Authors: Maryam Shahpasand; Ramlan Mahmod; Nur Izura Udzir
Addresses: Asia Pacific University of Technology and Innovation (APU), Technology Park Malaysia, Bukit Jalil, Kuala Lumpur 57000, Malaysia ' Faculty of Computer Science and Information Technology (FSKTM), University Putra Malaysia (UPM), Jalan Upm, 43400 Serdang, Selangor, Malaysia ' Faculty of Computer Science and Information Technology (FSKTM), University Putra Malaysia (UPM), Jalan Upm, 43400 Serdang, Selangor, Malaysia
Abstract: The tremendous growth of internet-of-things integrated with VoIP applications gives a serious challenge to digital forensic researchers. This integration gives more challenges in investigation process because there are various types of VoIP application with different design and implementation features. There are diverse VoIP applications used by criminals that caused difficulties in the identification, acquisition and preservation of evidential data. This paper used Skype to determine the data remnants on Windows 7 and Windows 8.1 when users run Skype functions including installing and uninstalling, instant messaging, voice and video call, video messaging, sending and receiving files, screen sharing and taking pictures. The link where the victim and suspect may have been in contact on Skype is provable by the proposed methods. It is found that potential evidences can be found in capturing memory, capturing network traffic, user application data and the data remnants available in user's device.
Keywords: voice over IP; digital forensics; VoIP application; Skype; application investigation; internet of thing; IoT.
International Journal of Internet Technology and Secured Transactions, 2018 Vol.8 No.3, pp.412 - 432
Available online: 20 Jul 2018 *Full-text access for editors Access for subscribers Purchase this article Comment on this article