Resumen: Este trabajo tiene como objetivo presentar una herramienta para el análisis forense de correos electrónicos a partir de la cabecera de los mismos y la utiliza para instanciar una ontología definida para responder a los puntos de pericia solicitados sobre el correo electrónico. La herramienta consta de cuatro componentes que permiten la obtención de las cabeceras de los correos a peritar, la instanciación de la ontología con los datos obtenidos de las cabeceras y la obtención de respuestas a los puntos de pericia a partir de las preguntas de competencia definidas para la ontología. Se describe cada componente y se ejemplifica el uso de la herramienta mediante un caso de estudio sobre análisis forense de un correo electrónico.
Palabras-clave:Ontología; cabecera de correo; forensia digital.
Abstract:The purpose of this work is to present a tool for the forensic analysis of emails from their headers. The tool is used to generate a defined ontology, in order to respond to the points of expertise requested about the email. It consists of four components which allow us to obtain the headers of the mails to be analyzed, to generate the ontology with the data acquired from those headers, and to give an answer to the points of expertise produced by the competency questions defined for the ontology. Each component is described and the use of the tool is exemplified through a case study on forensic analysis of an email.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.