The Association of Digital Forensics, Security and Law (ADFSL)
Communication between people counts to the most important information of today’s business. As a result, in case of forensic investigations in big companies, analysis of communication data in general and especially email, as the still most widely used business communication platform with an immense and still growing volume, is a typical task in digital forensics. One of the challenges is to identify the relevant communication partners and structures in the suspects surrounding as quickly as possible in order to react appropriately and identify further targets of evaluation. Due to the amount of emails in typical inboxes, reading through all the mails renders impractical. Therefor, forensic investigators need tools that support them in quickly receiving an impression of a suspect’s email communication, identifying the relevant communication partners, and realizing communication patterns in single or even multiple email accounts. We introduce an open source forensic email analysis tool that provides exactly by means of a responsive and interactive graph visualization of email data supported by statistical information.
Abbasi, A., & Chen, H. (2008). Writeprints: A stylometric approach to identity-level identification and similarity detection in cyberspace.
ACM Transactions on Information Systems (TOIS), 26 (2), 7.
Bostock, M. (2011). D3 – Data-Driven-Documents.
Retrieved 2016-05-18, from http://d3js.org/
Eijkhoudt, A., & Suerink, T. (2013). Uforia: Universal forensic indexer and analyzer.
Journal of Computer Virology and Hacking Techniques, 9 (2), 59–63.
Garfinkel, S. L. (2010). Digital forensics research: The next 10 years.
digital investigation, 7 , S64–S73.
Hadjidj, R., Debbabi, M., Lounis, H., Iqbal, F., Szporer, A., & Benredjem, D. (2009). Towards an integrated e-mail forensi analysis framework.
digital investigation, 5 (3), 124–137.
Iqbal, F., Hadjidj, R., Fung, B. C., & Debbabi, M. (2008). A novel approach of mining write-prints for authorship attribution in e-mail forensics.
digital investigation, 5 , S42–S51.
Klimt, B., & Yang, Y. (2004). Introducing the enron corpus
Li, W.-J., Hershkop, S., & Stolfo, S. J. (2004). Email archive analysis through graphical visualization.
In Proceedings of the 2004 acm workshop on visualization and data mining for computer security (pp. 128–132).
Meng, F., Wu, S., Yang, J., & Yu, G. (2009). Research of an e-mail forensic and analysis system based on visualization.
In Computational intelligence and industrial applications, 2009. paciia 2009. asia-pacific conference on (Vol. 1, pp. 281–284).
Metz, J. (2014). libpff library.
Retrieved 2016-11-09, from https://github.com/libyal/libpff
Radicati, S. (2014). Email statistics report, 2014-2018.
the radicati group. Inc., London.
Stadlinger, Johannes and Dewald, Andreas
"A Forensic Email Analysis Tool Using Dynamic Visualization,"
Journal of Digital Forensics, Security and Law: Vol. 12
, Article 6.
Available at: http://commons.erau.edu/jdfsl/vol12/iss1/6