A Structured Framework for Email Forensic Investigations
No Thumbnail Available
Date
2025
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Addis Ababa University
Abstract
Email forensics investigations become vital regarding legal, cybersecurity, and corporate
challenges. However, most of the existing frameworks are suffering from inefficiency problems,
data integrity, and handling such diverse data sources with complexity, considering encrypted
emails and metadata. This thesis applied the Design Science Methodology to develop a structured
framework that enhanced efficiency and effectiveness in email forensic investigations. These
specifically deal with data quality, diversity in data management, and integrity of evidence.
Among others, one key component is case management, which systemizes and keeps track of the
investigation from the very outset to the last step in an appropriate manner and ensures each step
is conducted methodically. The framework comprises key phases: case management, governance,
identification, preservation, classification, analysis, presentation and compliance that address
critical challenges such as ensuring data quality, managing diverse data sources, and maintaining
evidence integrity. Case management forms the core part of the proposed framework for
organizing, tracking the investigation process from start to finish in order ensuring that evidence
is handled properly, and all phases are executed in a systematic manner. It integrates open-source
tools, case studies of different varieties, and best practices to be relevant to different real-world
scenarios. The effectiveness of the artifact can also be demonstrated in practical application,
performance being measured in terms of speed of investigation, data quality, accuracy, and user
satisfaction, among other metrics. This research underscores that the suggested framework
decreases the time of investigation, reduces the rate of errors, increases the quality of data
management, and guarantees the effective access of various data sources. This thesis contributes
on both practical and theoretical levels, guiding practitioners and researchers comprehensively in
the area of digital forensics to bring current email forensic investigations into a more efficient,
accountable, and adaptable condition.
Description
Keywords
Email, Email Related Crimes, E-mail Forensic Investigation, Email Investigation Framework