A forensic analysis solution of the email network based on email contents

Forensics analyses of an email network were more based on the email communication structure, while the email content was seldom considered. In this paper, we propose a forensics analysis method for an email network based on the Latent Dirichlet Allocation topic model and the Centrality algorithm. The method takes into full consideration the email content and the email communication structure. In order to calculate the email communication correlation with the topic of the criminal case, we get the similarity of the email content based on the Latent Dirichlet Allocation model. Combined with the Centrality algorithm, we can obtain the mail accounts that have the greater influence on the email network. Experimental results show that this method can more effectively analyze an email network and find the specific email accounts.

[1]  Jafar Adibi,et al.  Discovering important nodes through graph entropy the case of Enron email database , 2005, LinkKDD '05.

[2]  Bernardo A. Huberman,et al.  E-Mail as Spectroscopy: Automated Discovery of Community Structure within Organizations , 2005, Inf. Soc..

[3]  Edward K. Kao,et al.  Detecting activity-based communities using dynamic membership propagation , 2012, 2012 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP).

[4]  Muhammad Abulaish,et al.  Overlapping Social Network Communities and Viral Marketing , 2013, 2013 International Symposium on Computational and Business Intelligence.

[5]  Mohammad Bsoul,et al.  Simplified features for email authorship identification , 2013, Int. J. Secur. Networks.

[6]  Li Jie,et al.  An Overlapping Community Detection Algorithm Based on Multistep Greedy Strategy , 2013, 2013 Fourth International Conference on Intelligent Systems Design and Engineering Applications.

[7]  Danai Koutra,et al.  RolX: structural role extraction & mining in large graphs , 2012, KDD.

[8]  Tughrul Arslan,et al.  International Symposium on System-on-Chip , 2003 .

[9]  Hong Guo,et al.  Analysis of Email Header for Forensics Purpose , 2013, 2013 International Conference on Communication Systems and Network Technologies.

[10]  Ryan A. Rossi,et al.  Role-dynamics: fast mining of large dynamic networks , 2012, WWW.

[11]  Lili Xie,et al.  A forensics tool of Foxmail client , 2014, The 2014 2nd International Conference on Systems and Informatics (ICSAI 2014).

[12]  Jia Chun-xu Discovery of central community based on centrality , 2012 .

[13]  Ladislav Hluchý,et al.  Emails as graph: relation discovery in email archive , 2012, WWW.

[14]  Sanjay Agrawal,et al.  A hybrid approach for spam filtering using support vector machine and artificial immune system , 2014, 2014 First International Conference on Networks & Soft Computing (ICNSC2014).

[15]  Sangjin Lee,et al.  Recovery Techniques for Deleted Email Items in Digital Forensic Context , 2011 .

[16]  Mark John Taylor,et al.  A Framework for the Forensic Investigation of Unstructured Email Relationship Data , 2011, Int. J. Digit. Crime Forensics.

[17]  Bernardo A. Huberman,et al.  Email as spectroscopy: automated discovery of community structure within organizations , 2003 .

[18]  Pushpendra Kumar Pateriya,et al.  A pragmatic validation of stylometric techniques using BPA , 2014, 2014 5th International Conference - Confluence The Next Generation Information Technology Summit (Confluence).

[19]  Michael I. Jordan,et al.  Latent Dirichlet Allocation , 2001, J. Mach. Learn. Res..

[20]  Mamunur Rashid,et al.  A subdivision scheme for rational triangular Bézier surfaces , 1996 .

[21]  Xufeng Lin,et al.  Source Camera Identification Issues: Forensic Features Selection and Robustness , 2011, Int. J. Digit. Crime Forensics.