Research And Design On E-mail Forensic And Authentication System

Nowadays, E-mail is the most widely used network service on the Internet, and it has becomeone of communication tools in our daily life. As a result, commercial disputes and criminalactivities associated with e-mail are growing rapidly. We need to find out the E-mail evidencefrom hard drive, mobile storage devices and mail server in a forensic way, and use multipletechnology to authenticate the real recipient or receiver even the content of the evidence E-mailwhen dispute arise. Currently the research on comprehensive authentication of E-mail is almosttotally blank. This paper researches several fields of E-mail Forensic, and the main work andresults are as follows:The first part of the research in this paper is to introduce the concept of E-mail Forensic, andput forward the definition and content of E-mail authentication. This paper also design the priorand after E-mail forensic model. Meanwhile, we design a structure modal of E-mail Forensic andAuthentication System, as well as various types of E-mail forensic and authentication specificprocedure modal under this framework..As far as extracting E-mail evidence, we focus on the key technology including extractingvolatile and non-volatile E-mail evidence, and how to extract E-mail header information, thentracing the source. After introduce the file format of FAT and NTFS file system, we propose thealgorithm of how to extract the existence and deleted E-mail files in the FAT and NTFS filesystem.Analyzing the extracted E-mail data refers to many different kinds of skills. So we design aanalyze engine for analysis. We describe the details of E-mail server log analysis, E-mail writingcharacter authentication, E-mail file fragment research, Webmail forensic and authentication.Especially on the E-mail writing character authentication, this paper reference to the EnglishE-mail character, put forward the “language+format+structure” Chinese E-mail characters. Thispaper also improves the language character extraction algorithm TF-IDF, to make it more fit forChinese E-mail, Furthermore, we proposed E-mail writing character authentication algorithm. Onthe E-mail file fragment research, we use the DBX file for example, proposed DBX file fragmentextraction algorithm.At last, we experiment two key technologies in the E-mail forensic and authentication systemincluding E-mail writing character authentication algorithm and E-mail file fragment extractionalgorithm. These experiments further verify its effectiveness.As the first advanced paper on this field in our country, this paper provides lots ofinformation and E-mail forensic methods for low enforcement, government and military agencies.And it can be good material for many subjects such as Computer Science, Information andCommunication Engineering.