{"id":121144,"date":"2020-11-26T17:00:16","date_gmt":"2020-11-26T14:00:16","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/how-to-build-a-search-engine-for-criminal-data\/"},"modified":"2020-11-26T17:00:16","modified_gmt":"2020-11-26T14:00:16","slug":"how-to-build-a-search-engine-for-criminal-data","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/how-to-build-a-search-engine-for-criminal-data\/","title":{"rendered":"#How to build a search engine for criminal data"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a3dcd370785d\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a3dcd370785d\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/how-to-build-a-search-engine-for-criminal-data\/#Digital_digging\" >Digital digging<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/how-to-build-a-search-engine-for-criminal-data\/#The_ins_and_outs\" >The ins and outs<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/buradabiliyorum.com\/en\/how-to-build-a-search-engine-for-criminal-data\/#Smooth_user_experience\" >Smooth user experience<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/buradabiliyorum.com\/en\/how-to-build-a-search-engine-for-criminal-data\/#High_profile_cases\" >High profile cases<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/buradabiliyorum.com\/en\/how-to-build-a-search-engine-for-criminal-data\/#The_smart_assistant\" >The smart assistant<\/a><\/li><\/ul><\/nav><\/div>\n<p>&#8220;<strong>#How to build a search engine for criminal data<\/strong>&#8221;<\/p>\n<div>\n                                <span style=\"font-weight: 400;\">Whether it\u2019s a <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">WhatsApp<\/a> message arranging the distribution of cocaine from S\u00e3o Paulo to Amsterdam or other encrypted conversations to lure the enemy into a deadly ambush; criminals have long tried to keep their digital footprints hidden.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The evidence of crime is all stored in the digital archive: emails, photos, and cloud storage data. Law enforcement agencies can use these digital clues to find out where criminals have been, and what they\u2019re currently doing.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Data analysis platforms are becoming increasingly crucial in the fight against crime. We spoke with two forensic software experts from Hansken about how they support law enforcement agencies, like the Dutch National Police and the Dutch Fiscal Information and Investigation Service.\u00a0<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Digital_digging\"><\/span><b>Digital digging<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">No lone detective can efficiently search the vast pool of data stored on confiscated data carriers.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Since 2012, The Netherlands Forensic Institute (NFI) has\u00a0<\/span><a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"https:\/\/hansken.org\/Introduction\"><span style=\"font-weight: 400;\">focused on<\/span><\/a><span style=\"font-weight: 400;\"> Digital Forensics as a Service (DFaaS) with the aim to provide a service that can process huge amounts of digital forensic material with accessible and secure access to analyzed data.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In 2015, the NFI launched the platform Hansken \u2013 named after the famous<\/span><a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"https:\/\/www.elephanthansken.com\/about\/\"> <span style=\"font-weight: 400;\">17th-century elephant<\/span><\/a><span style=\"font-weight: 400;\"> immortalized \u2013 as a valuable tool in digital forensic analysis.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Hansken processes chat conversations, photos, emails, audio, and more. It makes the data transparent and searchable, like a search engine. The goal is that detectives and experts can use standard search queries, and will be able to access the data 48 hours after a crime. The platform<\/span><a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"https:\/\/www.sciencedirect.com\/science\/article\/pii\/S1742287614000127?via%3Dihub\"> <span style=\"font-weight: 400;\">minimizes<\/span><\/a><span style=\"font-weight: 400;\"> the case lead time, ensures maximal coverage, and users can easily search through it.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"The_ins_and_outs\"><\/span><b>The ins and outs<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Hansken can be divided into three levels: the back-end which holds the forensic knowledge, the centralized DFaaS platform, and the front-end which can be used in criminal investigations, research, and development.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">\u201cThe core platform of Hansken and its extraction tools are coded in Java,\u201d notes Hansken forensic software developer Christophe Creeten. Creeten works in the back-end team that\u2019s responsible for collaboration with third parties. By enabling them to add their own digital forensic knowledge and tools, which can then be shared with even more people, the platform can be developed further.