Emails Classification for Forensics Analysis by Information Gain Technique
Salhi Dhai Eddine1, Tari Abdelkamel1 and Kechadi M-Tahar2
1. LIMED Laboratory, University Abderrahmane Mira of Bejaia, Bejaia 06000, Algeria
2. Parallel Computaional Research Group Laboratory, University College Dublin, Dublin, Dublin 4, Ireland
Abstract: One of the most interesting fields nowadays is Forensics. This field is based on the works of scientists who study the indexes and evidences to help the police to solve crimes. In the domain of computer science, the crimes within Computer Forensics are usually network attacks, and most attacks are over the emails (the case of this study). Emails become a daily means of communication which is mainly accessible via Internet. People receive thousands of emails in their inboxes and mail servers (in which people can find emails in those lists). The aim of this study is to secure email users by building an automatic checking and detecting system on servers to filter the bad emails from the good ones. In this paper, the authors will do a study based on a new method of emails clustering to extract the bad and good ones. The authors use the gain information technique like an algorithm of clustering, whose principle is to calculate the importance of each attribute (in this study, the authors talk about the attributes that constitute the email) to draw the importance tree, and at the end extract the clusters.
Key words: Email, forensics, spam, gain information, data mining, clustering.
Download: Purchase PDF - $ 5