Email forensic analyzing method based on community characteristics analysis

A technology of e-mail and analysis methods, which is applied in the fields of electrical components, electrical digital data processing, and special data processing applications, etc., and can solve problems such as the absence of massive e-mail associations and comprehensive mining and analysis of communication content

Inactive Publication Date: 2012-12-26
NANJING UNIV OF POSTS & TELECOMM
View PDF3 Cites 24 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] At present, the analysis and evidence collection of e-mails is mainly to analyze the content of e-mails sent and received by a single user, but there is no comprehensive mining and an

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Email forensic analyzing method based on community characteristics analysis
  • Email forensic analyzing method based on community characteristics analysis
  • Email forensic analyzing method based on community characteristics analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] The implementation of the entire solution will go through three stages: email file analysis and data extraction, email communication relationship network construction, and community extraction and analysis. The following will focus on the workflow of the three stages.

[0028] 1. Analysis and extraction of Email files, mainly for the compound documents of the three software client softwares of Microsoft Outlook, Outlook Express and Foxmail, that is, the mail storage documents in the three formats of Pst, Dbx and Box, and analyze these documents into The Eml format document with a single email as the storage unit, and then the Eml format document as the analysis object, from which information such as the email address, subject, sending time, email content, and attachments of the sending and receiving accounts that have sent and received emails are extracted, and the obtained emails The information is stored in the mail information database. The processing flow of the ent...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a massive email forensic analyzing scheme based on community network analysis and file content analysis, which solves problems that a scheme capable of realizing analysis of a community structure by utilizing receiving and sending addresses and forensic analysis by utilizing text and attatchment contents does not exist at present. The method comprises the following steps of: automatically analyzing an email data file of an Outlook client, an OE (Outlook Express) client and a Foxmail client; extracting the receiving and sending addresses, the attachment, the text, a theme and a sending mode and other information contained in the email data file; extracting an email communication relationship network built based on the receiving and sending addresses of the email and receiving and sending times; extracting the community structure of the communication relationship network through a WCMN (weighing cepstral mean normalization) algorithm; and then analyzing and calculating a suspicious degree of a community through a suspicious degree computational algorithm based on contents of the email and the attachment. According to the scheme, address information and content information of the email are fully utilized; and the community structure contained among email addresses is extracted; and the suspicious degree is provided for personnel handling cases for reference.

Description

technical field [0001] The invention belongs to the field of information security and computer application technology, and proposes a method based on social network analysis and text analysis, which mines the hidden community structure in the sending and receiving address information of massive emails, and analyzes the content of emails and attachments. Analyze the suspiciousness of the community. Background technique [0002] With the development of social economy and information technology, the incidents and disputes of crimes committed by high-tech means are increasing day by day, and the judicial evidence collection technology for crimes committed by computers has become an important and urgent problem. The purpose of computer forensics analysis is to find reliable and convincing electronic evidence or clues to criminal investigations. Therefore, computer forensics is a comprehensive interdisciplinary subject involving many fields such as computers, networks, communicati...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06Q10/10G06F17/30H04L12/58
Inventor 孙国梓薛磊杨一涛朱小龙王瑞
Owner NANJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap