Extraction of Electronic Evidence from VoIP: Identification & Analysis of Digital Speech
David Irwin,Arek Dadej,Jill Slay +2 more
Reads0
Chats0
TLDR
This paper proposes a proof of concept how remnants of digitised human speech from a VoIP call may be identified within a forensic memory capture based on how the human voice is detected via a microphone and encoded to a digital format using the sound card of your personal computer.Abstract:
The Voice over Internet Protocol (VoIP) is increasing in popularity as a cost effective and efficient means of making telephone calls via the Internet. However, VoIP may also be an attractive method of communication to criminals as their true identity may be hidden and voice and video communications are encrypted as they are deployed across the Internet. This produces in a new set of challenges for forensic analysts compared with traditional wire-tapping of the Public Switched Telephone Network (PSTN) infrastructure, which is not applicable to VoIP. Therefore, other methods of recovering electronic evidence from VoIP are required. This research investigates the analysis and recovery of digitised human, which persists in computer memory after a VoIP call. This paper proposes a proof of concept how remnants of digitised human speech from a VoIP call may be identified within a forensic memory capture based on how the human voice is detected via a microphone and encoded to a digital format using the sound card of your personal computer. This digital format is unencrypted whist processed in Random Access Memory (RAM) before it is passed to the VoIP application for encryption and  transmission over the Internet. Similarly, an incoming encrypted VoIP call is decrypted by the VoIP application and passes through RAM unencrypted in order to be played via the speaker output. A series of controlled tests were undertaken whereby RAM captures were analysed for remnants of digital speech after a VoIP audio call with known conversation. The identification and analysis of digital speech from RAM attempts to construct an automatic process for the identification and subsequent reconstruction of the audio content of a VoIP call.read more
Citations
More filters
Journal ArticleDOI
Forensic analysis of Microsoft Skype for Business
TL;DR: The proposed methodology helps to retrieve information on chat and audio communications made by any account who accessed the PC, to retrieve IP addresses and communication routes for all the participants of a call, and to retrieve forensics evidence to identify the end-user devices of a VoIP call by analyzing the CODECs exchanged by the clients during the SIP (Session Initiation Protocol) handshaking phase.
Book ChapterDOI
Forensics Data Recovery of Skype Communication from Physical Memory
Ahmad Ghafarian,Charlie Wood +1 more
TL;DR: It is confirmed that volatile memory forensics is the most effective technique for retrieving forensics artifacts of instant messaging technology.
Challenges and Opportunities in Investigations of Online Sexual Exploitation of Children: Old Networks, Dark Web, and Proactive Response
TL;DR: In this paper, the authors reviewed the challenges for criminal investigations posed by online sexual offenses against minors, including determining how to police clear web networks for child sexual exploitation material (CSEM) and the possible shift of Internet users toward the Dark Web.
Journal ArticleDOI
An Empirical Study of Skype Data Retrieval from Physical Memory
TL;DR: Overall, it is confirmed that physical memory forensics is the most effective technique for retrieving forensics artifacts of instant messaging technology.
References
More filters
RTP: A Transport Protocol for Real-Time Applications
TL;DR: RTP provides end-to-end network transport functions suitable for applications transmitting real-time data over multicast or unicast network services and is augmented by a control protocol (RTCP) to allow monitoring of the data delivery in a manner scalable to large multicast networks.
Book ChapterDOI
SIP: Session Initiation Protocol
Jonathan Rosenberg,Henning Schulzrinne,G. Camarillo,Alan B. Johnston,J. Peterson,Robert Sparks,Mark Handley,Eve M. Schooler +7 more
TL;DR: Session Initiation Protocol (SIP) as discussed by the authors is an application layer control (signaling) protocol for creating, modifying, and terminating sessions with one or more participants, such as Internet telephone calls, multimedia distribution, and multimedia conferences.
User Datagram Protocol
TL;DR: UDP does not guarantee reliability or ordering in the way that TCP does, but its stateless nature is also useful for servers that answer small queries from huge numbers of clients.
Darpa Timit Acoustic-Phonetic Continuous Speech Corpus CD-ROM {TIMIT} | NIST
John S. Garofolo,Lori Lamel,W M. Fisher,Jonathan G. Fiscus,David S. Pallett,Nancy L. Dahlgren +5 more
Dataset
TIMIT Acoustic-Phonetic Continuous Speech Corpus
John S. Garofolo,Lori Lamel,William M. Fisher,Jonathan C. Fiscus,David S. Pallett,Nancy L. Dahlgren,Victor W. Zue +6 more
TL;DR: The TIMIT corpus as mentioned in this paper contains broadband recordings of 630 speakers of eight major dialects of American English, each reading ten phonetically rich sentences, including time-aligned orthographic, phonetic and word transcriptions as well as a 16-bit, 16kHz speech waveform file for each utterance.