کد مقاله کد نشریه سال انتشار مقاله انگلیسی نسخه تمام متن
456407 695712 2013 13 صفحه PDF دانلود رایگان
عنوان انگلیسی مقاله ISI
DigLA – A Digsby log analysis tool to identify forensic artifacts
موضوعات مرتبط
مهندسی و علوم پایه مهندسی کامپیوتر شبکه های کامپیوتری و ارتباطات
پیش نمایش صفحه اول مقاله
DigLA – A Digsby log analysis tool to identify forensic artifacts
چکیده انگلیسی

Since the inception of Web 2.0, instant messaging, e-mailing, and social networking have emerged as cheap and efficient means of communication over the Web. As a result, a number of communication platforms like Digsby have been developed by various research groups to facilitate access to multiple e-mail, instant messaging, and social networking sites using a single credential. Although such platforms are advantageous for end-users, they present new challenges to digital forensic examiners because of their illegitimate use by anti-social elements. To identify digital artifacts from Digsby log data, an examiner is assumed to have knowledge of the whereabouts of Digsby traces before starting an investigation process. This paper proposes a design for a user-friendly GUI-based forensic tool, DigLA, which provides a unified platform for analyzing Digsby log data at different levels of granularity. DigLA is also equipped with password decryption methods for both machine-specific and portable installation versions of Digsby. By considering Windows registry and Digsby log files as dynamic sources of evidence, specifically when Digsby has been used to commit a cyber crime, this paper presents a systematic approach to analyzing Digsby log data. It also presents an approach to analyzing RAM and swap files to collect relevant traces, specifically the login credentials of Digsby and IM users. An expected insider attack from a server security perspective is also studied and discussed in this paper.

ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Digital Investigation - Volume 9, Issues 3–4, February 2013, Pages 222–234
نویسندگان
, ,