A Game Theoretic Framework for E-Mail Detection and Forgery Analysis

In email forensic, the email detection and forgery conflict is an interdependent strategy selection process, and there exists complex dynamics between the detector and the forger, who have conflicting objectives and influence each other’s performance and decisions. This paper aims to study their dynamics from the perspective of game theory .We firstly analyze the email basic structure and header information, then discuss the email detection and forgery technologies. In this paper, we propose a Detection-Forgery Game (DFG) model and make a classification of players’ strategy with the Operation Complexity (OC). In the DFG model, we regard the interactions between the detector and the forger as a two-player, non-cooperative, nonzero-sum and finite strategic game, and formulate the Nash Equilibrium. The optimal detection and forgery strategies with minimizing cost and maximizing reward will be found by using the model. Finally, we perform empirical experiments to verify the effectiveness and feasibility of the model. Keywords—email detection; email forgery; game theoretic model; Nash Equilibrium; the optimal strategy