Forensic framework for skype communication

M. Mohemmed Sha; T. Manesh; Saied M. Abd El-Atty

doi:10.1007/978-3-319-23258-4_18

Forensic framework for skype communication

M. Mohemmed Sha, T. Manesh, Saied M. Abd El-Atty

Software Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Scopus citations

Abstract

Skype is a secure internet telephonic application which establishes connection between its clients through a peer-to-peer architecture. The connection between Skype client to its server and other clients uses an encrypted channel that uses Transport layer Security (TLS) protocol. At the same time, connection between Skype client and Public Switch telephone Network (PSTN) gateway is accomplished through unencrypted digital channel using Voice over Internet Protocol (VoIP). The encrypted channels in the Skype communication make forensic analysis frameworks to work badly in decrypting the traffic and procuring critical forensic details of the network stream against intruders and cyber criminals. Furthermore, policy violations and unbound usage of Skype VoIP communication over PSTN users waste the network bandwidth. Here we propose a sophisticated Skype forensic framework that collects forensic information by decrypting the Skype client-server communication along with recreating voice content in the Skype to PSTN VoIP communication. We also propose an efficient packet reconstruction algorithm powered by time stamping technique for regenerating malicious content from payloads of the Skype network stream followed by supporting prosecution of policy violators and cyber criminals in the court of law.

Original language	English
Title of host publication	Intelligent Systems Technologies and Applications
Editors	Stefano Berretti, Soura Dasgupta, Sabu M. Thampi
Publisher	Springer Verlag
Pages	197-211
Number of pages	15
ISBN (Print)	9783319232577
DOIs	https://doi.org/10.1007/978-3-319-23258-4_18
State	Published - 2016
Event	International Symposium on Intelligent Systems Technologies and Applications, ISTA 2015 co-located with 4th International Conference on Advances in Computing, Communications and Informatics, ICACCI 2015 - Kochi, India Duration: 10 Aug 2015 → 13 Aug 2015

Publication series

Name	Advances in Intelligent Systems and Computing
Volume	385
ISSN (Print)	2194-5357

Conference

Conference	International Symposium on Intelligent Systems Technologies and Applications, ISTA 2015 co-located with 4th International Conference on Advances in Computing, Communications and Informatics, ICACCI 2015
Country/Territory	India
City	Kochi
Period	10/08/15 → 13/08/15

Keywords

Packet reordering
Pcap file
Skype forensic analysis
Skype VoIP
TLS

Access to Document

10.1007/978-3-319-23258-4_18

Cite this

@inproceedings{266adf80054d411bb4800a6463ae79dd,

title = "Forensic framework for skype communication",

abstract = "Skype is a secure internet telephonic application which establishes connection between its clients through a peer-to-peer architecture. The connection between Skype client to its server and other clients uses an encrypted channel that uses Transport layer Security (TLS) protocol. At the same time, connection between Skype client and Public Switch telephone Network (PSTN) gateway is accomplished through unencrypted digital channel using Voice over Internet Protocol (VoIP). The encrypted channels in the Skype communication make forensic analysis frameworks to work badly in decrypting the traffic and procuring critical forensic details of the network stream against intruders and cyber criminals. Furthermore, policy violations and unbound usage of Skype VoIP communication over PSTN users waste the network bandwidth. Here we propose a sophisticated Skype forensic framework that collects forensic information by decrypting the Skype client-server communication along with recreating voice content in the Skype to PSTN VoIP communication. We also propose an efficient packet reconstruction algorithm powered by time stamping technique for regenerating malicious content from payloads of the Skype network stream followed by supporting prosecution of policy violators and cyber criminals in the court of law.",

keywords = "Packet reordering, Pcap file, Skype forensic analysis, Skype VoIP, TLS",

author = "\{Mohemmed Sha\}, M. and T. Manesh and \{Abd El-Atty\}, \{Saied M.\}",

note = "Publisher Copyright: {\textcopyright} Springer International Publishing Switzerland 2016.; International Symposium on Intelligent Systems Technologies and Applications, ISTA 2015 co-located with 4th International Conference on Advances in Computing, Communications and Informatics, ICACCI 2015 ; Conference date: 10-08-2015 Through 13-08-2015",

