Towards an Open-Source Based E-Mail Forensic Tool that uses Headers in Digital Investigation

Towards an Open-Source Based E-Mail Forensic Tool that uses Headers in Digital Investigation

연구 분야: Analysis

학회: NISS '23: Proceedings of the 6th International Conference on Networking, Intelligent Systems & Security

Email-related incidents/crimes are on the rise owing to the fact that communication by electronic mail (e-mail) has become an important part of our daily lives. The technicality behind e-mail plays an important role when looking for digital evidence that can be used to create a hypothesis that can be used during litigation. During this process, it is needful to have a tool that can help to isolate email incidents as a potential crime scene in the wake of suspected attacks. The problem that this paper is addressing paper, is more centered on realizing an open-source email-forensic tool that used the header analysis approach. One advantage of this approach is that it helps investigators to collect digital evidence from e-mail systems, organize the collected data, analyze and discover any discrepancies in the header fields of an e-mail, and generates an evidence report. The main contribution of this paper focuses on generating a freshly computed hash that is attached to every generated report, to ensure the verifiability, reliability, and integrity of the reports to prove that they have not been modified in any way. Finally, this ensures that the sanctity and forensic soundness of the collected evidence are maintained.