Defensive Information Operations

Tracking and Monitoring E-mail Traffic Activities of Criminal and Terrorist Organisations Using Visualisation Tools

ABSTRACT

In defensive information operations, knowing about the actions or behaviour of the adversary is important for countering any attacks posed by the adversary. Obtaining information about the activities and behaviour of criminal or terrorist groups from electronic communication sources, such as e-mail, will be useful given that criminal or terrorists may utilise different electronic communication mediums to contact each of their agents or members. In this paper, the development of an e-mail traffic analyser system for analysing the interactions between different e-mail clients in the e-mail system is described. The different visualisation tools used and how the information provided by such tools would be useful to an intelligence analyst are discussed. The use of decision trees for locating ‘unusual’ e-mail traffic interactions and the type of information revealed via the technique is also described.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

P

PDA

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com