CFP last date
15 October 2024
Reseach Article

E-mail Data Analysis for Application to Cyber Forensic Investigation using Data Mining

Published on November 2013 by Sobiya R. Khan, Smita M. Nirkhi, R. V. Dharaskar
2nd National Conference on Innovative Paradigms in Engineering and Technology (NCIPET 2013)
Foundation of Computer Science USA
NCIPET - Number 3
November 2013
Authors: Sobiya R. Khan, Smita M. Nirkhi, R. V. Dharaskar
b7c79fad-30b7-42c2-b613-4ca47aa87ad2

Sobiya R. Khan, Smita M. Nirkhi, R. V. Dharaskar . E-mail Data Analysis for Application to Cyber Forensic Investigation using Data Mining. 2nd National Conference on Innovative Paradigms in Engineering and Technology (NCIPET 2013). NCIPET, 3 (November 2013), 0-0.

@article{
author = { Sobiya R. Khan, Smita M. Nirkhi, R. V. Dharaskar },
title = { E-mail Data Analysis for Application to Cyber Forensic Investigation using Data Mining },
journal = { 2nd National Conference on Innovative Paradigms in Engineering and Technology (NCIPET 2013) },
issue_date = { November 2013 },
volume = { NCIPET },
number = { 3 },
month = { November },
year = { 2013 },
issn = 2249-0868,
pages = { 0-0 },
numpages = 1,
url = { /proceedings/ncipet/number3/562-1364/ },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Proceeding Article
%1 2nd National Conference on Innovative Paradigms in Engineering and Technology (NCIPET 2013)
%A Sobiya R. Khan
%A Smita M. Nirkhi
%A R. V. Dharaskar
%T E-mail Data Analysis for Application to Cyber Forensic Investigation using Data Mining
%J 2nd National Conference on Innovative Paradigms in Engineering and Technology (NCIPET 2013)
%@ 2249-0868
%V NCIPET
%N 3
%P 0-0
%D 2013
%I International Journal of Applied Information Systems
Abstract

This paper discusses briefly the significance of e-mail communication in today's world, how substantial e-mails are with respect to obtaining digital evidence. The framework proposed by authors employs state-of-the-art existing data mining techniques. Experiments are conducted for e-mail analysis on the Enron data corpus. The intent of the proposed system is to provide assistance during forensic investigation. In this paper, we enhance the results obtained in our previous work on statistical analysis and provide our findings on e-mail classification experiments.

