International Conference on Intelligence and Security Informatics

ISI 2008: Intelligence and Security Informatics pp 217-228

A Simple WordNet-Ontology Based Email Retrieval System for Digital Forensics

  • Phan Thien Son
  • Lan Du
  • Huidong Jin
  • Olivier de Vel
  • Nianjun Liu
  • Terry Caelli
Conference paper

DOI: 10.1007/978-3-540-69304-8_22

Volume 5075 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Son P.T., Du L., Jin H., de Vel O., Liu N., Caelli T. (2008) A Simple WordNet-Ontology Based Email Retrieval System for Digital Forensics. In: Yang C.C. et al. (eds) Intelligence and Security Informatics. ISI 2008. Lecture Notes in Computer Science, vol 5075. Springer, Berlin, Heidelberg

Abstract

Because of the high impact of high-tech digital crime upon our society, it is necessary to develop effective Information Retrieval (IR) tools to support digital forensic investigations. In this paper, we propose an IR system for digital forensics that targets emails. Our system incorporates WordNet (i.e. a domain independent ontology for the vocabulary) into an Extended Boolean Model (EBM) by applying query expansion techniques. Structured Boolean queries in Backus-Naur Form (BNF) are utilized to assist investigators in effectively expressing their information requirements. We compare the performance of our system on several email datasets with a traditional Boolean IR system built upon the Lucene keyword-only model. Experimental results show that our system yields a promising improvement in retrieval performance without the requirement of very accurate query keywords to retrieve the most relevant emails.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Phan Thien Son
    • 1
    • 2
  • Lan Du
    • 1
    • 2
  • Huidong Jin
    • 1
    • 2
  • Olivier de Vel
    • 3
  • Nianjun Liu
    • 1
    • 2
  • Terry Caelli
    • 1
    • 2
  1. 1.NICTA Canberra LabCanberraAustralia
  2. 2.RSISEthe Australian National UniversityCanberraAustralia
  3. 3.Command, Control, Communications and Intelligence DivisionDSTOEdinburghAustralia