Tytuł artykułu
Treść / Zawartość
Pełne teksty:
Identyfikatory
Warianty tytułu
Języki publikacji
Abstrakty
Email is one of the primary sources of numerous criminal activities, on the Internet, of which some threaten human lives. Email analysis is challenging due to not only various fields that can be forged by hackers or the wide range email applications in use, but also due to imposed law restrictions in the analysis of email body. Despite this being a relatively new area, a number of both open source and proprietary forensic tools, with varying possibilities and versatility, have been developed aiding use by practitioners. In this paper, we review existing email forensic tools for email header analysis, as part of email investigation, with emphasis on aspects related to online crime while still considering legal constraints. Through our analysis, we investigate a common case of cybercrime and examine the breadth of information one may gain solely through email forensics analysis. Additionally, a roadmap for email forensic analysis is presented, combining features and functionality already available, to assist the process of digital forensic analysis.
Słowa kluczowe
Rocznik
Tom
Strony
21--28
Opis fizyczny
Bibliogr. 37 poz.
Twórcy
autor
- ADITESS Advanced Integrated Technology Solutions & Services, Nicosia, Cyprus Karkas
autor
- ADITESS Advanced Integrated Technology Solutions & Services, Nicosia, Cyprus Karkas
autor
- ADITESS Advanced Integrated Technology Solutions & Services, Nicosia, Cyprus Karkas
autor
- Cyprus Police – Criminal Investigation department - Special cyber-crime unit2, Police Headquarters
Bibliografia
- [1] AbusePipe - Abuse Email Analysis Solution for ISPs, [available at: http://www.datamystic.com/ abusepipe.html].
- [2] Adcomplain Home Page, [available at: http://www.rdrop.com/users/billmc/adcomplain.ht ml].
- [3] Aid4Mail Forensic, [available at: http://www.aid4mail.com/email-forensics]. [4] Al-Zarouni, M. (2004). Tracing E-mail Headers. Australian Computer, Network & Information Forensics Conference. 16-30.
- [5] Arthur, K. K. & Venter, H. S. (2004). An Investigation Into Computer Forensic Tools. ISSA. 1-11.
- [6] Banday, M. T. (2011). Techniques and Tools for Forensic Investigation of E-mail. International Journal of Network Security & Its Applications. 3, 6.
- [7] Casey, E. (2004). The need for knowledge sharing and standardization. Digit. Investig. 1, 1, 1-2.
- [8] Charalambous, E., Bratskas, R., Karkas, G., et al. (2015). An innovative Digital Forensic Tool assisting evidence analysis in Cyprus. 45-54.
- [9] Crocker, D. (2009). Internet Mail Architecture.
- [10] Devendran, V. K., Shahriar, H. & Clincy, V. (2015). A Comparative Study of Email Forensic Tools. J. Inf. Secur. 6, 2, 111.
- [11] Digital Forensics Framework, [available at: http://www.digital-forensic.org/].
- [12] E-mail Forensics in a Corporate Exchange Environment (Part 1). (2013), [available at: http://www.msexchange.org/articlestutorials/exchange-server-2013/compliancepolicies-archiving/e-mail-forensics-corporateexchange-environment-part1.html].
- [13] EmailTracer | Cyber Forensics, [available at: http://www.cyberforensics.in/].
- [14] EMailTrackerPro, [available at: http://www.emailtrackerpro.com.
- [15] Forensic Toolkit (FTK), AccessData. (2015). http://accessdata.com/solutions/digitalforensics/forensic-toolkit-ftk.
- [16] Forensics Investigation Toolkit (FIT) , [available at: http://www.edecision4u.com/FIT.html].
- [17] Garfinkel, S. L. (2010). Digital forensics research: The next 10 years. Digit. Investig. 7, S64–S73.
- [18] Geiger, M. (2005). Evaluating Commercial Counter-Forensic Tools. DFRWS.
- [19] Guidance Software - Endpoint Data Security, eDiscovery, Forensics, [available at: https://www.guidancesoftware.com/].
- [20] Ieong, R. S. C. (2006). FORZA - Digital forensics investigation framework that incorporate legal issues. Digit. Investig. 3, 29-36.
- [21] Internet 2010 in numbers - Pingdom Royal, [available at: http://royal.pingdom.com/2011/01/ 12/internet-2010-in-numbers/].
- [22] Investigation, Cybersecurity, Information Governance and eDiscovery Software | Nuix, [available at: http://www.nuix.com/].
- [23] Köhn, M., Olivier, M. S. & Eloff, J. H. P. (2006). Framework for a Digital Forensic Investigation. ISSA. 1-7.
- [24] Kurose, J. & Ross, K. (2001). Computer Networking: A Top Down Approach Featuring the Internet. AddisonWesley, Reading, MA.
- [25] Lalla, H. & Flowerday, S. (2010). Towards a Standardised Digital Forensic Process: E-mail Forensics. ISSA.
- [26] Leigland, R. & Krings, A. W. (2004). A formalization of digital forensics. Int. J. Digit. Evid. 3, 2, 1-32.
- [27] Lim, M. J.-H. (2008). Computational intelligence in e-mail traffic analysis. University of Tasmania.
- [28] MailXaminer, [available at: http://www.mailxaminer.com].
- [29] McQuaid, J. (2014). Finding and Analyzing Email with IEF. Magnet Forensics, [available at: https://www.magnetforensics.com/computerforensics/finding-and-analyzing-email-with-ief/].
- [30] Meghanathan, N., Allam, S. R. & Moore, L. A. (2010). Tools and techniques for network forensics. International Journal of Network Security & Its Applications. 1.1, 14-25.
- [31] Nance, K., Hay, B. & Bishop, M. (2009). Digital forensics: defining a research agenda. 42nd Hawaii International Conference on System Sciences. 1-6.
- [32] Paglierani, J. W. (2013). A Framework for Extended Acquisition and Uniform Representation of Forensic Email Evidence. Arizona State University.
- [33] Paraben (Network) E-mail Examiner, [available at: http://www.paraben.com/email-examiner.html].
- [34] Reith, M., Carr. C., & Gunsch, G. (2002). An Examination of Digital Forensic Models. International Journal of Digital Evidence.
- [35] Resnick, P., et. al. (2001). Internet message format. RFC 2822. IETF.
- [36] Sawmill - Universal log file analysis and reporting, [available at: https://www.sawmill.net/].
- [37] U.S. Department of Justice. (2013). Regional Computer Forensics Laboratory Annual Report for Fiscal Year 2013.
Uwagi
Opracowanie ze środków MNiSW w ramach umowy 812/P-DUN/2016 na działalność upowszechniającą naukę (zadania 2017).
Typ dokumentu
Bibliografia
Identyfikator YADDA
bwmeta1.element.baztech-bc8cc4d5-03c2-4ba8-b73d-c3809c54458a