Abstract : Recently, email spam has been noticed as a covert communication platform for criminals. However, investigators tend to overlook this kind of evidence during an investigation, and searching for incriminating information from unstructured textual data is one of the most cumbersome missions due to characteristics of email spam. This paper is the first work that presents a unified text mining solution to detect digital evidence from spam emails. It is helpful in the initial stage of investigation, in which investigators often have little information on the collection of spam emails. Our proposed solution applies a topic modeling technique, Latent Dirichlet Allocation, and a text visualization technique to discover various suspicious emails based on different camouflage methods. We present experimental results on a data set collected by the Spam Archive, which comprises 100 random spam emails. The results suggest that the proposed method is able to identify potential evidence.
9th International Conference on Intelligent Information Processing (IIP), Nov 2016, Melbourne, VIC, Australia. IFIP Advances in Information and Communication Technology, AICT-486, pp.191-201, 2016, Intelligent Information Processing VIII. 〈10.1007/978-3-319-48390-0_20〉
https://hal.inria.fr/hal-01614994
Contributeur : Hal Ifip
<>
Soumis le : mercredi 11 octobre 2017 - 16:57:59
Dernière modification le : mercredi 28 mars 2018 - 13:26:01
Document(s) archivé(s) le : vendredi 12 janvier 2018 - 15:22:26
Bo Yang, Jianguo Jiang, Ning Li. Towards Discovering Covert Communication Through Email Spam. 9th International Conference on Intelligent Information Processing (IIP), Nov 2016, Melbourne, VIC, Australia. IFIP Advances in Information and Communication Technology, AICT-486, pp.191-201, 2016, Intelligent Information Processing VIII. 〈10.1007/978-3-319-48390-0_20〉. 〈hal-01614994〉