year = "2016",

doi = "10.1007/978-3-319-23258-4\_18",

language = "English",

isbn = "9783319232577",

series = "Advances in Intelligent Systems and Computing",

publisher = "Springer Verlag",

pages = "197--211",

editor = "Stefano Berretti and Soura Dasgupta and Thampi, \{Sabu M.\}",

booktitle = "Intelligent Systems Technologies and Applications",

address = "Germany",

}

Mohemmed Sha, M, Manesh, T & Abd El-Atty, SM 2016, Forensic framework for skype communication. in S Berretti, S Dasgupta & SM Thampi (eds), Intelligent Systems Technologies and Applications. Advances in Intelligent Systems and Computing, vol. 385, Springer Verlag, pp. 197-211, International Symposium on Intelligent Systems Technologies and Applications, ISTA 2015 co-located with 4th International Conference on Advances in Computing, Communications and Informatics, ICACCI 2015, Kochi, India, 10/08/15. https://doi.org/10.1007/978-3-319-23258-4_18

Forensic framework for skype communication. / Mohemmed Sha, M.; Manesh, T.; Abd El-Atty, Saied M.
Intelligent Systems Technologies and Applications. ed. / Stefano Berretti; Soura Dasgupta; Sabu M. Thampi. Springer Verlag, 2016. p. 197-211 (Advances in Intelligent Systems and Computing; Vol. 385).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Forensic framework for skype communication

AU - Mohemmed Sha, M.

AU - Manesh, T.

AU - Abd El-Atty, Saied M.

N1 - Publisher Copyright: © Springer International Publishing Switzerland 2016.

PY - 2016

Y1 - 2016

N2 - Skype is a secure internet telephonic application which establishes connection between its clients through a peer-to-peer architecture. The connection between Skype client to its server and other clients uses an encrypted channel that uses Transport layer Security (TLS) protocol. At the same time, connection between Skype client and Public Switch telephone Network (PSTN) gateway is accomplished through unencrypted digital channel using Voice over Internet Protocol (VoIP). The encrypted channels in the Skype communication make forensic analysis frameworks to work badly in decrypting the traffic and procuring critical forensic details of the network stream against intruders and cyber criminals. Furthermore, policy violations and unbound usage of Skype VoIP communication over PSTN users waste the network bandwidth. Here we propose a sophisticated Skype forensic framework that collects forensic information by decrypting the Skype client-server communication along with recreating voice content in the Skype to PSTN VoIP communication. We also propose an efficient packet reconstruction algorithm powered by time stamping technique for regenerating malicious content from payloads of the Skype network stream followed by supporting prosecution of policy violators and cyber criminals in the court of law.

AB - Skype is a secure internet telephonic application which establishes connection between its clients through a peer-to-peer architecture. The connection between Skype client to its server and other clients uses an encrypted channel that uses Transport layer Security (TLS) protocol. At the same time, connection between Skype client and Public Switch telephone Network (PSTN) gateway is accomplished through unencrypted digital channel using Voice over Internet Protocol (VoIP). The encrypted channels in the Skype communication make forensic analysis frameworks to work badly in decrypting the traffic and procuring critical forensic details of the network stream against intruders and cyber criminals. Furthermore, policy violations and unbound usage of Skype VoIP communication over PSTN users waste the network bandwidth. Here we propose a sophisticated Skype forensic framework that collects forensic information by decrypting the Skype client-server communication along with recreating voice content in the Skype to PSTN VoIP communication. We also propose an efficient packet reconstruction algorithm powered by time stamping technique for regenerating malicious content from payloads of the Skype network stream followed by supporting prosecution of policy violators and cyber criminals in the court of law.

KW - Packet reordering

KW - Pcap file

KW - Skype forensic analysis

KW - Skype VoIP

KW - TLS

UR - http://www.scopus.com/inward/record.url?scp=84985001773&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-23258-4_18

DO - 10.1007/978-3-319-23258-4_18

M3 - Conference contribution

AN - SCOPUS:84985001773

SN - 9783319232577

T3 - Advances in Intelligent Systems and Computing

SP - 197

EP - 211

BT - Intelligent Systems Technologies and Applications

A2 - Berretti, Stefano

A2 - Dasgupta, Soura

A2 - Thampi, Sabu M.

PB - Springer Verlag

T2 - International Symposium on Intelligent Systems Technologies and Applications, ISTA 2015 co-located with 4th International Conference on Advances in Computing, Communications and Informatics, ICACCI 2015

Y2 - 10 August 2015 through 13 August 2015

ER -

Forensic framework for skype communication

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this