.2015).
[10] Accessed: (22.10.2015).
[11] Accessed: (22.10.2015).
[12] Accessed: (22.10.2015).
[13] “Understanding and authenticating evidence from social networking sites“, Heather L. Griffith, Washington Journal of Law, Technology & Arts Volume 7, Issue 3, Winter 2012.
[14] B. D. Carrier and E. H. Spafford, “An Event-Based Digital Forensic Investigation Framework,” Proceedings of the 4th Digital Forensic Research Workshop DFRWS, pp. 1–12, 2004.
[15] Accessed: (22.10.2015).
[16] Accessed: (14.10.2015).
[17] Accessed: (17.10.2015).
[18] Accessed: (17.10.2015).
[19] Justin P. Murphy & Adrian Fontecilla, Social Media Evidence in Government Investigations and Criminal Proceedings: A Frontier of New Legal Issues, 19 RICH. J.L. & TECH 11 (2013), available at
[20] Daniel K. Gelb, Defending a Criminal Case from the Ground to the Cloud, 27 CRIM. JUST. 28, 29 (2012).
[21] Griffin v. State, 19 A.3d 415, 424 (Md. 2011) (recognizing “the potential for abuse and manipulation of a social networking site by someone other than its purported creator”).
[22] Justin P. Murphy & Adrian Fontecilla, Social Media Evidence in Government Investigations and Criminal Proceedings: A Frontier of New Legal Issues, 19 RICH. J.L. & TECH 11 (2013), available at
[23] Cosic, J., & Baca, M. (2010). Do we have full control over integrity in digital evidence life cycle? Information Technology Interfaces (ITI), 2010 32nd International Conference on, 429–434.
[24] 7 WASH J.L. TECH. & ARTS 209 (2012)
[25] Accessed: (18.10.2015).
[26] Accessed
[27] Accessed
[28] Noy N, McGuinness D. Ontology development 101: a guide to creating your first ontology. Available from: http://protege. ontology101-noy-mcguinness.html; 2001
[retrieved 13.10.15].
[29] Accessed: (22.10.2015).
[30] B, Z. K., Imran, A. S., & Yildirim-Yayilgan, S. (2015). Social Computing and Social Media, 9182, 148–157.
[31] Obrst, L., Chase, P., & Markeloff, R. (2012). Developing an Ontology of the Cyber Security Domain. Seventh International Conference on Semantic Technologies For. Intelligence, Defense, and Security – STIDS 2012., 49–56. Retrieved from
[32] MAEC - Malware Attribute Enumeration and Characterization.
[Online] Accessed: (21.10.2015).
[33] Brinson, A., Robinson, A., & Rogers, M. (2006). A cyber forensics ontology: Creating a new approach to studying cyber forensics. Digital Investigation,3(SUPPL.), 37-43.
[34] Ćosić, J., Ćosić, Z., & Bača, M. (2011). An ontological approach to study and manage digital chain of custody of digital evidence. Journal of Information and Organizational Sciences, 35(1), 1–13.
[35] Bezzazi, E. H. (2007). Building an ontology that helps identify criminal law articles that apply to a cybercrime case. Icsoft 2007: Proceedings of the Second International Conference on Software and Data Technologies, Vol Pl/Dps/Ke/Muse, 179–185.
[36] Hoekstra, R., Breuker, J., Di Bello, M., & Boer, A. (2007). The LKIF core ontology of basic legal concepts. CEUR Workshop Proceedings, 321, 43–63.
[37] Accessed: (14.09.2015).
[38] Accessed: (12.10.2015).
[39] Breuker, J., Elhag, A., Petkov, E., & Winkels, R. (2002). Ontologies for Legal Information Serving and Knowledge Management. Legal Knowledge and Information Systems. Jurix 2002: The Fifteenth Annual Conference, (July 2015), 73–82.
[40] Breuker, J., & Hoekstra, R. (2004). Epistemology and ontology in core ontologies: FOLaw and LRI-Core, two core ontologies for law. Proceedings of the EKAW04 Workshop on Core Ontologies in Ontology Engineering, 15–27.
[41] Dosis, S., Homem, I., & Popov, O. (2013). Semantic Representation and Integration of Digital Evidence. Procedia Computer Science, 22, 1266–1275.
[42] Levine, B. N., & Liberatore, M. (2009). DEX: Digital evidence provenance supporting reproducibility and comparison. Digital Investigation, 6(SUPPL.), 48–56.
[43] Garfinkel, S. (2012). Digital forensics XML and the DFXML toolset. Digital Investigation, 8(3-4), 161–174.
[44] Kota, V. K. (2012). An Ontological Approach for Digital Evidence Search. International Journal of Scientific and Research Publications, 2(1), 2250–3153. Retrieved from (18.10.2015)
[45] Accessed (15.09.2015)
[46] Accessed (20.09.2015)
[47] Semantic Web Rule Language,, Accessed (15.10.2015)
[48] Accessed (15.11.2015)