Share This Article:

A Comparative Study of Email Forensic Tools

Abstract Full-Text HTML XML Download Download as PDF (Size:496KB) PP. 111-117
DOI: 10.4236/jis.2015.62012    7,609 Downloads   9,039 Views   Citations

ABSTRACT

Over the last decades, email has been the major carrier for transporting spam and malicious contents over the network. Email is also the primary source of numerous criminal activities on the Internet. Computer Forensics is a systematic process to retain and analyze saved emails for the purpose of legal proceedings and other civil matters. Email analysis is challenging due to not only various fields that can be forged by hackers or malicious users, but also the flexibility of composing, editing, deleting of emails using offline (e.g., MS Outlook) or online (e.g., Web mail) email applications. Towards this direction, a number of open source forensics tools have been widely used by the practitioners. However, these tools have been developed in an isolated manner rather than a collaborative approach. Given that email forensic tool users need to understand to what extent a tool would be useful for his/her circumstances and conducting forensic analysis accordingly. In this paper, we examine a set of common features to compare and contrast five popular open source email forensic tools. The study finds that all email forensic tools are not similar, offer diverse types of facility. By combining analysis tools, it may be possible to gain detailed information in the area of email forensic.

Conflicts of Interest

The authors declare no conflicts of interest.

Cite this paper

Devendran, V. , Shahriar, H. and Clincy, V. (2015) A Comparative Study of Email Forensic Tools. Journal of Information Security, 6, 111-117. doi: 10.4236/jis.2015.62012.

References

[1] Conan Albrecht, Email Analysis.
http://www.gsaig.gov/assets/File/other-documents/Forensics-EmailAnalysis.pptx.pdf
[2] McAfee SaaS Email Protection.
http://www.mcafee.com/us/resources/solution-briefs/sb-saas-email-protection-solution-guide.pdf
[3] Banday, M. (2011) Analyzing Email Headers for Forensic Investigation. Journal of Digital Forensics, Security, and Law, 6, 50-64.
[4] Meghanathan, N., Allam, S.R. and Moore, L.A. (2009) Tools and Techniques for Network Forensics. International Journal of Network Security and its Applications, 1, 14-25.
http://airccse.org/journal/nsa/0409s2.pdf
[5] Garfinkel, S.L. (2010) Digital Forensics Research: The Next 10 Years. Digital Investigation, 7, S64-S73.
http://dx.doi.org/10.1016/j.diin.2010.05.009
[6] MailXaminer. http://www.mailxaminer.com/
[7] Aid4Mail Forensic. http://www.aid4mail.com/
[8] Digital Forensics Framework. http://www.digital-forensic.org/
[9] EMailTrackerPro. http://www.emailtrackerpro.com/
[10] Paraben (Network) E-mail Examiner. http://www.paraben.com/email-examiner.html
[11] Garfinkel, S. (2006) Forensic Feature Extraction and Cross-Drive Analysis. Digital Investigation, 3, 71-81.
[12] Marwan A.Z. (2004) Tracing E-mail Headers. Proceedings of Australian Computer, Network & Information Forensics Conference, November 2004, School of Computer and Information Science, Edith Cowan University Western Australia, 16-30.
[13] Free Computer Forensic Tool. https://forensiccontrol.com/resources/free-software/
[14] Digital Intelligence Forensic Software.
http://www.digitalintelligence.com/forensicsoftware.php

  
comments powered by Disqus

Copyright © 2018 by authors and Scientific Research Publishing Inc.

Creative Commons License

This work and the related PDF file are licensed under a Creative Commons Attribution 4.0 International License.