U.S. flag

An official website of the United States government, Department of Justice.

Dot gov

The .gov means it’s official.
Federal government websites always use a .gov or .mil domain. Before sharing sensitive information online, make sure you’re on a .gov or .mil site by inspecting your browser’s address (or “location”) bar.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

E-Crime Investigative Technologies

Award Information

Award #
2006-DN-BX-K007
Location
Congressional District
Status
Closed
Funding First Awarded
2006
Total funding (to date)
$449,940

Description of original award (Fiscal Year 2006, $299,940)

Forensic science is the application of established scientific techniques to the identification, collection, and examination of evidence from crime scenes, the interpretation of laboratory findings, and the presentation of findings in judicial proceedings. The DNA silo project seeks to provide a forensic tool that enables the computer forensic examiner to break the password on a password-protected file allowing them to examine that file. The UnMask project seeks to provide a forensic tool that allows the computer forensic examiner to examine a spoofed email and to determine where it originated.

Florida State University will continue work on various Electronic Crime Investigative Technologies, including, but not limited to, Predator and Prey Alert System, Distributed Network Attack for Large Scale Code Breaking, and UnMask.

nca/ncf

The goal of the UnMask project is to support investigators in investigating email crimes such as phishing attacks and threats. UnMask supports the uploading of suspect email through a secure web interface, the automatic analysis of the email and addition of related Internet information into a database, and the generation of custom reports from the populated database. UnMask Version 2.0 will be deployed this year with feedback expected from analysts and investigators. Continued funding will allow ECIT to complete an UnMask Version 3.0 that would be available for general use by investigators. For the continuation project ECIT would (1) incorporate feedback received from the deployed system and also add new capabilities into Version 3.0 such as: email attachment analysis, origin of email analysis and a user-friendly query system; (2) extend the UnMask architecture to a web services architecture to increase the flexibility and usability of the system, (3) explore developing UnMask as an online system and its use as a spam filter. These new features and functionalities will make UnMask a comprehensive and extensible email investigation system. The availability of the feature-rich UnMask Version 3.0 system should provide law enforcement with a sophisticated toolkit that is easy to use and deploy, secure, and powerful enough to serve as the focal point for email investigations. This project contributes to the reduction of crime laboratory computer evidence backlog principally through automation of the forensic process as it relates to email based crimes.

ca/ncf

Date Created: September 12, 2006