Abstract
—In this era of information technology, email applications are the foremost and extensively used electronic communication technology. Emails are profusely used to exchange data and information using several frontend applications from various service providers by its users. Currently most of the email clients and service providers now moved to secured data communications using SSL or TLS security for their data exchanged. Cyber criminals and terrorists have started by means of this mode for exchanging their malicious information in their transactions. Forensic experts have to face greater difficulty and multiple challenges in tracing crucial forensic information from network packets as the communication is secured. These challenges might affect the digital forensic experts in procuring substantial evidences against such criminals from their working environments. This research work revels working background of SSL based webmail forensic engine, which decrypt respective communication or network session and also reconstruct the actual message contents of webmail applications. This digital forensic engine is compatible to work with in proxy servers and other computing environments and enables forensic reconstruction followed by analysis of webmail clients. Proposed forensic engine employs is a highspeed packet capturing hardware module, a sophisticated packet reformation algorithm; restores email header and messages from encrypted stream of SMTP and POP3 network sessions. Proposed forensic engine also support cyber investigation team with generated forensic report and prosecution of culprits by judiciary system of the specific country
Highlights
With advent of email applications, this technological era has changed the style of communication in all the facets of current social and business environments
This paper introduces a complete webmail forensic engine, which decrypts networks session with email transactions over SSL successfully and traces available forensic details of communication effectively, which are sufficient to pin point malicious users and prosecute them
This paper describes a novel method to decrypt a particular encrypted stream by tracing cryptographic details successfully for regenerating all available email communications
Summary
With advent of email applications, this technological era has changed the style of communication in all the facets of current social and business environments Such applications provide great handiness to users in exchanging multimedia contents cost effectively. Though SSL encrypt the transaction to ensure security and privacy of communications, the process of encrypting messages brings following two serious challenges to forensic investigators frameworks It increases the burden of collecting and decrypting the network session with targeted email communications. This paper introduces a complete webmail forensic engine, which decrypts networks session with email transactions over SSL successfully and traces available forensic details of communication effectively, which are sufficient to pin point malicious users and prosecute them. This proposed framework implemented for offline packet analysis as decryption process of network session is complicated in online packet analysis
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Advanced Computer Science and Applications
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
