The purpose of this dissertation is to describe a decision support methodology that may be used to determine if there is sufficient information to demonstrate probable cause and validate the completeness of the evidence obtained. This methodology would become the foundation of a framework where information about a crime that was committed may be shared amongst investigators from various law enforcement agencies and industry, prosecutors and other litigators, and analysts to track digital evidence of crimes or, through trend analysis, identify when investigative resources need to be reallocated.; Within the primary purpose of this dissertation, there are two goals. The first goal is to describe several laws that describe the criminal use of computers using an ontology-modeling tool. Two of the crimes modeled will have similar elements of proof while the third ontology model will describe a very different law. The second goal is to postulate a probabilistic model that will be applied to evidence that may be described using the attributes identified within the ontologies. The probabilistic model will be applied against the evidence. Using a "best fit" inference methodology, the model results should identify whether a crime has been committed, and which crime has been committed. The degree of fit will identify if there is sufficient evidence to justify "probable cause" for a search warrant. The three crimes were chosen to see if the models have sufficient granularity to identify which crime has been committed. By identifying the correct crime, this same model will identify which law enforcement agency is responsible for investigating that crime since the enforcement of specific laws (i.e. the investigation of the corresponding crimes) are assigned to specific law enforcement agencies. Future research would allow modification of the probabilistic model to assist investigators in determining if there is sufficient evidence for prosecution. The ontologies need to be sufficiently robust as to allow the description of statutes of crimes that are similar in nature but fall into a different jurisdiction. In this way, the probabilistic model can be used to identify whether an investigation needs to be continued or passed on to another jurisdiction's law enforcement agency for continued investigation, thereby freeing the initial agency's assets for use elsewhere. (Abstract shortened by UMI.)
展开▼
