Repository logo
 

Forensic Investigation for Instant Messenger: Evidence Extraction Tools and Techniques

Files

Whole thesis(9.75 MB)

Date

2012

Authors

Supervisor

Cusack, Brian

Item type

Thesis

Degree name

Master of Forensic Information Technology

Journal Title

Journal ISSN

Volume Title

Publisher

Auckland University of Technology

Abstract

Currently instant messaging is one of the most popular ways for people to interact with each other’s over the cyber space. Due to its popularity, user-friendliness, rich functionality and the ability to conceal identity of the user, instant messenger is often found to be used as a communication tool to conduct sinister and illegal activity. Law enforcement agency may find traces of illegal activity by extracting information hidden beneath instant messenger. However collecting digital evidence from instant messenger can present some challenges. Existing forensic guides such as the forensic handbooks published by United State Department of Justice does not offer a comprehensive solution and procedure to counter the increasing problems arise from instant messaging investigation. Without the proper tools and technique, information stored in the instant messenger might not be thoroughly extracted, integrity of the digital evidence can be affected and in worse scenario, evidence might be lost. In order to efficiently collect digital evidence from instant messenger, my research has reviewed techniques and forensic tools designed by different developers that featured to extract information from instant messenger. After careful consideration based on several criteria, Evidence Center Pro developed by Belkasoft was selected to perform further simulation to extract information from Window Live Messenger 2011. My approach has been implemented and comprehensively tested. The result illustrated that the approach presented in my thesis are able to extract information from instant messenger in a more efficient manner in compare to the traditional approaches.

Description

Keywords

Messenger, Forensic, Instant, Messanger, Investigation, Evidence, Extraction, Technique, Techniques, Tools, Tool, MFIT

Source

DOI

Publisher's version

Rights statement

Permanent link

https://hdl.handle.net/10292/4571

Collections

Masters Theses