{"title":"Detecting Abnormal Changes in E-mail Traffic Using Hierarchical Fuzzy Systems","authors":"Mark Jyn-Huey Lim, M. Negnevitsky, J. Hartnett","doi":"10.1109/FUZZY.2007.4295556","DOIUrl":null,"url":null,"abstract":"E-mail traffic analysis is an area of work that focuses on extracting information about the behaviour of e-mail users based on the sender, receiver, and date/time information taken from the header section of e-mail messages. Such work has applications for law enforcement where investigators and analysts require techniques to assist them with finding unusual or suspicious patterns from large amounts of communication log data. This paper describes work using hierarchical fuzzy systems to detect abnormal changes in e-mail traffic behaviour, through the fusion of e-mail traffic behaviour measurements. The paper focuses on the use of three different hierarchical fuzzy system architectures, to determine the effect that input variable groupings have on the abnormality ratings given to the communication links of suspect e-mail accounts. The case study demonstrates the use of the three hierarchical fuzzy system architectures for analysing suspect e-mail accounts belonging to the Enron e-mail corpus.","PeriodicalId":236515,"journal":{"name":"2007 IEEE International Fuzzy Systems Conference","volume":"37 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-07-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 IEEE International Fuzzy Systems Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/FUZZY.2007.4295556","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 9
Abstract
E-mail traffic analysis is an area of work that focuses on extracting information about the behaviour of e-mail users based on the sender, receiver, and date/time information taken from the header section of e-mail messages. Such work has applications for law enforcement where investigators and analysts require techniques to assist them with finding unusual or suspicious patterns from large amounts of communication log data. This paper describes work using hierarchical fuzzy systems to detect abnormal changes in e-mail traffic behaviour, through the fusion of e-mail traffic behaviour measurements. The paper focuses on the use of three different hierarchical fuzzy system architectures, to determine the effect that input variable groupings have on the abnormality ratings given to the communication links of suspect e-mail accounts. The case study demonstrates the use of the three hierarchical fuzzy system architectures for analysing suspect e-mail accounts belonging to the Enron e-mail corpus.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
