EXTRACTION OF ELECTRONIC EVIDENCE FROM VoIP: IDENTIFICATION & ANALYSIS OF DIGITAL SPEECH
Guardado en:
| Publicado en: | The Journal of Digital Forensics, Security and Law : JDFSL vol. 7, no. 3 (2012), p. 55-82 |
|---|---|
| Autor principal: | |
| Otros Autores: | , |
| Publicado: |
Association of Digital Forensics, Security and Law
|
| Materias: | |
| Acceso en línea: | Citation/Abstract Full Text Full Text - PDF |
| Etiquetas: |
Sin Etiquetas, Sea el primero en etiquetar este registro!
|
MARC
| LEADER | 00000nab a2200000uu 4500 | ||
|---|---|---|---|
| 001 | 1346358876 | ||
| 003 | UK-CbPIL | ||
| 022 | |a 1558-7215 | ||
| 022 | |a 1558-7223 | ||
| 035 | |a 1346358876 | ||
| 045 | 2 | |b d20120701 |b d20120930 | |
| 084 | |a 114516 |2 nlm | ||
| 100 | 1 | |a Irwin, David | |
| 245 | 1 | |a EXTRACTION OF ELECTRONIC EVIDENCE FROM VoIP: IDENTIFICATION & ANALYSIS OF DIGITAL SPEECH | |
| 260 | |b Association of Digital Forensics, Security and Law |c 2012 | ||
| 513 | |a Feature | ||
| 520 | 3 | |a The Voice over Internet Protocol (VoIP) is increasing in popularity as a cost effective and efficient means of making telephone calls via the Internet. However, VoIP may also be an attractive method of communication to criminals as their true identity may be hidden and voice and video communications are encrypted as they are deployed across the Internet. This produces a new set of challenges for forensic analysts compared with traditional wire-tapping of the Public Switched Telephone Network (PSTN) infrastructure, which is not applicable to VoIP. Therefore, other methods of recovering electronic evidence from VoIP are required. This research investigates the analysis and recovery of digitised human voice, which persists in computer memory after a VoIP call. This paper outlines the ongoing development of a software tool, the purpose of which, determines how remnants of digitised human speech from a VoIP call may be identified within a forensic memory capture based on how the human voice is detected via a microphone and encoded to a digital format using the sound card of a personal computer. This digital format is unencrypted whist stored in Random Access Memory (RAM) before it is passed to the VoIP application for encryption and transmission over the Internet. Similarly, an incoming encrypted VoIP call is decrypted by the VoIP application and passes through RAM unencrypted in order to be played via the speaker output. A series of controlled tests were undertaken whereby RAM captures were analysed for remnants of digital audio after a VoIP audio call with known conversation. The identification and analysis of digital audio from RAM attempts to construct an automatic process for the identification and subsequent reconstruction of the audio content of a VoIP call. This research focuses on the analysis of RAM captures acquired using XWays Forensics software. This research topic, guided by a Law Enforcement Agency, uses X-Ways Forensics to simulate a RAM capture which is achieved covertly on a target machine without the user's knowledge, via the Internet, during or after a VoIP call has taken place. The authors assume no knowledge of the technique implemented to recover the covert RAM capture and are asked to base their analysis on a memory capture supplied in the format of a file with a '.txt' extension. The methods of analysis described herein are independent of the acquisition method applied to RAM capture. The goal of this research is to develop automated software that may be applied to a RAM capture to identify fragments of audio persisting in RAM after a VoIP call has been terminated, using time domain and signal processing technique, frequency domain analysis. Once individual segments of audio have been identified, the feasibility of reproducing audio from a VoIP call may be determined. [PUBLICATION ABSTRACT] | |
| 653 | |a Internet telephony | ||
| 653 | |a Signal processing | ||
| 653 | |a Computer forensics | ||
| 653 | |a Studies | ||
| 653 | |a Digital broadcasting | ||
| 653 | |a Research | ||
| 653 | |a Software | ||
| 653 | |a Algorithms | ||
| 653 | |a Speech | ||
| 653 | |a Forensic sciences | ||
| 653 | |a Protocol | ||
| 653 | |a Personal computers | ||
| 653 | |a Criminal investigations | ||
| 653 | |a Public switched telephone network | ||
| 653 | |a Methods | ||
| 653 | |a Analysis | ||
| 653 | |a Fragments | ||
| 653 | |a Conversation | ||
| 653 | |a Evidence | ||
| 653 | |a Agency law | ||
| 653 | |a Internet | ||
| 653 | |a Automatic processes | ||
| 653 | |a Law enforcement | ||
| 653 | |a Popularity | ||
| 653 | |a Infrastructure | ||
| 653 | |a Humans | ||
| 653 | |a Cost analysis | ||
| 653 | |a Feasibility | ||
| 653 | |a Computer mediated communication | ||
| 653 | |a Telephone calls | ||
| 653 | |a Covert | ||
| 653 | |a Memory | ||
| 653 | |a Cryptography | ||
| 653 | |a Offenders | ||
| 653 | |a Telecommunications | ||
| 653 | |a Extraction | ||
| 653 | |a Forensic science | ||
| 653 | |a Identification | ||
| 653 | |a Telephones | ||
| 653 | |a Data encryption | ||
| 653 | |a Speeches | ||
| 653 | |a Video recordings | ||
| 653 | |a Communication | ||
| 700 | 1 | |a Dadej, Arek | |
| 700 | 1 | |a Slay, Jill | |
| 773 | 0 | |t The Journal of Digital Forensics, Security and Law : JDFSL |g vol. 7, no. 3 (2012), p. 55-82 | |
| 786 | 0 | |d ProQuest |t Criminal Justice Database | |
| 856 | 4 | 1 | |3 Citation/Abstract |u https://www.proquest.com/docview/1346358876/abstract/embedded/H09TXR3UUZB2ISDL?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text |u https://www.proquest.com/docview/1346358876/fulltext/embedded/H09TXR3UUZB2ISDL?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text - PDF |u https://www.proquest.com/docview/1346358876/fulltextPDF/embedded/H09TXR3UUZB2ISDL?source=fedsrch |