OntoFoCE and ObE Forensics. Email-traceability Supporting Tools for Digital Forensics

This paper shows the research conducted to respond to a continuous requirement of justice regarding the application of scientifically supported forensic tools. Considering ontological engineering as the appropriate framework to respond to this requirement, the article presents OntoFoCE (Spanish abbreviation for Ontology for Electronic Mail Forensics), a specific ontology for the forensic analysis of emails. The purpose of this ontology is to help the computer expert in the validation of an email presented as judicial evidence. OntoFoCE is the fundamental component of the ObE Forensics (Ontology-based Email Forensics) tool. Although there are numerous forensic tools to analyze emails, the originality of the one proposed here lies in the implementation of semantic technologies to represent the traceability of the email transmission process. From that point on, it is possible to provide answers to the items of digital evidence subject to the expert examination. These answers make it possible to support these evidence items in the forensic analysis of an email and to guarantee the gathering of scientifically and technically accepted results that are valid for justice. Thus, the research question that is tried to be answered is: Is it possible to apply ontological engineering as a scientific support to design and develop a forensic tool that allows automatic answers to the evidence items subject to the expert examination in the forensic analysis of emails?