Investigations are increasingly conducted online by not only novice sleuths but also by professionals -- in both competitive and collaborative environments. These investigations rely on publicly available information, called open source intelligence (OSINT). However, due to their online nature, OSINT investigations often present coordination, technological, and ethical challenges. Through semi-structured interviews with 14 professional OSINT investigators from nine different organizations, we examine the social collaboration and competition patterns that underlie their investigations. Instead of purely competitive or purely collaborative social models, we find that OSINT organizations employ a combination of both, and that each has its own advantages and disadvantages. We also describe investigators' use of and challenges with existing OSINT tools. Finally, we conclude with a discussion on supporting investigators' with more appropriable tools and making investigations more social. / Master of Science / Investigations are increasingly conducted online by not only novice investigators but also by professionals, such as private investigators or law enforcement agents. These investigations are conducted in competitive environments, such as Capture The Flag (CTF) events where contestants solve crimes and mysteries, but also in collaborative environments, such as teams of investigative journalists joining skills and knowledge to uncover and report on crimes and/or mysteries. These investigations rely on publicly available information called open source intelligence (OSINT) which includes public social media posts, public databases of information, public satellite imagery...etc. OSINT investigators collect and authenticate open source intelligence in order to conduct their investigations and synthesize the authenticated information they gathered to present their findings. However, due to their online nature, OSINT investigations often present coordination, technological, and ethical challenges. Through semi-structured interviews with 14 professional OSINT investigators from nine different organizations, we examine how these professionals conduct their investigations, and how they coordinate the different individuals and investigators involved throughout the process. By analyzing these processes, we can discern the social collaboration and competition patterns that enable these professionals to conduct their investigations. Instead of purely competitive or purely collaborative social models, we find that OSINT organizations employ a combination of both, and that each has its own advantages and disadvantages. In other words, professional OSINT investigators compete with each other but also collaborate with each other at different stages of their investigations or for different investigative tasks. We also describe investigators' use of and challenges with existing OSINT tools and technologies. Finally, we conclude with a discussion on supporting investigators with tools that can adapt to their different needs and investigation types and making investigations more social.
Identifer | oai:union.ndltd.org:VTETD/oai:vtechworks.lib.vt.edu:10919/103944 |
Date | 21 June 2021 |
Creators | Belghith, Yasmine |
Contributors | Computer Science, Luther, Kurt, Kavanaugh, Andrea L., North, Christopher L. |
Publisher | Virginia Tech |
Source Sets | Virginia Tech Theses and Dissertation |
Detected Language | English |
Type | Thesis |
Format | ETD, application/pdf, application/pdf |
Rights | In Copyright, http://rightsstatements.org/vocab/InC/1.0/ |
Page generated in 0.0018 seconds