Towards comprehensive and collaborative forensics on email evidence

Justin Paglierani; Mike Mabey; Gail-Joon Ahn

doi:10.4108/icst.collaboratecom.2013.254125

Towards comprehensive and collaborative forensics on email evidence

Justin Paglierani, Mike Mabey, Gail-Joon Ahn

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

9 Scopus citations

Abstract

The digital forensics community has neglected email forensics as a process, despite the fact that email remains an important tool in the commission of crime. At present, there exists little support for discovering, acquiring, and analyzing web-based email, despite its widespread use. In this paper we present a systematic process for email forensics which we integrate into the normal forensic analysis workflow, and which accommodates the distinct characteristics of email evidence. Our process focuses on detecting the presence of non-obvious artifacts related to email accounts, retrieving the data from the service provider, and representing email in a well-structured format based on existing standards. As a result, developers and organizations can collaboratively create and use analysis tools that can analyze email evidence from any source in the same fashion and the examiner can access additional data relevant to their forensic cases.

Original language	English (US)
Title of host publication	Proceedings of the 9th IEEE International Conference on Collaborative Computing
Subtitle of host publication	Networking, Applications and Worksharing, COLLABORATECOM 2013
Pages	11-20
Number of pages	10
DOIs	https://doi.org/10.4108/icst.collaboratecom.2013.254125
State	Published - 2013
Event	9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013 - Austin, TX, United States Duration: Oct 20 2013 → Oct 23 2013

Publication series

Name	Proceedings of the 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013

Other

Other	9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013
Country/Territory	United States
City	Austin, TX
Period	10/20/13 → 10/23/13

Keywords

Email
collaboration
forensics

ASJC Scopus subject areas

Computer Networks and Communications
Computer Science Applications

Access to Document

10.4108/icst.collaboratecom.2013.254125

Cite this

Paglierani, J., Mabey, M., & Ahn, G.-J. (2013). Towards comprehensive and collaborative forensics on email evidence. In Proceedings of the 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013 (pp. 11-20). Article 6679965 (Proceedings of the 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013). https://doi.org/10.4108/icst.collaboratecom.2013.254125

Towards comprehensive and collaborative forensics on email evidence. / Paglierani, Justin; Mabey, Mike; Ahn, Gail-Joon.
Proceedings of the 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013. 2013. p. 11-20 6679965 (Proceedings of the 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Paglierani, J, Mabey, M & Ahn, G-J 2013, Towards comprehensive and collaborative forensics on email evidence. in Proceedings of the 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013., 6679965, Proceedings of the 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013, pp. 11-20, 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013, Austin, TX, United States, 10/20/13. https://doi.org/10.4108/icst.collaboratecom.2013.254125

Paglierani J, Mabey M, Ahn GJ. Towards comprehensive and collaborative forensics on email evidence. In Proceedings of the 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013. 2013. p. 11-20. 6679965. (Proceedings of the 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013). doi: 10.4108/icst.collaboratecom.2013.254125

Paglierani, Justin ; Mabey, Mike ; Ahn, Gail-Joon. / Towards comprehensive and collaborative forensics on email evidence. Proceedings of the 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013. 2013. pp. 11-20 (Proceedings of the 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013).

@inproceedings{2dbf9f2cc93b4a3698d56a768d699d3b,

title = "Towards comprehensive and collaborative forensics on email evidence",

abstract = "The digital forensics community has neglected email forensics as a process, despite the fact that email remains an important tool in the commission of crime. At present, there exists little support for discovering, acquiring, and analyzing web-based email, despite its widespread use. In this paper we present a systematic process for email forensics which we integrate into the normal forensic analysis workflow, and which accommodates the distinct characteristics of email evidence. Our process focuses on detecting the presence of non-obvious artifacts related to email accounts, retrieving the data from the service provider, and representing email in a well-structured format based on existing standards. As a result, developers and organizations can collaboratively create and use analysis tools that can analyze email evidence from any source in the same fashion and the examiner can access additional data relevant to their forensic cases.",

keywords = "Email, collaboration, forensics",

author = "Justin Paglierani and Mike Mabey and Gail-Joon Ahn",

year = "2013",

doi = "10.4108/icst.collaboratecom.2013.254125",

language = "English (US)",

isbn = "9781936968923",

series = "Proceedings of the 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013",

pages = "11--20",

booktitle = "Proceedings of the 9th IEEE International Conference on Collaborative Computing",

note = "9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013 ; Conference date: 20-10-2013 Through 23-10-2013",

}

TY - GEN

T1 - Towards comprehensive and collaborative forensics on email evidence

AU - Paglierani, Justin

AU - Mabey, Mike

AU - Ahn, Gail-Joon

PY - 2013

Y1 - 2013

N2 - The digital forensics community has neglected email forensics as a process, despite the fact that email remains an important tool in the commission of crime. At present, there exists little support for discovering, acquiring, and analyzing web-based email, despite its widespread use. In this paper we present a systematic process for email forensics which we integrate into the normal forensic analysis workflow, and which accommodates the distinct characteristics of email evidence. Our process focuses on detecting the presence of non-obvious artifacts related to email accounts, retrieving the data from the service provider, and representing email in a well-structured format based on existing standards. As a result, developers and organizations can collaboratively create and use analysis tools that can analyze email evidence from any source in the same fashion and the examiner can access additional data relevant to their forensic cases.

AB - The digital forensics community has neglected email forensics as a process, despite the fact that email remains an important tool in the commission of crime. At present, there exists little support for discovering, acquiring, and analyzing web-based email, despite its widespread use. In this paper we present a systematic process for email forensics which we integrate into the normal forensic analysis workflow, and which accommodates the distinct characteristics of email evidence. Our process focuses on detecting the presence of non-obvious artifacts related to email accounts, retrieving the data from the service provider, and representing email in a well-structured format based on existing standards. As a result, developers and organizations can collaboratively create and use analysis tools that can analyze email evidence from any source in the same fashion and the examiner can access additional data relevant to their forensic cases.

KW - Email

KW - collaboration

KW - forensics

UR - http://www.scopus.com/inward/record.url?scp=84893537100&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84893537100&partnerID=8YFLogxK

U2 - 10.4108/icst.collaboratecom.2013.254125

DO - 10.4108/icst.collaboratecom.2013.254125

M3 - Conference contribution

AN - SCOPUS:84893537100

SN - 9781936968923

T3 - Proceedings of the 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013

SP - 11

EP - 20

BT - Proceedings of the 9th IEEE International Conference on Collaborative Computing

T2 - 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013

Y2 - 20 October 2013 through 23 October 2013

ER -

Towards comprehensive and collaborative forensics on email evidence

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this