SSL based Webmail Forensic Engine

In this era of information technology, email applications are the foremost and extensively used electronic communication technology. Emails are profusely used to exchange data and information using several frontend applications from various service providers by its users. Currently most of the email clients and service providers now moved to secured data communications using SSL or TLS security for their data exchanged. Cyber criminals and terrorists have started by means of this mode for exchanging their malicious information in their transactions. Forensic experts have to face greater difficulty and multiple challenges in tracing crucial forensic information from network packets as the communication is secured. These challenges might affect the digital forensic experts in procuring substantial evidences against such criminals from their working environments. This research work revels working background of SSL based webmail forensic engine, which decrypt respective communication or network session and also reconstruct the actual message contents of webmail applications. This digital forensic engine is compatible to work with in proxy servers and other computing environments and enables forensic reconstruction followed by analysis of webmail clients. Proposed forensic engine employs is a high-speed packet capturing hardware module, a sophisticated packet reformation algorithm; restores email header and messages from encrypted stream of SMTP and POP3 network sessions. Proposed forensic engine also support cyber investigation team with generated forensic report and prosecution of culprits by judiciary system of the specific country.

[1]  WenQi Wang,et al.  The Research on Email Forensic Based Network , 2009, 2009 First International Conference on Information Science and Engineering.

[2]  Pavel Celeda,et al.  HTTPS traffic analysis and client identification using passive SSL/TLS fingerprinting , 2016, EURASIP J. Inf. Secur..

[3]  Khidir M. Ali Digital Forensics Best Practices and Managerial Implications , 2012, 2012 Fourth International Conference on Computational Intelligence, Communication Systems and Networks.

[4]  Abeer E. W. Eldewahi,et al.  SSL/TLS attacks: Analysis and evaluation , 2015, 2015 International Conference on Computing, Control, Networking, Electronics and Embedded Systems Engineering (ICCNEEE).

[5]  Page Manesh,et al.  Network Forensic Investigation of HTTPS Protocol , 2013 .

[6]  Gail-Joon Ahn,et al.  Towards comprehensive and collaborative forensics on email evidence , 2013, 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing.

[7]  T. Manesh,et al.  Forensic investigation framework for P2P protocol , 2014, 2014 International Conference on Control, Instrumentation, Communication and Computational Technologies (ICCICCT).

[8]  Sanjay Agrawal,et al.  A hybrid approach for spam filtering using support vector machine and artificial immune system , 2014, 2014 First International Conference on Networks & Soft Computing (ICNSC2014).

[9]  Hong Guo,et al.  Analysis of Email Header for Forensics Purpose , 2013, 2013 International Conference on Communication Systems and Network Technologies.

[10]  Paul Sant,et al.  The Forensics Edge Management System: A Concept and Design , 2013, 2013 IEEE 10th International Conference on Ubiquitous Intelligence and Computing and 2013 IEEE 10th International Conference on Autonomic and Trusted Computing.

[11]  Lili Xie,et al.  A forensics tool of Foxmail client , 2014, The 2014 2nd International Conference on Systems and Informatics (ICSAI 2014).

[12]  Lili Xie,et al.  An Email Forensics Analysis Method Based on Social Network Analysis , 2013, 2013 International Conference on Cloud Computing and Big Data.

[13]  T. Manesh,et al.  VoIP Forensic Analyzer , 2016 .

[14]  Pavel Celeda,et al.  Network-Based HTTPS Client Identification Using SSL/TLS Fingerprinting , 2015, 2015 10th International Conference on Availability, Reliability and Security.

[15]  Rolf Oppliger SSL and TLS: Theory and Practice , 2009 .

[16]  D. Lalitha Bhaskari,et al.  A Stylometric Investigation Tool for Authorship Attribution in E-Mail Forensics , 2014 .

[17]  Wang Hui,et al.  Network Data Packet Capture and Protocol Analysis on Jpcap-Based , 2009, 2009 International Conference on Information Management, Innovation Management and Industrial Engineering.

[18]  Lili Xie,et al.  A forensic analysis solution of the email network based on email contents , 2015, 2015 12th International Conference on Fuzzy Systems and Knowledge Discovery (FSKD).

[19]  T. Manesh,et al.  Forensic Framework for Skype Communication , 2016 .

[20]  Hossain Shahriar,et al.  A Comparative Study of Email Forensic Tools , 2015 .

[21]  T. Manesh,et al.  An Improved Approach towards Network Forensic Investigation of HTTP and FTP Protocols , 2011 .