Email Classification for Forensic Analysis by Information Gain Technique

2021 ◽  
Vol 13 (4) ◽  
pp. 40-53
Author(s):  
Dhai Eddine Salhi ◽  
Abdelkamel Tari ◽  
Mohand Tahar Kechadi
Keyword(s):  
Computer Science ◽  
Information Gain ◽  
Forensic Analysis ◽  
Computer Forensics ◽  
New Method ◽  
Network Attacks ◽  
Secure Email ◽  
Email Classification

One of the most interesting fields nowadays is forensics. This field is based on the works of scientists who study evidence to help the police solve crimes. In the domain of computer science, the crimes within computer forensics are usually network attacks, and most attacks are over the email (the case of this study). Email has become a daily means of communication which is mainly accessible via internet. People receive thousands of emails in their inboxes and mail servers (in which people can find emails in those lists). The aim of this study is to secure email users by building an automatic checking and detecting system on servers to filter the bad emails from the good ones. In this paper, the authors will do a study based on a new method of emails clustering to extract the bad and good ones. The authors use the gain information technique like an algorithm of clustering, whose principle is to calculate the importance of each attribute (in this study, the authors talk about the attributes that constitute the email) to draw the importance tree and at the end extract the clusters.

A Synthesis Procedure for Design of 3-R Planar Robotic Workcells in Which Large Rotations Are Required at the Workpiece

1992 ◽  
Vol 114 (4) ◽  
pp. 547-558 ◽  
Author(s):  
J. K. Davidson
Keyword(s):  
Motion Planning ◽  
Computer Science ◽  
New Method ◽  
Motion Trajectory ◽  
End Effector ◽  
Radial Location ◽  
Full Turn ◽  
Large Rotations ◽  
Synthesis Procedure ◽  
Planar Robots

A new method is developed for determining both a satisfactory location of a workpiece and a suitable mounting-angle of the tool for planar 3-R robots that can provide dexterous workspace. The method is an adaptation of traditional techniques of linkage synthesis, and it is particularly well-suited to applications in which the motion-trajectory requires large rotations of the end-effector. It is determined that, when the trajectory requires that the end-effector rotate a full turn at just two locations and when the critical joint in the robot is rotatable by one turn, then the radial location of the workpiece is fixed in the workcell but its angular location is not fixed. When the mounting-angle of the tool is also a variable, the method accommodates trajectories in which the tool must rotate a full turn at three locations on the workpiece. The method can be applied not only to planar robots with three hinge-joints, but also to spatial robots, each with a planar 3-R module, when the principal attitudinal excursions of the trajectory are all about a set of parallel axes. Variables are identified, for both the motion-trajectory and the workpiece itself, which strongly affect the design of the workcell and the time for it to complete a motion-trajectory. Example problems illustrate the method. The new method is suggested as an alternative to the existing methods of computer science for motion-planning.

scholarly journals Implementasi Live Forensics untuk Perbandingan Browser pada Keamanan Email

2017 ◽  
Vol 1 (3) ◽  
pp. 108
Author(s):  
Muhammad Nur Faiz ◽  
Rusydi Umar ◽  
Anton Yudhana
Keyword(s):  
Digital Forensics ◽  
Random Access ◽  
Forensic Analysis ◽  
Computer Forensics ◽  
Digital Data ◽  
Operation System ◽  
Browser Security ◽  
Software Applications ◽  
Internet Explorer ◽  
Mozilla Firefox

Digital Forensics become one popular term because Currently many violations of cyber crime. Digital techniques Computer Forensics performed or with analyze digital device, whether the device is a media Actors or as a media victim. Digital Forensic Analysis Being divided into two, traditional / dead and alive. Forensic analysis traditionally involves digital data Deposited permanent Operates in Irish, while live forensic analysis involves analysis of data Namely temporary in Random Access Memory or Deposited hearts transport equipment in the Network. Singer proposes journal Forensic analysis of life in the latest operation system windows 10. That study focused IN case several email security browsers Sales Operations manager of Google Chrome, Mozilla Firefox, and Microsoft Internet Explorer Edge. In addition, although many digital forensics type software applications not free, goal on research objectives compares browser security information so it will be more minimize abuse email.

