We present three case studies to illustrate a methodology for conducting forensics investigation on Microsoft Skype for Business. The proposed methodology helps to retrieve information on chat and audio communications made by any account who accessed the PC, to retrieve IP addresses and communication routes for all the participants of a call, and to retrieve forensics evidence to identify the end-user devices of a VoIP call by analyzing the CODECs exchanged by the clients during the SIP (Session Initiation Protocol) handshaking phase. This information may help the investigator either to corroborate or to contradict an investigative hypothesis.
Forensic analysis of Microsoft Skype for Business
Bernaschi M
2019
Abstract
We present three case studies to illustrate a methodology for conducting forensics investigation on Microsoft Skype for Business. The proposed methodology helps to retrieve information on chat and audio communications made by any account who accessed the PC, to retrieve IP addresses and communication routes for all the participants of a call, and to retrieve forensics evidence to identify the end-user devices of a VoIP call by analyzing the CODECs exchanged by the clients during the SIP (Session Initiation Protocol) handshaking phase. This information may help the investigator either to corroborate or to contradict an investigative hypothesis.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
