Home Page Marketing Email Proposal- Email Forensics Tracing and Mapping Digital Evidence from IP Address

Proposal- Email Forensics Tracing and Mapping Digital Evidence from IP Address

Category: Email, Evidence, Forensic Science
Last Updated: 13 Jan 2021
Essay type: Proposal
Pages: 4 Views: 281

Introduction

Email is a crucial means of communication in modern digital era. It is widely used to communicate personal, business and other sensitive information across the globe in a cost effective manner (Burns, 2006). Communication via email is vulnerable to various kinds of attacks, making it a likely target for those with criminal intent (Internet Crime Complaint Center [IC3], 2009). Private email communication between two or more known associates can be easily protected through security mechanisms such as tunneling and encryption. However, the majority of the e-mail communication over the Internet occurs between unknown people while public e-mail still faces various security threats.

E-mail, like any other communication activity over the Internet, can be traced back to its originator through various methods. This forms the basics of email forensics; enabling the collection of digital evidence against those who use e-mails to commit crimes. Digital evidence helps identify and trace back the originator of an e-mail attack. Due to the enormity of the Internet, the most important issue in determining the location of an e-mail attacker is to narrow down the search for the location of the attacker. This research proposes the implementation of ‘hop count distance’ method which would use the Time-to-Live (TTL) field in Internet Protocol packet to narrow down the location from where an attack is originated.

Order custom essay Proposal- Email Forensics Tracing and Mapping Digital Evidence from IP Address with free plagiarism report

feat icon 450+ experts on 30 subjects feat icon Starting from 3 hours delivery
Get Essay Help

Project Background

Due to the widespread use of e-mail communication, individuals often have their own personal accounts along with those related to work. Workplace mailboxes and emails service providers store hundreds of thousands of emails. Hence most of the popular e-mail forensic applications such as encase, Nuix Forensics Desktop, x-ways forensics, Forensic Toolkit (FTK), Intella, etc., are aimed at searching millions of emails. These forensic application and others are also equipped with the capability of recovering deleted emails. These programs enable the collection of digital evidence through the recovery of email messages or email addresses related to any criminal activity. They do not trace back the email to its originator in terms of physical location of the attacker. Investigators rely on other email trace back applications to determine the location from where the email was sent. Most of the email trace back applications depend upon the Internet Protocol (IP) address of the source stored in the header of the email to determine the exact location of the originator. This technique works fine, however almost all malicious activity over the email is performed using spoofed IP address which negates the usability of tracing the source through IP address.

There are several IP trace back mechanisms that can find the source of the attack despite the IP address being spoofed in case of Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks (Karthik, Arunachalam, & Ravichandran, 2008). Although these mechanisms such as iTrace or PPM are highly efficient in determining the source of the attack, their complexity and high resource requirements for tracing the source renders them very improbable for being used as email forensic mechanisms. Thus there is a need to determine a resource efficient and simplistic solution for tracing the source of an email attack with a spoofed IP address.

Solution Outline

This study proposes a hop-count-based source-to-destination distance method for developing a simplistic and efficient trace back mechanism for tracing the source of an email attack with a spoofed source IP address. This mechanism is based on the hop count value (the intermediate devices between the source and the destination through which a set of data passes) stored inside the Time-to-Live (TTL) field in the IP packet to estimate the distance and subsequently the approximate location of the origin of the email (Wang et al., 2007). The hop-count-based source-to-destination distance can be worked out just within a minute after confining a single IP packet. The approximate location of the source of an email with a spoofed IP address can be located with a single day. The hop-count-based source-to-destination distance method cannot find the exact location of the source; however, it can prove to be an important tool in slimming down the scope of the search to aid further investigation and trace back process. Furthermore, the hop-count-based source-to-destination distance method can be applied in tracking various other attacks.

Project aims and Objectives

Currently, there are several IP trace back mechanisms that are designed to trace IP address in case of DoS or DDoS attacks over the Internet. These mechanisms require either a lot of resources or complicated network designs during trace back. The objective of this study is to propose a mechanism that fills the gap between resource-hungry and complicated trace back mechanisms.

