Technology Corner: Analysing E-Mail Headers for Forensic Investigation

Banday, M. Tariq

doi:10.15394/jdfsl.2011.1095

Cited by 7 publications

(18 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Penelitian email spoofing juga dilakukan oleh [5], hasil dari penelitiannya adalah "Analisis dilakukan pada isi pesan email untuk menentukan legitimasinya". Pembeda penelitiannya adalah penelitian oleh [5] melakukan analisis header email namun tanpa mengetahui asal usul email dikirimkan dan tidak membahas cara kerja email spoofing, hal itu memungkinkan analisis email spoofing tidak dapat dengan mudah dipahami oleh semua orang, sedangkan pada penelitian ini dilakukan simulasi pengiriman email spoofing dengan tujuan mempermudah pemahaman tentang email spoofing.…”

Section: Pendahuluanunclassified

Investigasi Email Spoofing dengan Metode Digital Forensics Research Workshop (DFRWS)

Suryana

Akbar

Widiyasono

2016

JEPIN

View full text Add to dashboard Cite

Abstrak-Email spoofing merupakan kegiatan melakukan manipulasi data pada header email. Serangan yang paling terkenal dari email spoofing adalah serangan phishing, Tujuan dilakukan penelitian ini adalah untuk memberi wawasan tentang cara kerja melakukan pengiriman email spoofing dan mampu melakukan identifikasi email spoofing dengan melakukan analsis pada header email yang diterima. Metodologi yang digunakan pada penelitian ini adalah DFRWS (Digital Forensics Research Workshop), karena setiap langkah yang dilakukan dapat memberikan penjelasan yang lengkap. Hasil dari penelitian ini adalah email spoofing dapat dikirimkan dengan memanfaatkan layanan web hosting yang menyediakan layanan untuk pengiriman email dengan menggunakan bahasa pemrograman PHP dan hasil selanjutnya adalah mengetahui perbedaan antara email spoofing dan email asli, perbedaan tersebut akan diketahui dengan jelas ketika membuka header email rinci.

show abstract

Section: Pendahuluanunclassified

Investigasi Email Spoofing dengan Metode Digital Forensics Research Workshop (DFRWS)

Suryana

Akbar

Widiyasono

2016

JEPIN

View full text Add to dashboard Cite

show abstract

“…, compute the defection rate P according to the (2) and (3),and compute the rewards of detector and forger according to the (4) and (5) iv).…”

Section: Optimal Strategy Selectionmentioning

confidence: 99%

“…M.T Banday and Hong Guo et al. studied the working principle of an email, discussed the construction mechanism of keywords that commonly used in the header field, and applied the analysis to email forensic [2,3]. Based on the email header information, Preeti and Surekha et al provided an algorithm to identify the data, time, and address spoofing [4,5].…”

Section: Introductionmentioning

confidence: 99%

A Game Theoretic Framework for E-Mail Detection and Forgery Analysis

Chen¹,

Lou²,

Xiao³

et al. 2016

ijacsa

View full text Add to dashboard Cite

Abstract-In email forensic, the email detection and forgery conflict is an interdependent strategy selection process, and there exists complex dynamics between the detector and the forger, who have conflicting objectives and influence each other's performance and decisions. This paper aims to study their dynamics from the perspective of game theory .We firstly analyze the email basic structure and header information, then discuss the email detection and forgery technologies. In this paper, we propose a Detection-Forgery Game (DFG) model and make a classification of players' strategy with the Operation Complexity (OC). In the DFG model, we regard the interactions between the detector and the forger as a two-player, non-cooperative, nonzero-sum and finite strategic game, and formulate the Nash Equilibrium. The optimal detection and forgery strategies with minimizing cost and maximizing reward will be found by using the model. Finally, we perform empirical experiments to verify the effectiveness and feasibility of the model.

show abstract

“…From this metadata alone, an examiner can detect communication flows and evidence tampering, among other things. As shown by Banday in [12], the email headers are a valuable source of information in a forensic investigation involving email.…”

Section: A a Note On Legalitymentioning

confidence: 99%

“…Furthermore, normally mbox stores attachments in some form of directory structure related to their messages so that attachment analysis could be started as part of an automated process, separate from the email data. Finally, using mbox is useful even when processing the common PST format as tools from libPST 12 provide the conversion. Finally, we assert that mbox is valid for use as a forensic copy format as it is "output readable by sight, shown to reflect the data accurately" and thus "is an original" [2, pg.…”

Section: E Evidence Processing and Authenticationmentioning

confidence: 99%

Towards Comprehensive and Collaborative Forensics on Email Evidence

Paglierani¹,

Mabey²,

Ahn³

2013

Proceedings of the 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing

View full text Add to dashboard Cite

Abstract-The digital forensics community has neglected email forensics as a process, despite the fact that email remains an important tool in the commission of crime. At present, there exists little support for discovering, acquiring, and analyzing webbased email, despite its widespread use. In this paper we present a systematic process for email forensics which we integrate into the normal forensic analysis workflow, and which accommodates the distinct characteristics of email evidence. Our process focuses on detecting the presence of non-obvious artifacts related to email accounts, retrieving the data from the service provider, and representing email in a well-structured format based on existing standards. As a result, developers and organizations can collaboratively create and use analysis tools that can analyze email evidence from any source in the same fashion and the examiner can access additional data relevant to their forensic cases.

show abstract

Technology Corner: Analysing E-Mail Headers for Forensic Investigation

Cited by 7 publications

References 14 publications

Investigasi Email Spoofing dengan Metode Digital Forensics Research Workshop (DFRWS)

Investigasi Email Spoofing dengan Metode Digital Forensics Research Workshop (DFRWS)

A Game Theoretic Framework for E-Mail Detection and Forgery Analysis

Towards Comprehensive and Collaborative Forensics on Email Evidence

Contact Info

Product

Resources

About