Abstract
Because of the high impact of high-tech digital crime upon our society, it is necessary to develop effective Information Retrieval (IR) tools to support digital forensic investigations. In this paper, we propose an IR system for digital forensics that targets emails. Our system incorporates WordNet (i.e. a domain independent ontology for the vocabulary) into an Extended Boolean Model (EBM) by applying query expansion techniques. Structured Boolean queries in Backus-Naur Form (BNF) are utilized to assist investigators in effectively expressing their information requirements. We compare the performance of our system on several email datasets with a traditional Boolean IR system built upon the Lucene keyword-only model. Experimental results show that our system yields a promising improvement in retrieval performance without the requirement of very accurate query keywords to retrieve the most relevant emails.
The authors thank the reviewers for suggestive comments. NICTA is funded by the Australian Government as represented by the Department of Broadband, Communications and the Digital Economy and the Australian Research Council through the ICT Centre of Excellence program.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Casey, E.: Digital Evidence and Computer Crime: Forensic Science, Computers, and the Internet with CDROM. Academic Press, Inc., London (2000)
de Vel, O.Y., Liu, N., Caelli, T., Caetano, T.S.: An embedded bayesian network hidden markov model for digital forensics. In: Mehrotra, S., Zeng, D.D., Chen, H., Thuraisingham, B., Wang, F.-Y. (eds.) ISI 2006. LNCS, vol. 3975, pp. 459–465. Springer, Heidelberg (2006)
Salton, et al.: Extended boolean information retrieval. Commun. ACM 26(11), 1022–1036 (1983)
Salton, G., McGill, M.: Introduction to modern information retrieval. McGraw-hill, New York (1983)
Wong, et al.: Generalized vector spaces model in information retrieval. In: SIGIR 1985, pp. 18–25. ACM Press, New York (1985)
Voorhees, E.M.: Query expansion using lexical-semantic relations. In: SIGIR 1994, pp. 61–69 (1994)
Parapar, et al.: Query expansion using WordNet with a logical model of information retrieval. In: IADIS AC, pp. 487–494 (2005)
Mandala, et al.: The use of WordNet in information retrieval. In: Proceedings of Use of WordNet in Natural Language Processing Systems, pp. 31–37 (1998)
Grootjen, F.A., van der Weide, T.P.: Conceptual query expansion. Data Knowl. Eng. 56(2), 174–193 (2006)
Moldovan, D.I., Mihalcea, R.: Using WordNet and lexical operators to improve internet searches. IEEE Internet Computing 4(1), 34–43 (2000)
Finkelstein, et al.: Placing search in context: the concept revisited. ACM Trans. Inf. Syst. 20(1), 116–131 (2002)
Zukerman, et al.: Query expansion and query reduction in document retrieval. In: ICTAI 2003 (2003)
Liu, et al.: An effective approach to document retrieval via utilizing WordNet and recognizing phrases. In: SIGIR 2004, pp. 266–272 (2004)
Gong, et al.: Web query expansion by WordNet. In: Andersen, K.V., Debenham, J., Wagner, R. (eds.) DEXA 2005. LNCS, vol. 3588, pp. 166–175. Springer, Heidelberg (2005)
Miller, G.A.: WordNet: a lexical database for English. Commun. ACM 38(11), 39–41 (1995)
Wirth, N.: What can we do about the unnecessary diversity of notation for syntactic definitions? Commun. ACM 20(11), 822–823 (1977)
Widdows, D.: Orthogonal negation in vector spaces for modelling word-meanings and document retrieval. In: Dignum, F.P.M. (ed.) ACL 2003. LNCS (LNAI), vol. 2922, pp. 136–143. Springer, Heidelberg (2004)
Krovetz, R., Croft, W.B.: Lexical ambiguity and information retrieval. ACM Trans. Inf. Syst. 10(2), 115–141 (1992)
Liu, et al.: Word sense disambiguation in queries. In: CIKM 2005, pp. 525–532 (2005)
Budanitsky, A., Hirst, G.: Evaluating WordNet-based measures of lexical semantic relatedness. Comput. Linguist. 32(1), 13–47 (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Son, P.T., Du, L., Jin, H., de Vel, O., Liu, N., Caelli, T. (2008). A Simple WordNet-Ontology Based Email Retrieval System for Digital Forensics. In: Yang, C.C., et al. Intelligence and Security Informatics. ISI 2008. Lecture Notes in Computer Science, vol 5075. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69304-8_22
Download citation
DOI: https://doi.org/10.1007/978-3-540-69304-8_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69136-5
Online ISBN: 978-3-540-69304-8
eBook Packages: Computer ScienceComputer Science (R0)