Full Text Available
Note: Clicking the button above will open the full text document at the original institutional repository in a new window.
Investigating and Implementing an Email Forensic Readiness Architecture
Dissertation (MSc)--University of Pretoria, 2017.
Saved in:
| Other Authors: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
University of Pretoria
2018
|
| Subjects: | |
| Tags: |
No Tags, Be the first to tag this record!
|
| _version_ | 1867613705051570176 |
|---|---|
| access_status_str | Open Access |
| author2 | Venter, Hein S. |
| author_browse | Venter, Hein S. |
| author_facet | Venter, Hein S. |
| collection | Thesis |
| dc_rights_str_mv | © 2018 University of Pretoria. All rights reserved. The copyright in this work vests in the University of Pretoria. No part of this work may be reproduced or transmitted in any form or by any means, without the prior written permission of the University of Pretoria. |
| description | Dissertation (MSc)--University of Pretoria, 2017. |
| format | Thesis |
| id | oai:repository.up.ac.za:2263/66254 |
| institution | University of Pretoria (South Africa) |
| language | English |
| last_indexed | 2026-06-10T12:40:23.116Z |
| license_str | Other — see source repository |
| provenance_str_mv | Harvested via OAI-PMH from UPSpace — University of Pretoria Institutional Repository |
| publishDate | 2018 |
| publishDateRange | 2018 |
| publishDateSort | 2018 |
| publisher | University of Pretoria |
| publisherStr | University of Pretoria |
| record_format | dspace |
| source_str | UPSpace — University of Pretoria Institutional Repository |
| spelling | oai:repository.up.ac.za:2263/66254 Investigating and Implementing an Email Forensic Readiness Architecture Venter, Hein S. ruan.vanstaden@up.ac.za Van Staden, F.R. UCTD Email Forensics Digital Forensics Forensic Readiness Email Security Cybersecurity Forensic Readiness Architecture Engineering, built environment and information technology theses SDG-09 Engineering, built environment and information technology theses SDG-16 Dissertation (MSc)--University of Pretoria, 2017. Email forensic investigations rely on the collection and analysis of digital forensic evidence collected from email systems. Problems arise when the digital forensic evidence needed for the email forensic investigation is no longer available or there is a huge amount of email data that can be collected which take time to sift through to find the digital forensic evidence that is actually needed. The email digital forensic readiness (eDFR) architecture, as proposed in this dissertation, endeavours to address these problems. The eDFR architecture is based on the digital forensic readiness process described in ISO 27043. To ensure that the collected email data can be used as digital forensic evidence a process to validate the collected email data was created. The validation process uses data collected from the email IP headers to validate the data in the SMTP headers ensuring that the SMTP header data was not spoofed or in any way changed. The IP header data is stored in an audit database together with the email data so that the validation process can be executed at any time. An audit database is used to store the collected data to ensure that once the data is stored it cannot be tampered with. The digital forensic evidence collected using the eDFR architecture was found to be useable as part of an email forensic investigation. It was also found to be useful for other processes such as creating a graph representation of email sent and received by an email system or a group of email systems. It was shown that implementing the eDFR architecture could be achieved in an economical way that has almost no impact on current email systems. bs2026 Computer Science MSc Unrestricted SDG-09: Industry, innovation and infrastructure SDG-16: Peace, justice and strong institutions 2018-08-17T09:42:50Z 2018-08-17T09:42:50Z 2005/02/18 2017 Dissertation Van Staden, FR 2017, Tracing the origin of unsolicited electronic communication using digital forensics, MSc Dissertation, University of Pretoria, Pretoria, viewed yymmdd <http://hdl.handle.net/2263/66254> A2018 http://hdl.handle.net/2263/66254 en © 2018 University of Pretoria. All rights reserved. The copyright in this work vests in the University of Pretoria. No part of this work may be reproduced or transmitted in any form or by any means, without the prior written permission of the University of Pretoria. application/pdf University of Pretoria |
| spellingShingle | UCTD Email Forensics Digital Forensics Forensic Readiness Email Security Cybersecurity Forensic Readiness Architecture Engineering, built environment and information technology theses SDG-09 Engineering, built environment and information technology theses SDG-16 Investigating and Implementing an Email Forensic Readiness Architecture |
| title | Investigating and Implementing an Email Forensic Readiness Architecture |
| title_full | Investigating and Implementing an Email Forensic Readiness Architecture |
| title_fullStr | Investigating and Implementing an Email Forensic Readiness Architecture |
| title_full_unstemmed | Investigating and Implementing an Email Forensic Readiness Architecture |
| title_short | Investigating and Implementing an Email Forensic Readiness Architecture |
| title_sort | investigating and implementing an email forensic readiness architecture |
| topic | UCTD Email Forensics Digital Forensics Forensic Readiness Email Security Cybersecurity Forensic Readiness Architecture Engineering, built environment and information technology theses SDG-09 Engineering, built environment and information technology theses SDG-16 |
| url | http://hdl.handle.net/2263/66254 |