Research of an E-mail forensic and analysis system based on visualization

Nowadays, E-mail communication has been abused for numerous illegitimate purposes such as E-mail spamming, terrorist attack, business fraud, etc. As a result, to analysis the rich personal information hidden in E-mail is significant for investigation and evidence collection. In this paper, an investigation and analysis system aiming to Email was presented, which supports a variety of data sources including the preserved Email client data files, databases as well as text files. The system firstly parses related data files, preprocess the data, and then, a key word search technique based on KMP algorithm was adopted to classify the E-mail collections into different categories. Afterwards, an association frequency mining based on statistics will be performed to discover the association features behind email accounts. To make the forensic results more readable, we will associate the E-mail accounts with personnel information table in reality. The final forensic results will be visualized using related layout techniques to make the information more illustrative and understandable.