MET: an experimental system for Malicious Email Tracking
Proceedings of the 2002 workshop on New security paradigms
Hi-index | 0.00 |
Computer Forensic, the upcoming branch of forensic science where acquiring, preserving, retrieving and presenting content processed electronically and stored digitally, is used for legal evidence in computer related crimes or any other unethical practice involving manipulation of digital content. Such digital content can take many forms which are manifested by different file formats and digital artifacts. This paper concentrates on evidential usage of recovered deleted e-mail from off-line mail boxes to provide digital evidence in case of non-repudiation either by the sender or by the receiver. This is simply accomplished by using a digital forensic tool Encase 6.0 and applying a capturing mechanism to prove legitimacy of the evidence. The step-by-step procedure is able to increase the practical insight in the capturing of deleted e-mail as digital evidence of non-repudiation and able to provide an example for preparing evidentiary e-mail for presentation in the court of Law or for preparation of any legal procedure. Recovery of deleted e-mails in the form of digital evidence requires certain legal bindings which may be provided under this mechanism. This paper contributes to that extent that recovered files are ready digital evidence in the Court of Law.