Forensic analysis of Microsoft Skype for Business

Abstract

We present three case studies to illustrate a methodology for conducting forensics investigation on Microsoft Skype for Business. The proposed methodology helps to retrieve information on chat and audio communications made by any account who accessed the PC, to retrieve IP addresses and communication routes for all the participants of a call, and to retrieve forensics evidence to identify the end-user devices of a VoIP call by analyzing the CODECs exchanged by the clients during the SIP (Session Initiation Protocol) handshaking phase. This information may help the investigator either to corroborate or to contradict an investigative hypothesis.

Anno

2019

Autori IAC

MASSIMO BERNASCHI

Tipo pubblicazione

Articolo in rivista

Altri Autori

Nicoletti M.; Bernaschi M.

DOI

https://dx.doi.org/10.1016/j.diin.2019.03.012

Editore

Elsevier,

Rivista

Digital investigation

Direttore: Dott. Roberto Natalini

Canali social:

Comitato editoriale e webmaster

Copyright © CNR IAC 2022. Tutti i diritti sono riservati
Partita IVA 02118311006 - Codice Fiscale 80054330586
L'IAC è soggetto allo split payment. Posta Elettronica Certificata protocollo.iac@pec.cnr.it