"Fingerprints" show who sent anonymous emails

Powered by SC Magazine
 

Researchers use speech recognition and data mining to finger rogue emailers.

The author of an anonymous email could be identified using pattern recognition techniques, according to researchers at Concordia University.

The system could help law enforcement teams identify the authors of malicious or criminal communication with enough accuracy to stand up in a court of law, according to the researchers.

"In the past few years, we've seen an alarming increase in the number of cybercrimes involving anonymous emails," says study co-author Benjamin Fung, a professor of Information Systems Engineering at Concordia University.

"These emails can transmit threats or child pornography, facilitate communications between criminals or carry viruses."

Using this method, we can even determine with a high degree of accuracy who wrote a given email, and infer the gender, nationality and education level of the author

Police have long been able to trace the house or business where an email originated via the IP address, but until now it has been impossible to say which resident or worker at a property wrote the offending tome.

According to Fung, the method is based on techniques used in speech recognition and data mining, and relies on identifying frequent patterns and unique combinations of features that recur in a suspect's emails.

The method looks for patterns found in emails written by the initial suspect and filters out any patterns which are also found in the emails of other people in the household – what is left is the email equivalent of a fingerprint.

"Let's say the anonymous email contains typos or grammatical mistakes, or is written entirely in lower-case letters," says Fung. "We use those special characteristics to create a 'write-print'."

"Using this method, we can even determine with a high degree of accuracy who wrote a given email, and infer the gender, nationality and education level of the author."

To demonstrate the accuracy of the method, Fung and colleagues studied a collection of more than 200,000 real emails from 158 employees of the Enron Corporation.

Using 100 emails written by 10 different employees, Fung claimed his team were able to identify the author with an accuracy rate of between 80% and 90%, which he said would be useful in legal situations.

"Our technique was designed to provide credible evidence that can be presented in a court of law," says Fung. "For evidence to be admissible, investigators need to explain how they have reached their conclusions. Our method allows them to do this."

This article originally appeared at pcpro.co.uk

Copyright © PC Pro, Dennis Publishing


"Fingerprints" show who sent anonymous emails
 
 
 
Top Stories
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1793

Vote
Do you support the abolition of the Office of the Information Commissioner?