loading
Papers

Research.Publish.Connect.

Paper

Authors: Diogo Barradas ; Tiago Brito ; David Duarte ; Nuno Santos and Luís Rodrigues

Affiliation: INESC-ID, Instituto Superior Técnico and Universidade de Lisboa, Portugal

ISBN: 978-989-758-259-2

Keyword(s): Digital Forensics, Instant-messaging, Memory Forensics, Web-applications.

Related Ontology Subjects/Areas/Topics: Digital Forensics ; Information and Systems Security

Abstract: Inspection of physical memory allows digital investigators to retrieve evidence otherwise inaccessible when analyzing other storage media. In this paper, we analyze in-memory communication records produced by web-based instant messaging and email applications. Our results show that, in spite of the heterogeneity of data formats specific to each application, communication records can be represented in a common application-independent format. This format can then be used as a common representation to allow for general analysis of digital artifacts across various applications, even when executed in different browsers. Then, we introduce RAMAS, an extensible forensic tool which aims to ease the process of analyzing communication records left behind in physical memory by instant-messaging and email web clients.

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.210.22.132

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Barradas, D.; Brito, T.; Duarte, D.; Santos, N. and Rodrigues, L. (2017). Forensic Analysis of Communication Records of Web-based Messaging Applications from Physical Memory.In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 6: SECRYPT, (ICETE 2017) ISBN 978-989-758-259-2, pages 43-54. DOI: 10.5220/0006396100430054

@conference{secrypt17,
author={Diogo Barradas. and Tiago Brito. and David Duarte. and Nuno Santos. and Luís Rodrigues.},
title={Forensic Analysis of Communication Records of Web-based Messaging Applications from Physical Memory},
booktitle={Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 6: SECRYPT, (ICETE 2017)},
year={2017},
pages={43-54},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006396100430054},
isbn={978-989-758-259-2},
}

TY - CONF

JO - Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 6: SECRYPT, (ICETE 2017)
TI - Forensic Analysis of Communication Records of Web-based Messaging Applications from Physical Memory
SN - 978-989-758-259-2
AU - Barradas, D.
AU - Brito, T.
AU - Duarte, D.
AU - Santos, N.
AU - Rodrigues, L.
PY - 2017
SP - 43
EP - 54
DO - 10.5220/0006396100430054

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.