Project Deliverables

This project will deliver a detailed report of the designed mechanism as part of the finding and analysis of a dissertation along with all its relevant components.

References

Burns, E. (2006). New online activities show greatest growth. Retrieved October 3, 2009 {online} http://www.clickz.com/3624155 (cited on 23rd Oct, 2012)

Internet Crime Complaint Center (IC3). (2009). IC3 2008 annual report on Internet crime released. Retrieved October 3, 2009 {online} http://www.ic3.gov/media/2009/090331.aspx (cited on 23rd Oct, 2012)

Karthik, S., & Arunachalam, V. P., & Ravichandran, T. (2008). A comparitive study of various IP traceback strategies and simulation of IP traceback. Asian Journal of Information Technology, 7(10), 454-458. Retrieved September 30, 2009 {online} http://docsdrive.com/pdfs/medwelljournals/ajit/2008/454-458.pdf (cited on 23rd Oct, 2012)

Wang, H., & Jin, C., & Shin, K. G. (2007). Defense against spoofed IP traffic using hop-count filtering. Retrieved October 1, 2009 {online} http://www.cs.wm.edu/~hnw/paper/hcf.pdf (cited on 23rd Oct, 2012)

Cite this Page

Proposal- Email Forensics Tracing and Mapping Digital Evidence from IP Address. (2018, Dec 11). Retrieved from https://phdessay.com/proposal-email-forensics-tracing-and-mapping-digital-evidence-from-ip-address/

Don't let plagiarism ruin your grade

Run a free check or have your essay done for you

Check my essay Hire Writer
plagiarism ruin image

More related essays

Explore more free examples on similar topics
Digital and Non-Digital Communication
Essay type:  Proposal
Words:  994
Pages:  4

A digital watch or clock shows the time with numbers that change as the time changes. The word digital obviously originates from the word digit, meaning number, and although difficult.

Most consumers marketing communications involve digital now, should they be digital-centric
Essay type:  Proposal
Words:  5025
Pages:  19

Introduction Marketing is an expansive topic that covers a range of aspects, including advertising, public relations, sales, and promotions. The former involves getting a product or service into the market, promoting.

Mapping O’Connor’s “A Good Man is Hard to Find”
Essay type:  Proposal
Words:  744
Pages:  3

O’Connor, in response to her critics note that a certain amount of the significance “A Good Man is Hard to Find” lies in its utility in terms of teaching as.

Curriculum mapping
Essay type:  Proposal
Words:  1124
Pages:  5

Answer to why curriculum mapping. Comprehensive curriculum maps promote higher achievement levels as the vision of the map is created by a team of education experts not only from within.

Analyzing the value of crime mapping
Essay type:  Proposal
Words:  248
Pages:  1

Analyzing the value of crime mapping in the first case, it revolves around consolidating specific strategies for law enforcers to address the situation with ABC precinct. Here, consideration should be.

Analysis of a Mapping Programme: Neogeography
Essay type:  Proposal
Words:  1349
Pages:  5

IntroductionNeogeography, literally intending “new geography” is basically a “do-it-yourself” function scheduling, which is going progressively popular and powerful today ( Wikipedia.org ) . In the past, making maps online was.

Competency Mapping for Accounting Professionals
Essay type:  Proposal
Words:  9145
Pages:  34

COMPETENCY MAPPING FOR ACCOUNTANCY PROFESSIONALS Perspective Planning Committee The Institute of Chartered Accountants of India Post Box No. 7100, Indraprastha Marg New Delhi - 110002 COMPETENCY MAPPING FOR ACCOUNTANCY PROFESSIONALS.

Mapping Compensation
Essay type:  Proposal
Words:  516
Pages:  2

Wall-Mart has a lot of these things in common with Microsoft, although Wall-Mart tries to soften the low at times by cushioning their employment strategy with a discount card or.

We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy

Save time and let our verified experts help you.

Hire writer