Forensic investigation of Cisco WebEx desktop client, web, and Android smartphone applications

Digital forensic analysis of videoconferencing applications has received considerable attention recently, owing to the wider adoption and diffusion of such applications following the recent COVID-19 pandemic. In this contribution, we present a detailed forensic analysis of Cisco WebEx which is among...

Descripción completa

Detalles Bibliográficos
Autores principales: Khalid, Zainab, Iqbal, Farkhund, Kamoun, Faouzi, Khan, Liaqat Ali, Shah, Babar
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Springer International Publishing 2022
Materias:
Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9371966/
https://www.ncbi.nlm.nih.gov/pubmed/35975177
http://dx.doi.org/10.1007/s12243-022-00919-6
_version_ 1784767277733773312
author Khalid, Zainab
Iqbal, Farkhund
Kamoun, Faouzi
Khan, Liaqat Ali
Shah, Babar
author_facet Khalid, Zainab
Iqbal, Farkhund
Kamoun, Faouzi
Khan, Liaqat Ali
Shah, Babar
author_sort Khalid, Zainab
collection PubMed
description Digital forensic analysis of videoconferencing applications has received considerable attention recently, owing to the wider adoption and diffusion of such applications following the recent COVID-19 pandemic. In this contribution, we present a detailed forensic analysis of Cisco WebEx which is among the top three videoconferencing applications available today. More precisely, we present the results of the forensic investigation of Cisco WebEx desktop client, web, and Android smartphone applications. We focus on three digital forensic areas, namely memory, disk space, and network forensics. From the extracted artifacts, it is evident that valuable user data can be retrieved from different data localities. These include user credentials, emails, user IDs, profile photos, chat messages, shared media, meeting information including meeting passwords, contacts, Advanced Encryption Standard (AES) keys, keyword searches, timestamps, and call logs. We develop a memory parsing tool for Cisco WebEx based on the extracted artifacts. Additionally, we identify anti-forensic artifacts such as deleted chat messages. Although network communications are encrypted, we successfully retrieve useful artifacts such as IPs of server domains and host devices along with message/event timestamps.
format Online
Article
Text
id pubmed-9371966
institution National Center for Biotechnology Information
language English
publishDate 2022
publisher Springer International Publishing
record_format MEDLINE/PubMed
spelling pubmed-93719662022-08-12 Forensic investigation of Cisco WebEx desktop client, web, and Android smartphone applications Khalid, Zainab Iqbal, Farkhund Kamoun, Faouzi Khan, Liaqat Ali Shah, Babar Ann Telecommun Article Digital forensic analysis of videoconferencing applications has received considerable attention recently, owing to the wider adoption and diffusion of such applications following the recent COVID-19 pandemic. In this contribution, we present a detailed forensic analysis of Cisco WebEx which is among the top three videoconferencing applications available today. More precisely, we present the results of the forensic investigation of Cisco WebEx desktop client, web, and Android smartphone applications. We focus on three digital forensic areas, namely memory, disk space, and network forensics. From the extracted artifacts, it is evident that valuable user data can be retrieved from different data localities. These include user credentials, emails, user IDs, profile photos, chat messages, shared media, meeting information including meeting passwords, contacts, Advanced Encryption Standard (AES) keys, keyword searches, timestamps, and call logs. We develop a memory parsing tool for Cisco WebEx based on the extracted artifacts. Additionally, we identify anti-forensic artifacts such as deleted chat messages. Although network communications are encrypted, we successfully retrieve useful artifacts such as IPs of server domains and host devices along with message/event timestamps. Springer International Publishing 2022-08-12 2023 /pmc/articles/PMC9371966/ /pubmed/35975177 http://dx.doi.org/10.1007/s12243-022-00919-6 Text en © Institut Mines-Télécom and Springer Nature Switzerland AG 2022 This article is made available via the PMC Open Access Subset for unrestricted research re-use and secondary analysis in any form or by any means with acknowledgement of the original source. These permissions are granted for the duration of the World Health Organization (WHO) declaration of COVID-19 as a global pandemic.
spellingShingle Article
Khalid, Zainab
Iqbal, Farkhund
Kamoun, Faouzi
Khan, Liaqat Ali
Shah, Babar
Forensic investigation of Cisco WebEx desktop client, web, and Android smartphone applications
title Forensic investigation of Cisco WebEx desktop client, web, and Android smartphone applications
title_full Forensic investigation of Cisco WebEx desktop client, web, and Android smartphone applications
title_fullStr Forensic investigation of Cisco WebEx desktop client, web, and Android smartphone applications
title_full_unstemmed Forensic investigation of Cisco WebEx desktop client, web, and Android smartphone applications
title_short Forensic investigation of Cisco WebEx desktop client, web, and Android smartphone applications
title_sort forensic investigation of cisco webex desktop client, web, and android smartphone applications
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9371966/
https://www.ncbi.nlm.nih.gov/pubmed/35975177
http://dx.doi.org/10.1007/s12243-022-00919-6
work_keys_str_mv AT khalidzainab forensicinvestigationofciscowebexdesktopclientwebandandroidsmartphoneapplications
AT iqbalfarkhund forensicinvestigationofciscowebexdesktopclientwebandandroidsmartphoneapplications
AT kamounfaouzi forensicinvestigationofciscowebexdesktopclientwebandandroidsmartphoneapplications
AT khanliaqatali forensicinvestigationofciscowebexdesktopclientwebandandroidsmartphoneapplications
AT shahbabar forensicinvestigationofciscowebexdesktopclientwebandandroidsmartphoneapplications

Ejemplares similares