Title: Simplified features for email authorship identification

Authors: Emad E. Abdallah; Alaa E. Abdallah; Mohammad Bsoul; Ahmed F. Otoom; Essam Al-Daoud

Addresses: Faculty of Prince Al-Hussein Bin Abdallah II For Information Technology, Hashemite University, Zarqa, Jordan ' Faculty of Prince Al-Hussein Bin Abdallah II For Information Technology, Hashemite University, Zarqa, Jordan ' Faculty of Prince Al-Hussein Bin Abdallah II For Information Technology, Hashemite University, Zarqa, Jordan ' Faculty of Prince Al-Hussein Bin Abdallah II For Information Technology, Hashemite University, Zarqa, Jordan ' Faculty of Science and Information Technology, Zarka University, Zarka, Jordan

Abstract: We present an investigation analysis approach for mining anonymous email content. The core idea behind our approach is concentrated on collecting various effective features from previous emails for all the possible suspects. The extracted features are then used with several machine learning algorithms to extract a unique writing style for each suspect. A sophisticated comparison between the investigated anonymous email and the suspects writing styles is employed to extract evidence of the possible email sender. Extensive experimental results on a real data sets show the improved performance of the proposed method with very limited number of features.

Keywords: digital forensics; cyber crime; email forensics; email misuse; authorship analysis; stylometric features; email authorship identification; anonymous emails; machine learning; writing styles; data mining; content mining.

DOI: 10.1504/IJSN.2013.055941

International Journal of Security and Networks, 2013 Vol.8 No.2, pp.72 - 81

Received: 20 Dec 2012
Accepted: 30 Mar 2013
Published online: 18 Aug 2013 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article