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">NFI\u2019s forensic software developers use existing and self-developed tools, from open-source software Hadoop for distributed processing to Elasticsearch for making the information searchable. \u201cWe also use Cassandra for storing large blocks of data, Kafka, for sending messages between services, and Zookeeper for naming, storing information and synchronization of services,\u201d says Creeten.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">When law enforcement agencies legally confiscate a data carrier, it\u2019s sent to Hansken to process its data, pull it apart, and then describe where the information came from.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">\u201cEverything is stored. In Elasticsearch, we store traces as well information <\/span><span style=\"font-weight: 400;\">on how we derived those traces<\/span><span style=\"font-weight: 400;\">, so we can trace back,\u201d Creeten tells TNW. \u201cSo if a detective types something into Hansken, it becomes a search query that is thrown over the Elasticsearch database and searches for the traces that match it and gives it back as a result.\u201d<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Whether it\u2019s drugs, fraud, money laundering, or another form of organized crime, more and more data is encrypted. It\u2019s an arduous task to access the data when the key is no longer available.\u201cBut it\u2019s a fun challenge to dive deeper into various data structures,\u201d says Carly Bakker, a forensic software developer for Hansken\u2019s back-end libraries team.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Bakker and her colleagues work hard to aptly interpret data from confiscated carriers. \u201cMetal is a Java library developed by the NFI to really read data at byte-level. So we often use it to read file formats and to extract bytes. Then we can parse a file and\u00a0split it into small chunks where we purposefully can extract the information,\u201d says Bakker. \u201cSo you don\u2019t have to go through a laborious process in Java to extract all those bytes one by one from that stream which often makes the code unreadable.\u201d<\/span><\/p>\n<p><em>Want to work at Rijksoverheid?<span>\u00a0<\/span><a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"https:\/\/www.werkenvoornederland.nl\/vakgebieden\/icters-bij-de-rijksoverheid?utm_source=thenextweb&amp;utm_medium=display&amp;utm_campaign=amc-ict-alwayson&amp;utm_content=brandedchannel\">They\u2019re hiring<\/a>.<\/em><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Smooth_user_experience\"><\/span><b>Smooth user experience<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">The user-friendliness\u00a0of the platform ensures that detectives, both with and without IT-knowledge, can use the search engine to extract evidence from the available data.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The user experience of detectives and digital experts<\/span> <span style=\"font-weight: 400;\">improves automated testing and integration for continuous deployment. One adjustment was a visual timeline, says Bakker: \u201cWhat we have worked on is that we can display everything in a timeframe. There\u2019s a timeline where users can see when certain data has been changed. The detective or expert then immediately sees what happened during a certain period of time. It often comes in handy for email traffic or chats.\u201d<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The NFI developers ensure that Hansken is able to expose (deleted) emails, recognize patterns, categorize images, and map the locations of data with coordinates, but it\u2019s up to the detectives and digital experts to interpret and assess the presented data.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"High_profile_cases\"><\/span><b>High profile cases<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Hansken\u2019s platform is designed <\/span><a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"https:\/\/www.sciencedirect.com\/science\/article\/pii\/S1742287615000857\"><span style=\"font-weight: 400;\">to handle<\/span><\/a><span style=\"font-weight: 400;\"> privacy, transparency, and security in criminal investigations, and has now been used in<\/span><a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"https:\/\/hansken.org\/Introduction\"> <span style=\"font-weight: 400;\">more than<\/span><\/a><span style=\"font-weight: 400;\"> 700 criminal cases.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In 2016, the Dutch Prosecution Office seized mail servers in Canada which <\/span><a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"https:\/\/www.vice.com\/en\/article\/8q8x4k\/dutch-and-canadian-police-seize-criminal-encrypted-smartphone-network\"><span style=\"font-weight: 400;\">were used <\/span><\/a><span style=\"font-weight: 400;\">for secure (PGP) communication with adapted Blackberry phones. In 2018, The Court of Amsterdam<\/span><a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"https:\/\/uitspraken.rechtspraak.nl\/inziendocument?id=ECLI:NL:RBAMS:2018:2504\"> <span style=\"font-weight: 400;\">ruled<\/span><\/a><span style=\"font-weight: 400;\"> that Hansken could lawfully be used to search through and provide insight into already available evidence \u2014 3.6 million encrypted messages from Canadian mail servers were lawfully searched.