Create a 5 pages page paper that discusses digital forensic: skype.
Create a 5 pages page paper that discusses digital forensic: skype. So, digital forensic has become very essential and in fact a part of the overall security perspective of any computer-based industry, in spite of various challenges associated with the digital forensic investigation process. The increased use of Skype is resulting in an increased number of cybercrimes as the users take advantage of the anonymity associated with its use. But with the aid of apt digital forensic tools, valuable evidence can be retrieved and it can reveal the defendant’s activities.
The artifacts collected from a Skype conversation can be analyzed with the help of several investigation tools like ‘Skype chat carver’, ‘Belkasoft Evidence Center’, ‘Chat Examiner’, ‘Epilog’, ‘Forensic Assistant’, ‘Internet Evidence Finder’, ‘Skype Extractor’, ‘SkypeAlyzer’, ‘SkypeLogview’, and others (Mikhaylov 2013). It is very important to know where and how to recover the evidence like calls, messages, contacts, file transfers, and voicemails from a user’s accounts in order to utilize the above-mentioned tools in the forensic analysis process. The steps stated below will help in the evidence recovery process.
There are four users who use the Skype application in this example. The file named ‘shared’ is an XML file that contains the main configuration information like time of usage, IP address, and other useful information. Exploring the ‘shared’ file one can retrieve the Unix style time stamp information (Shaw 2014). Here comes the first challenge. This Unix style timestamp information is displayed in a coded format as a string of numbers, which has to be converted to a readable format. So, an investigator has to rely on online Unix time conversion tools to convert the string of numbers to an understandable time format. After completion of the conversion process, the Skype conversation time can be discovered. This process is explained with the help of the screenshot shown below.
The Hexadecimal value D5C7B3AD9C51 in the above screenshot indicates the IP address. The next challenge is to convert this Hexadecimal value to decimal in order to retrieve the IP address in an understandable format.