Description of original award (Fiscal Year 2005, $341,024)
To address the problem of spam, phishing, identity theft, and blended threats, the research team at FSU/FCI is seeking research funding to design and develop an automated validator'the undercover Multipurpose Anti-Spoofing Kit (unMASK)'that will enable law enforcement agents to reduce the time and effort needed to investigate incidents of spoofing. Using email (the main vector) to drive users to forged/bogus websites, spoofing exploits trick users into revealing sensitive/personal data (e.g., passwords, social security numbers and credit cards numbers). Once these data are (illegally) captured, they are then used to commit a number of more serious cybercrimes, viz., fraud, denial of service attacks, and hacking (unauthorized access and theft of services). The aim of the proposed research is create a user-friendly (tool) kit for parsing email headers and source code to produce an actionable evidentiary trail that law enforcement agents can use to develop viable leads for the cases they are investigating. Once the filename or URL is typed in unMASK will generate an easy to read/interpret report that provides details about the email's trajectory, a summary of the content, factual vs. forged IP addresses, pointers, linkages, discrepancies, etc.