Title :
IP geolocation suspicious email messages
Author :
Butkovic, Asmir ; Mrdovic, Sasa ; Mujacic, Samra
Author_Institution :
Police Support Agency of Bosnia & Herzegovina, Sarajevo, Bosnia-Herzegovina
Abstract :
As the Internet and electronic mail continue to be utilized by an ever increasing number of users, so does fraudulent and criminal activity via the Internet and email increase. The negative effects of cybercrime activities on the use of the Internet for e-business and secure communications increased interest in studying the factors that motivate these criminals, their tactics and what can be done to mitigate their activities. The research in the area of email analysis usually focuses on two areas, email traffic analysis and email content analysis, but very poor in the area of visual analytics of emails. The paper presents the software for visualizing suspicious email messages based on the information provided in the email header (rather than the content of the email). This IP mapping tool, called MIPA, uses a Google Map to display the geographic position and integrates InfoDB, WhoIS databases, and the Google Maps API. Thus, the proposed work can be helpful for identifying and investigating suspicious email messages and also assist the investigators to get the information in time to take effective actions to reduce the criminal activities.
Keywords :
IP networks; computer crime; data visualisation; electronic mail; Google Map; IP geolocation; IP mapping tool; InfoDB; MIPA; WhoIS database; criminal activity; e-mail content analysis; e-mail header; e-mail traffic analysis; fraudulent activity; geographic position; suspicious e-mail message visualization; suspicious e-mail messages; Computer crime; Electronic mail; Geology; IP networks; Internet; Protocols; Servers; Cybercrime Investigation; Email client; IP geolocation; Maps API;
Conference_Titel :
Telecommunications Forum (TELFOR), 2013 21st
Conference_Location :
Belgrade
Print_ISBN :
978-1-4799-1419-7
DOI :
10.1109/TELFOR.2013.6716371