A Novel Approach for Intrusion Detection Based on Model Checking Interval Temporal Logic with Past Construct

2014 ◽  
Vol 680 ◽  
pp. 451-454
Author(s):  
Peng Zhe Qiao ◽  
Wei Jun Zhu
Keyword(s):  
Model Checking ◽  
Intrusion Detection ◽  
Temporal Logic ◽  
Pattern Matching ◽  
New Method ◽  
Network Attacks ◽  
New Model ◽  
Interval Temporal Logic ◽  
Novel Approach ◽  
Attack Models

Compared with the Intrusion Detection (ID) based on pattern matching, the model-checking-based methods can find the complex attacks. But their rates of missing report are still high. To solve this problem, we firstly use the Interval Temporal Logic with Past Construct (ITLPC) formulae to describe some signatures for network attacks. And then, we can use some automata to establish models of audit logs. On the basis of it, automata, i.e., attack models, and ITLPC formulae, i.e., signatures, constitute the two inputs of the ITLPC model checking algorithm. Therefore, a new model-checking-based ID algorithm is obtained by calling the ITLPC algorithm. Compared with the existing methods, the new method is more powerful, as shown in the experimental simulations.

A New Approach for Assessing Learners in an Online Problem Based Learning Environment

2020 ◽  
pp. 307-324
Author(s):  
Houda Tadjer ◽  
Yacine Lafifi ◽  
Hassina Seridi-Bouchelaghem
Keyword(s):  
Problem Solving ◽  
Computer Science ◽  
Small Groups ◽  
Learning Process ◽  
Problem Based Learning ◽  
Point Of View ◽  
New Method ◽  
Science Department ◽  
New Approach ◽  
Problem Solving Process

Problem-based learning (PBL) is an approach that improves students' skills in problem solving. The application of PBL as an approach of teaching in a class requires students' presence; such constraint cannot be fulfilled by all students. Therefore, it is important to avoid this problem by implementing an online PBL environment where students are grouped remotely and work together to solve a problem proposed by the teacher. This will guide the learning process of the learners and can evaluate their solution. In reality, we can find members who do not really contribute to solve a problem. From this point of view, the teacher's evaluation will not be adequate to estimate the contribution of the learner in the solution of a given problem. Therefore, it is important to think of another way for assessing learners' solution. So, the challenge is to implement an online PBL environment and to propose a new method for assessing students. In this paper, the authors present their system called Problearn. The developed system allows students to solve problems remotely in small groups. Furthermore, the system evaluates each student based on his behavioral profiles during the problem-solving process. To do so, the system must keep track of different actions carried out by the students. This system has been tested by students of a computer science department where they achieved very good results.

scholarly journals Non-Volatile Memory Forensic Analysis in Windows 10 IoT Core

Entropy ◽  
2019 ◽  
Vol 21 (12) ◽  
pp. 1141 ◽  
Author(s):  
Juan Manuel Castelo Gómez ◽  
José Roldán Gómez ◽  
Javier Carrillo Mondéjar ◽  
José Luis Martínez Martínez
Keyword(s):  
Internet Of Things ◽  
Relevant Information ◽  
Forensic Analysis ◽  
Computer Forensics ◽  
Non Volatile Memory ◽  
Volatile Memory ◽  
Iot Devices ◽  
New Devices

The increase in the number of cybersecurity incidents in which internet of things (IoT) devices are involved has called for an improvement in the field of computer forensics, which needs to provide techniques in order to perform complete and efficient investigations in this new environment. With the aim of doing so, new devices and systems are being studied in order to offer guidelines for investigators on how to examine them. This papers follows this approach and presents a forensic analysis of the non-volatile memory of Windows 10 IoT Core. It details how the investigation should be performed and highlights the relevant information that can be extracted from storage. In addition, a tool for the automation of the retrieval of the pieces of evidence detected is provided.

scholarly journals Estudio Comparativo De Las Metodologías De Análisis Forense Informático Para La Examinación De Datos En Medios Digitales