References
  1. Rachid Hadjidj, Mourad Debbabi, Hakim Lounis, Farkhund Iqbal, Adam Szporer, Djamel Benredjem, "Towards an integrated e-mail forensic analysis framework", Digital Investigation 5, pp. 124–137, 2009.
  2. S S. Appavu alias Balamurugan, Dr. R. Rajaram, "Data mining techniques for suspicious e-mail detection: A comparative study", IADIS European Conference Data Mining, 2007.
  3. D. V. Chandra Shekar and S. Sagar Imambi, "Classifying and Identifying of Threats in E-mails – Using Data Mining Techniques", Proceedings of the International MultiConference of Engineers and Computer Scientists, Vol. I, IMECS, 19-21 March 2008, Hong Kong.
  4. Iqbal F, Hadjidj R, Fung BCM, Debbabi M. , "A novel approach of mining write-prints for authorship attribution in e-mail forensics", Digital Investigation 5:pp. 42–51, 2008.
  5. Zheng R, Li J, Chen H, Huang Z. , "A framework for authorship identification of online messages: writing-style features and classification techniques". Journal of the American Society for Information Science and Technology, February ;57(3), pp. 378– 93, 2006.
  6. Zheng R, Qin Y, Huang Z, Chen H. , "Authorship analysis in cybercrime investigation", In: Proc. 1st NSF/NIJ symposium. ISI Springer-Verlag; pp. 59–73, 2003.
  7. de Vel O, Anderson A, Corney M, Mohay G. , "Mining e-mail content for author identification forensics", SIGMOD Record December ;30(4):55–64, 2001.
  8. Olivier de Vel, "Mining E-mail Authorship", KDD-2000 Workshop on Text Mining, August 20, Boston, 2000.
  9. Farkhund Iqbal, Hamad Binsalleeh, Benjamin C. M. Fung, Mourad Debbabi. , "Mining writeprints from anonymous e-mails for forensic investigation", Digital Investigation, 2010.
  10. Abbasi A, Chen H. , "Writeprints: a stylometric approach to identity level identification and similarity detection in cyberspace", ACM Transactions on Information Systems, Vol. 26, No. 2, Article 7, March 2008.
  11. Gray, A. , Sallis, P. , & MacDonell, S. , "Software forensics: Extending authorship analysis techniques to computer programs", Third biannual conference of the International Association of Forensic Linguists (IAFL '97), 1997.
  12. Argamon, S. , S ? ari´c, M. , & Stein, S. S. , "Style mining of electronic messages for multiple authorship discrimination", Proceedings of the 9th ACM SIGKDD Conference on Knowledge Discovery and Data Mining (pp. 475–480). ACM Press, 2003.
  13. Chaski, C. , "Empirical evaluations of language-based author identication techniques",Forensic Linguistics, 8, 2001.
  14. Gui-Fa Teng'J, Mao-Sheng Lai I, Jian-Bin Ma', Ying Li, "E-mail Authorship Mining based on SVM for Computer Forensic", Proceedings of the Third International Conference on Machine Learning and Cybermetics, Shanghai, August, pp. 26-29, 2004.
  15. Jiexun Li, Rong Zheng, Hsinchun Chen, "From Fingerprint to Writeprint", Communications of the ACM, 2006.
  16. Corney, M. , de Vel, O. , Anderson, A. , & Mohay, G. , "Gender-preferential text mining of E-mail discourse", Eighteeth annual Computer Security Applications Conference (ACSAC 2002), Las Vegas, NV, 2002.
  17. Koppel, M. , Argamon, S. , & Shimoni, A. R. , "Automatically categorizing written texts by author gender. Literary and Linguistic Computing, 17(4), 401–412, 2002.
  18. Stolfo S. J. , Hershkop S. , Ke Wang, Nimeskern O. , "EMT/MET: systems for modeling and detecting errant e-mail", Proceedings of DARPA Information Survivability Conference and Exposition, 2003.
  19. Stolfo S. J. , Hershkop S. , Ke Wang, Nimeskern O. , Chia-Wei Hu, "Behavior-Based Modeling and Its Application to E-mail Analysis",ACM Transactions on Internet Technology, Vol. 6,No. 2, May, Pages 187–221, 2006.
  20. Xiaoyan Fu_,Seok-Hee Hong,Nikola S. Nikolov,Xiaobin Shen,Yingxin Wu,Kai Xuk, "Visualization and Analysis of E-mail Networks", Asia-Pacific Symposium on Visualisation, 2007.
  21. Fanlin Meng, Shunxiang Wu, Junbin Yang, Genzhen Yu, "Research of an E-mail Forensic and Analysis System Based on Visualization", Second Asia-Pacific Conference on Computational Intelligence and Industrial Applications, 2009.
  22. Sudhir Aggarwal,Jasbinder Bali,Zhenhai Duan,Leo Kermes,Wayne Liu,Shahank Sahai,Zhenghui Zhu, "The Design and Development of an Undercover Multipurpose Anti-Spoofing Kit (UnMask)", 23rd Annual Computer Security Applications Conference, 2007.
  23. Sergio Decherchi, Simone Tacconi, Judith Redi, Fabio Sangiacomo, Alessio Leoncini and Rodolfo Zunino, "Text Clustering for Digital Forensics Analysis", Journal of Information Assurance and Security 5 (2010), pp. 384-391.
  24. Ryan Rowe, German Creamer, Shlomo Hershkop and Salvatore J Stolfo, "Automated Social Hierarchy Detection through E-mail Network Analysis", Joint 9th WEBKDD and 1st SNAKDD Workshop '07 August 12, 2007, San Jose, California, USA.
  25. Rabeah Al-Zaidy, Benjamin C. M. Fung, Amr M. Youssef, "Towards discovering criminal communities from textual data", Proceedings of the 2011 ACM Symposium on Applied Computing, 2011.
  26. M. Goldberg, M. Hayvanovych, A. Hoonlor, S. Kelley, M. Ismail, K. Mertsalov, B. Szymanski and W. Wallace, "Discovery, Analysis and Monitoring of Hidden Social Networks and Their Evolution", Technologies for Homeland Security, IEEE Conference, pp. 1-6, 2008.
  27. Hongjun Li, Jiangang Zhang, Haibo Wang, Shaoming Huang, "A Mining Algorithm For E-mail's Relationships Based On Neural Networks", International Conference on Computer Science and Software Engineering, 2008.
  28. Gary Palmer, "A Road Map for Digital Forensic Research, "DFRWS Technical Report", Available: http://www. dfrws. org/2001/dfrwsrmfinal. pdf, 2001.
  29. Sobiya R. Khan, Smita M. Nirkhi, R. V. Dharaskar, "E-mail Mining for Cyber Crime Investigation", Proceedings of International Conference on Advances in Computer and Communication Technology, pp. 138-141, February 2012.
  30. Sobiya R. Khan, Smita M. Nirkhi, R. V. Dharaskar, "Mining E-mail Content for Cyber Forensic Investigation", UACEE International Journal of Computer Science and its Applications, Vol. 2, Issue-2, pp. 112-116, Aug 2012.
  31. Sobiya R Khan, Smita M Nirkhi and R V Dharaskar, "Author Identification for E-mail Forensic", IJCA Proceedings on National Conference on Recent Trends in Computing NCRTC(2):29-32, May 2012.
Index Terms

Computer Science
Information Sciences

Keywords

E-mail forensic analysis Statistical Analysis Classification and Clustering techniques Authorship identification Social Network Analysis.