Research Method Can Expose Anonymous Email Authors
Researchers say they have developed a technique to determine the authorship of anonymous emails.
The researchers, from Concordia University in Montreal, based this method on speech recognition and data mining techniques. It relies upon the identification of frequent patterns of unique features that recur in a suspect's emails.
The motivation behind the study is the rapid increase in cybercrime. Identity theft, which was recently named by the Federal Trade Commission as the top consumer complaint of 2010, is often committed by sending malware via anonymous emails.
In the past few years, we've seen an alarming increase in the number of cybercrimes involving anonymous emails, said study co-author Benjamin Fung, a professor of Information Systems Engineering at Concordia University and an expert in data mining, in a statement. These emails can transmit threats or child pornography, facilitate communications between criminals or carry viruses.
Usually, police officers are able to use the IP address to locate the house or apartment where an email came from. However, nabbing a suspect from there is not that easy. Often IP addresses come from a place which has several residents, such as an apartment complex. Thus to determine if a suspect is guilty or not, the researchers identify the patterns found in emails written by the subject. They then filter out any of these patterns which are also found in the emails of other suspects. What's left is what the researchers say is the write-print. This is a distinctive identifier like a fingerprint.
Let's say the anonymous email contains typos or grammatical mistakes, or is written entirely in lowercase letters, Fung said. We use those special characteristics to create a write-print. Using this method, we can even determine with a high degree of accuracy who wrote a given email, and infer the gender, nationality and education level of the author.
Fung and his team tested the method on the Enron Email Dataset, this was a collection of 200,000 real emails from 150 plus employees at the now defunct Enron Corporation. Using the method, Fung and his team correctly identified email authorship at a 90 percent success rate.
Our technique was designed to provide credible evidence that can be presented in a court of law, Fung said. For evidence to be admissible, investigators need to explain how they have reached their conclusions. Our method allows them to do this.
The findings have been published in the journal Digital Investigation.
To contact the reporter responsible for this story call (646) 461 6920 or email g.perna@ibtimes.com.
© Copyright IBTimes 2024. All rights reserved.