The Design And Implementation Of Email Analysis And Forensies System

With the rapid development of internet technology, people send email through the internet,making communication easier and faster. Email but also for its new, fast and economic characteristics has become an important and indispensable means of communication. Meanwhile, a variety of common criminals have begun to use email in various criminal activities. In many computer crime cases and commercial and civil disputes involving email. Email contains a wealth of all kinds of useful information, which is one important way for computer forensic analysis. Email can provide some strong clues for the detection of cases. To improve efficiency, people often use various types of e-mail client to handle e-mail (such as Foxmail,Outlook Express,Microsoft Office Outlook etc.). Therefore, the analysis of e-mail data files stored by various types of mail clients is an important means of computer analysis and forensies.In this study,email analysis and forensies system mainly focus on three mail clients in the domestic: Foxmail,Outlook Express(OE) and Microsoft Office Outlook. By analyzing the .ind,. BOX mail file format stored by Foxmail, the .DBX mail file format stored by OE and the .PST mail file format stored by Outlook, we can extract key information , which is interested by us , such as the sender's or recipients's﹑e-mail address﹑send time﹑receive time﹑subject﹑message body content and attachment. Then, we can count and classify the sender's or recipients's email addresses, draw email-time diagrams and social network diagram by using the visualization﹑social network analysis techniques. Therefore, we can analysis and find the hidden relationships between the senders and recipients.In this study, firstly,we will briefly introduce the background and the significance of email analysis and forensies, the current situation in domestic and international. Then, we will describes the system's overall objectives, operating environment, the main function and overall structure. Especially, we will introduce the design concept and structure of the key functional modules of the system ; And then, we will introduce in detail the key technique used in this system design and develop. That are: parsing the .ind, .BOX mail file datas based on the file tructural analysis; parsing the DBX mail file datas based on the COM technique; parsing the PST mail file datas based on the OLE automation technology. And the database access technique, the basic theory of graph-drawing, the figure automatic layout algorithm and the implementation based on the Genetic Algorithm used by drawing the email-time diagrams and social network diagram. And then, we introduce the development environment of the entire system. We focus on the implementation of the user interface and all kinds of function indexes, through by using the key technique mentioned before. We will describes in detail the implementation of the email analysis and forensies system; Finally, we summarize the design, develop and implementation of the system, and the deficiencies for the next step of the research proposed.