Increasingly severe cybercrime results in heavy impact and loss for society and public security of various countries, and even influences Homeland security. Based on previous experiences, the most effective method to resist cybercrime and reduce its impact and damage is that law enforcement agencies (LEA) identify and arrest criminals within the shortest time possible after a crime occurs. Therefore, IP location and IP Individualization play key roles. In view of this, this study proposes an IP user tracking forensics mechanism, based on the concepts of IP location and computational forensics, to develop forensics tracking on the Internet. The proposed mechanism can instantly trace the “physical location” of cybercriminals when cybercrimes occurs, analyze the probable “identity” associatively, and reconstruct the historical physical path of the cybercriminal. The proposed mechanism was implemented for verification. The results showed that the accuracy of IP location is 0 m error on the fixed network, while the mobile network could reach Cell-ID covered range (150–500 m radius in urban area). The identity of cybercriminal could be successfully reasoned out, with segmental paths (e.g. tracking breakpoints) reconstructed by algorithm, thus, obtaining the complete path of the target. The average success ratio (predictable ratio) was 90.91%, and the accuracy rate was 88.70%.
Digital Object Identifier (DOI)
Lin, Feng-Yu; S. Sun, Yeali; and Chang Chen, Meng
"Forensics Tracking for IP User using the Markov Chain Model,"
Applied Mathematics & Information Sciences: Vol. 08:
3, Article 51.
Available at: https://digitalcommons.aaru.edu.jo/amis/vol08/iss3/51