Forensic data analysis

Part of a series on
Forensic science
Physiological Anthropology Biology Bloodstain pattern analysis Dentistry DNA phenotyping DNA profiling Forensic genealogy Entomology Epidemiology Limnology Medicine Palynology Pathology Podiatry Toxicology
Social Psychiatry Psychology Psychotherapy Social work Verbal autopsy
Criminalistics Accounting Body identification Chemistry Colorimetry Election forensics Facial reconstruction Fingerprint analysis Firearm examination Footwear evidence Forensic arts Profiling Gloveprint analysis Palmprint analysis Questioned document examination Vein matching Forensic geophysics Forensic geology Social network analysis
Digital forensics Computer exams Data analysis Database study Malware analysis Mobile devices Network analysis Photography Video analysis Audio analysis
Related disciplines Electrical engineering Engineering Fire investigation Fire accelerant detection Fractography Linguistics Materials engineering Polymer engineering Statistics Traffic collision reconstruction
Related articles Crime scene CSI effect DNA in forensic entomology Perry Mason syndrome Pollen calendar Skid mark Trace evidence
Outline Category
v t e

Forensic Data Analysis (FDA) is a branch of Digital forensics. It examines structured data with regard to incidents of financial crime. The aim is to discover and analyse patterns of fraudulent activities. Data from application systems or from their underlying databases is referred to as structured data.

Unstructured data in contrast is taken from communication and office applications or from mobile devices. This data has no overarching structure and analysis thereof means applying keywords or mapping communication patterns. Analysis of unstructered data is usually referred to as Computer forensics.

The analysis of large volumes of data is typically performed in a separate database system run by the analysis team. Live systems are usually not dimensioned to run extensive individual analysis without affecting the regular users. On the other hand, it is methodically preferable to analyze data copies on ted company and a forensic scientist who is familiar with patterns of fraudulent behaviour.

After an initial analysis phase using methods of explorative data analysis the following phase is usually highly iterative. Starting with a hypothesis on how the perpetrator might have created a personal advantage the data is analyzed for supporting evidence. Following that the hypothesis is refined or discarded.

The combination of different databases, in particular data from different systems or sources is highly effective. These data sources are either unknown to the perpetrator or he/she Data Visualization is often used to display the results.

• Jörg Meyer: Forensische Datenanalyse. 1. Edition. Erich Schmidt Verlag, Berlin 2012, ISBN 978-3-50313-847-0.
• Christian Hlavica, Uwe Klapproth, Frank Hülsberg et al: Tax Fraud & Forensic Accounting. Gabler Verlag, Wiesbaden 2011, ISBN 978-3-83491-429-3.