Paper Info
Title
Channels: Runtime System Infrastructure for Security-Typed Languages
Abstract
This paper describes the design and development of a software system to support law enforcement in investigating and prosecuting email based crimes. It focuses on phishing scams which use emails to trick users into revealing personal data. The system described in this paper, called the Undercover Multipurpose Anti-Spoofing Kit (UnMask), will enable investigators to reduce the time and effort needed for digital forensic investigations of email-based crimes. A novel aspect of UnMask is its use of a database to not only store information related to the email and its constituent parts (such as IP addresses, links, domain names), but also to organize a workflow to automatically launch UNLX tools to collect additional information from the Internet. The retrieved information is in turn added to the database. Reports can then be automatically generated according to the needs of the forensic investigator, including correlations across multiple email data stored in the database. UnMask is a working system. To the best of our knowledge, UnMask is the first comprehensive system that can automatically analyze emails and generate forensic reports that can be used for subsequent investigation and prosecution.
Year
DOI
Venue
2007
10.1109/ACSAC.2007.12
TWENTY-THIRD ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, PROCEEDINGS
Keywords
Field
DocType
policies,security,information flow,operating system,data flow,software engineering,systems analysis,security analysis,information security,computer architecture,flow,information exchange,programming languages,compilers
Information flow (information theory),Programmer,Programming language,Firewall (construction),Computer security,Computer science,Systems analysis,Information security,Compiler,Security analysis,Runtime system
Conference
Citations 
PageRank 
References 
4
0.46
15
Authors
3
Name
Order
Citations
PageRank
Boniface Hicks117111.48
Tim Misiak240.46
P. McDaniel37174494.57