"Fingerprints" show who sent anonymous emails

Powered by SC Magazine
 

Researchers use speech recognition and data mining to finger rogue emailers.

The author of an anonymous email could be identified using pattern recognition techniques, according to researchers at Concordia University.

The system could help law enforcement teams identify the authors of malicious or criminal communication with enough accuracy to stand up in a court of law, according to the researchers.

"In the past few years, we've seen an alarming increase in the number of cybercrimes involving anonymous emails," says study co-author Benjamin Fung, a professor of Information Systems Engineering at Concordia University.

"These emails can transmit threats or child pornography, facilitate communications between criminals or carry viruses."

Using this method, we can even determine with a high degree of accuracy who wrote a given email, and infer the gender, nationality and education level of the author

Police have long been able to trace the house or business where an email originated via the IP address, but until now it has been impossible to say which resident or worker at a property wrote the offending tome.

According to Fung, the method is based on techniques used in speech recognition and data mining, and relies on identifying frequent patterns and unique combinations of features that recur in a suspect's emails.

The method looks for patterns found in emails written by the initial suspect and filters out any patterns which are also found in the emails of other people in the household – what is left is the email equivalent of a fingerprint.

"Let's say the anonymous email contains typos or grammatical mistakes, or is written entirely in lower-case letters," says Fung. "We use those special characteristics to create a 'write-print'."

"Using this method, we can even determine with a high degree of accuracy who wrote a given email, and infer the gender, nationality and education level of the author."

To demonstrate the accuracy of the method, Fung and colleagues studied a collection of more than 200,000 real emails from 158 employees of the Enron Corporation.

Using 100 emails written by 10 different employees, Fung claimed his team were able to identify the author with an accuracy rate of between 80% and 90%, which he said would be useful in legal situations.

"Our technique was designed to provide credible evidence that can be presented in a court of law," says Fung. "For evidence to be admissible, investigators need to explain how they have reached their conclusions. Our method allows them to do this."

This article originally appeared at pcpro.co.uk

Copyright © PC Pro, Dennis Publishing


"Fingerprints" show who sent anonymous emails
 
 
 
Top Stories
Parliament passes law to let ASIO tap entire internet
Greens effort to limit devices fails.
 
Business-focused Windows 10 brings back the Start menu
Microsoft skips 9 for the "greatest enterprise platform ever".
 
Feeling Shellshocked?
Stay up to date with patching for the Bash bug.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  65%
 
Advanced persistent threats
  5%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  12%
TOTAL VOTES: 1394

Vote