Applying Social Network Analysis to Security

In this paper, we set out to explore some of the many ways in which Social Network

Analysis (SNA) can be applied to the field of security. In particular, we investigate what

information someone (e.g., an attacker) could infer if they were able to gather data on a

person’s friend-groups or device communications (e.g., email interactions) and whether

this could be used to predict the “hierarchical importance” of the individual. This research

could be applied to various social networks to help with criminal investigations by

identifying the users with high influence within the criminal gangs on DarkWeb Forums, in

order to help identify the ring-leaders of the gangs. For this study we conducted an initial

investigation on the Enron email dataset, and investigated the effectiveness of existing

SNA metrics in establishing hierarchy from the social network created from the email

communications metadata. We then tested the metrics on a fresh dataset to assess the

practicality of our results to a new network.