Algorithm 457: finding all cliques of an undirected graph
Communications of the ACM
Machine Learning
MEF: Malicious Email Filter - A UNIX Mail Filter That Detects Malicious Windows Executables
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
MET: an experimental system for Malicious Email Tracking
Proceedings of the 2002 workshop on New security paradigms
Estimating continuous distributions in Bayesian classifiers
UAI'95 Proceedings of the Eleventh conference on Uncertainty in artificial intelligence
Email mining toolkit supporting law enforcement forensic analyses
dg.o '05 Proceedings of the 2005 national conference on Digital government research
Profiling internet backbone traffic: behavior models and applications
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Combining email models for false positive reduction
Proceedings of the eleventh ACM SIGKDD international conference on Knowledge discovery in data mining
Behavior-based modeling and its application to Email analysis
ACM Transactions on Internet Technology (TOIT)
USim: A User Behavior Simulation Framework for Training and Testing IDSes in GUI Based Systems
ANSS '06 Proceedings of the 39th annual Symposium on Simulation
Internet traffic behavior profiling for network security monitoring
IEEE/ACM Transactions on Networking (TON)
E-mail traffic analysis using visualisation and decision trees
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
Hi-index | 0.00 |
This paper describes the forensic and intelligence analysis capabilities of the Email Mining Toolkit (EMT) under development at the Columbia Intrusion Detection (IDS) Lab. EMT provides the means of loading, parsing and analyzing email logs, including content, in a wide range of formats. Many tools and techniques have been available from the fields of Information Retrieval (IR) and Natural Language Processing (NLP) for analyzing documents of various sorts, including emails. EMT, however, extends these kinds of analyses with an entirely new set of analyses that model "user behavior". EMT thus models the behavior of individual user email accounts, or groups of accounts, including the "social cliques" revealed by a user's email behavior.