2018 ◽  
Vol 14 (18) ◽  
pp. 40
Author(s):  
Iván Mesias Hidalgo Cajo ◽  
Saul Yasaca Pucuna ◽  
Byron Geovanny Hidalgo Cajo ◽  
Víctor Manuel Oquendo Coronado ◽  
Fanny Valeria Salazar Orozco
Keyword(s):  
Digital Media ◽  
Scientific Method ◽  
Forensic Analysis ◽  
Computer Forensics ◽  
Comparison Results ◽  
Digital Investigation ◽  
Computer Forensic ◽  
Robust Process ◽  
Investigation Process

The aim of this research is to compare the different standards and methodologies of computer forensic analysis used in the examination of data in digital media. The research was developed based on the scientific method, and a standard and two analysis methodologies were specifically used, which were applied to ten researchers. The analysis variables were based on the feasibility of use and on the time of extracting information from the computer. Among the comparison results of the different methodologies analyzed, it was determined that for the Methodology UNE 71506: 2013, 60% of the researchers used it due to the feasibility of use because it is made up of a robust process (contains the most detailed steps of computer forensics). Reliable and applicable in any field necessarily supervised by specialists working in the area, compared to the National Institute of Standards and Technology that selected 30%, Integrated Digital Investigation Process 10%. Regarding the time of analysis in the examination of digital media with different methodologies (Case study: Extraction of a file of 100 Mb, of a hard disk of 20 Gb in off mode. It is revealed that in the UNE 71506: 2013 it took less than 1 hour compared to the National Institute of Standards and Technology, which took between 1 and less than 2 hours, the Integrated Digital Investigation Process, which lasted longer than 3 hours. In addition, with the use of the Methodology UNE 71506: 2013, it was possible to have greater feasibility in the examination of digital media, since it is composed of four stages such as the preservation, acquisition, analysis and presentation of information results.

scholarly journals Forensic Diagnostics of the Circumstances of Digital Video and Audio Production: Analytical Review

2017 ◽  
Vol 12 (1) ◽  
pp. 48-71
Author(s):  
M. A. Voznyuk ◽  
Yu. A. Denisov
Keyword(s):  
Digital Video ◽  
Forensic Analysis ◽  
Computer Forensics ◽  
Forensic Investigation ◽  
Forensic Linguistics ◽  
Audio Recordings ◽  
Analytical Review ◽  
Special Knowledge ◽  
Video And Audio ◽  
Audio Production

The analytical review examines the issues of forensic investigation into the circumstances of production of digital video and audio recordings. The paper presents the organization and lines of inquiry in forensic analysis of video and audio evidence, computer forensics, forensic linguistics, and psychological evaluation established in the system of forensic science organizations of the Russian Ministry of Justice by 2013–2016. The analysis covers the issues of independent or integrated application of the listed types of special knowledge in order to meet the discipline-specific and comprehensive objectives of determining the circumstances of video/audio production. General strategies and types of forensic diagnostics of production circumstances are discussed without too much emphasis on the methodological minutiae of every stage of the investigation.

The Application of Compound Document Storage Technology in Forensic Analysis System

2014 ◽  
Vol 610 ◽  
pp. 756-759
Author(s):  
Jiang Du ◽  
Bin Lang Chen ◽  
Zeng Qin
Keyword(s):  
Forensic Analysis ◽  
Computer Forensics ◽  
Electronic Data ◽  
Storage Technology ◽  
Image File ◽  
Disk Mirroring ◽  
Analysis System ◽  
And Storage ◽  
Document Storage

Due to the special nature of electronic data, we need to create a complete copy of the raw disks before computer forensics. There is two ways to create a copy. One is copy from Disk to disk, another is disk mirroring. The former capacity of the copy disk has fixed while image file of the latter is highly compressed already. Neither any of them can add the forensic analysis evidence; it will be handed over to the court as a whole set of evidence. This will affect the completeness and admissibility of the evidence. In this thesis, we will take the disk mirroring and storage technology into consideration by using the Compound Document storage technology, by this way we can add the evidence into the evidence copy which makes an “evidence gathered” effect. At the same time, it can highly compressed the original evidence, save the capacity and ensure the safety of the data.

Sign in / Sign up

Export Citation Format

Share Document