Skip to main content
SpringerLink
Log in

Individual and Collective Analysis of Anomalies in Message Traffic

  • Chapter
Terrorism Informatics

Part of the book series: Integrated Series In Information Systems ((ISIS,volume 18))

  • 1933 Accesses

We consider four properties by which intercepted messages can be selected for deeper analysis: their external properties, their content, their authorship, and the mental state of their authors. We argue that, rather than trying to differentiate directly between ‘good’ messages and ‘bad’ messages, it is better to use a two-pronged approach, where a simple detection scheme triggers a reaction in authors of ‘bad’ messages. This reaction is easier to detect than the original difference. We also suggest that differentiation is more effective when it is done for sets of messages, rather than on a message by message basis.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 89.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  • C. Cortes, D. Pregibon, and C. Volinsky. Computational methods for dynamic graphs. Journal of Computational and Graphical Statistics, 12:950--970, 2003.

    Article  Google Scholar 

  • O. de Vel, A. Anderson, M. Corney, and G. Mohay. Mining {E-mail} content for author identification forensics. SIGMOD Record, 30(4):55--64, December 2001. European Parliament Temporary Committee on the ECHELON Interception System. Final report on the existence of a global system for the interception of private and commercial communications (ECHELON interception system), 2001.

    Article  Google Scholar 

  • SW. Fong, D.B. Skillicorn, and D. Roussinov. Detecting word substitutions in text. IEEE Transactions on Knowledge and Data Engineering, to appear, 2007.

    Google Scholar 

  • G. Fung. The disputed Federalist papers: SVM and feature selection via concave minimization. In Proceedings of the 2003 Conference on Diversity in Computing, pages 42--46, Atlanta, Georgia, USA, 2003.

    Google Scholar 

  • D. Gupta, M. Saul, and J. Gilbertson. Evaluation of a deidentification {(De-Id)} software engine to share pathology reports and clinical documents for research. American Journal of Clinical Pathology, 121(2):176--186, February 2004.

    Article  Google Scholar 

  • R.D. Horn, J.D. Birdwell, and L.W. Leedy. Link discovery tool. In ONDCP/CTAC International Symposium, August 1997.

    Google Scholar 

  • P.S. Keila and D.B. Skillicorn. Detecting unusual email communication. In CASCON 2005, pages 238--246, 2005.

    Google Scholar 

  • P.S. Keila and D.B. Skillicorn. Structure in the Enron email dataset. Computational and Mathematical Organization Theory, 11(3):183--199, 2005.

    Article  Google Scholar 

  • M. Koppel, J. Schler, and K. Zigdon. Automatically determining an anonymous author’s native language. In Intelligence and Security Informatics, IEEE International Conference on Intelligence and Security Informatics, ISI 2005, Atlanta, GA, USA, May 19-20, pages 209--217. Springer-Verlag Lecture Notes in Computer Science LNCS 3495, 2005.

    Google Scholar 

  • M.L. Newman, J.W. Pennebaker, D.S. Berry, and J.M. Richards. Lying words: Predicting deception from linguistic style. Personality and Social Psychology Bulletin, 29:665--675, 2003.

    Article  Google Scholar 

  • M. K. Reiter and A. D. Rubin. Crowds: Anonymity for web transactions. ACM Transactions on Information and System Security, 1(1):66--92, November 1998.

    Article  Google Scholar 

  • D.B. Skillicorn. Beyond keyword filtering for message and conversation detection. In IEEE International Conference on Intelligence and Security Informatics (ISI2005), pages 231--243. Springer-Verlag Lecture Notes in Computer Science LNCS 3495, May 2005.

    Google Scholar 

  • X. Zhu and R. Rosenfeld. Improving trigram language modeling with the world wide web. In Proceedings of International Conference on Acoustics, Speech, and Signal Processing, 2001., pages 533--536, 2001.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computing, Queen's University, Kingston, Canada

    D. B. Skillicorn

Authors
  1. D. B. Skillicorn
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of Arizona, Tucson, AZ, USA

    Hsinchun Chen

  2. Clarion University, Clarion, PA, USA

    Edna Reid

  3. The Analysis Corporation, McLean, VA, USA

    Joshua Sinai

  4. University of East London, London, UK

    Andrew Silke

  5. Lauder School of Government & Diplomacy, Herzliya, Israel

    Boaz Ganor

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer Science+Business Media, LLC

About this chapter

Cite this chapter

Skillicorn, D.B. (2008). Individual and Collective Analysis of Anomalies in Message Traffic. In: Chen, H., Reid, E., Sinai, J., Silke, A., Ganor, B. (eds) Terrorism Informatics. Integrated Series In Information Systems, vol 18. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-71613-8_20

Download citation

Publish with us

Policies and ethics

Search

Navigation