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">It was a bitter pill to swallow for the Dutch criminal Naoufal F., nicknamed Noffel, when he was<\/span><a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"https:\/\/www.parool.nl\/nieuws\/18-jaar-cel-voor-noffel-f-voor-mislukte-moordaanslag-in-diemen~b87046dd\/?referrer=https%3A%2F%2Fwww.google.com%2F\"> <span style=\"font-weight: 400;\">sentenced<\/span><\/a><span style=\"font-weight: 400;\"> in 2018 to 18 years in prison for a failed liquidation. A year later, six men<\/span><a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"https:\/\/uitspraken.rechtspraak.nl\/inziendocument?id=ECLI:NL:RBGEL:2019:2832\"> <span style=\"font-weight: 400;\">were convicted<\/span><\/a><span style=\"font-weight: 400;\">, with sentences ranging from seven years to life imprisonment for their extremely violent wave of preparation and (attempted) liquidations. The Dutch Prosecution Office, with the help of Hansken, used the evidence found in encrypted messages to convict them.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"The_smart_assistant\"><\/span><b>The smart assistant<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Hansken challenges forensic software developers to keep evaluating and developing methods to efficiently analyze large data collections. Bakker: \u201cThe work encapsulates our love for puzzles, problem-solving, and passion for programming.\u201d<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The NFI ensures that law enforcement agencies receive sufficient aid during digital forensic investigations. Hansken saves time with problem-solving, quickly analyzing data, ensuring forensic knowledge is safeguarded, and providing valuable leads in criminal casework. Digital forensic investigation will play an increasingly important role in criminal justice. \u201cWe continue to develop the platform and expand its forensic capabilities. There\u2019s always room for improvement,\u201d adds Creeten.<\/span><\/p>\n<div class=\"c-post-paidNotice c-post-paidNotice--below\">\n            <a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"https:\/\/www.werkenvoornederland.nl\/vakgebieden\/icters-bij-de-rijksoverheid\"><img decoding=\"async\" class=\"c-post-paidNotice-image\" src=\"https:\/\/cdn0.tnwcdn.com\/wp-content\/blogs.dir\/1\/files\/2019\/12\/logo_rijksoverheid_png.-1-e1576163902139.png\"\/><\/a><\/p>\n<p class=\"c-post-paidNotice-text\"><span>This article is brought to you by <a rel=\"nofollow noopener noreferrer\" target=\"_blank\" onclick=\"ga('primary.send', 'event', 'Article', 'Sponsored Post', 'Link');\" href=\"https:\/\/www.werkenvoornederland.nl\/vakgebieden\/icters-bij-de-rijksoverheid\">Rijksoverheid.<\/a>\u00a0<\/span><\/p>\n<\/div>\n<p class=\"c-post-pubDate\">\n                                    Published November 26, 2020 \u2014 14:00 UTC\n                                <\/p>\n<\/p><\/div>\n<p><script data-src=\"https:\/\/connect.facebook.net\/en_US\/sdk.js#xfbml=1&amp;appId=378011798897423&amp;version=v2.6\" id=\"socialSrcFacebook\" type=\"text\/template\"><\/script><\/p>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/technology\/\" target=\"_blank\" rel=\"noopener noreferrer\">Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/thenextweb.com\/readme\/2020\/11\/26\/how-to-build-a-search-engine-for-criminal-data\/\" target=\"_blank\" rel=\"noopener noreferrer\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;#How to build a search engine for criminal data&#8221; Whether it\u2019s a WhatsApp message arranging the distribution of cocaine from S\u00e3o Paulo to Amsterdam or other encrypted conversations to lure the enemy into a deadly ambush; criminals have long tried to keep their digital footprints hidden. The evidence of crime is all stored in the&#8230;<\/p>\n","protected":false},"author":1,"featured_media":121145,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/img-cdn.tnwcdn.com\/image\/readme?filter_last=1&fit=1280,640&url=https:\/\/cdn0.tnwcdn.com\/wp-content\/blogs.dir\/1\/files\/2020\/11\/crime-search-engine.jpg&signature=4f16d10d08a9adc493690754e9c1805c","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[],"class_list":["post-121144","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/121144","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=121144"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/121144\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/121145"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=121144"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=121144"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=121144"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}