Presentation is loading. Please wait.

Presentation is loading. Please wait.

Forensic Framework for Skype Communication

Published bySabrina Gibbs Modified over 5 years ago

Similar presentations

Presentation on theme: "Forensic Framework for Skype Communication"— Presentation transcript:

1 Forensic Framework for Skype Communication
Presented By Manesh T Faculty and Research Fellow Department of Computer Science & Information Prince Sattam bin Abdulaziz University, KSA Shankara Research Centre In Information Science Adi Shankara Institute of Engineering and Technology. Resource Center for Cyber Forensics CDAC Trivandrum Co-Authors M Muhammed Sha Saied M. Abd El-atty Department of Computer Science & Information Prince Sattam Bin Abdulaziz University Kingdom of Saudi Arabia

2 Agenda Brief Introduction Application Environment & Basic Problem
Background and Previous works Proposed Solution Core Invention and Features of Research Achievements and Results Conclusions and Future Works References

3 Brief Introduction Retrospective network analysis or Network Forensics
Network forensics is the science that deals with capture, recording, and analysis of network traffic(packets) to retrace the content of the network session. We do Skype forensics through offline network Forensics.

4 Application Environment and Basic Problem
Encrypted channels in Skype Difficult Forensic Analysis Unbound usage of Skype VoIP Problems

5 Background and Previous Work
Ideal Features C Collection & filtering R Correlation Analysis L Log file analysis S Stream Reassembly A Application layer viewer W Workflow or case management None Perform Skype Forensics

6 Proposed Solution- Experimental Setup
Innovative Approach

7 Core Invention and Features of Research
Skype SSL Handshake Process Decrypting Skype Traffic , Regenerating VoIP data Tracing malicious users and network session contents Facilitating law enforcement Used with Proxy servers or Stand alone PCs Features

8 SIP and RTP Rescheduling Technique
Algorithm 1 Algorithm 2

9 Achievements and Results
GUI of Skype SIP Decrypter GUI-VoIP Header Extractor and Regenerated Details

10 Conclusions and Future Scope
Admin friendly framework - Skype VoIP Streams. Traces Unauthorized Skype VoIP network activities. Successfully decrypted the Skype SSL handshake Facilitates prosecution of the malicious user Results shows that new packet reconstruction mechanism which is developed to address duplicate and retransmitted packets is functioning commendably. Our future work involves complete Skype communication analysis by decrypting SRTP communication between clients.

11 References 1. S. A. Baset, H Schulzrinne.: An Analysis of the Skype peer-to-peer Internet Telephony Protocol. In: IEEE INFOCOM’ 06, pp. 1—11. April (2006). 2. Guha. S, Daswani. N,: An An experimental Study of Skype peer to peer VoIP System. In: IPTPS’ 06, pp. 10—16. Feb (2006). 3. Chun-Ming. Leung, Yuen-Yan. Chan,: Network Forensic on Encrypted Peer-to-Peer VoIP Traffics and the Detection, Blocking, and Prioritization of Skype Traffics. In: 16th IEEE International Workshops on Enabling Technologies, pp. 401—408. June (2007). 4. Molnar. S, Perenyi. M, Gefferth. A, Trang. Dinh. Dang, : Skype Traffic Identification. In: IEEE Global Telecommunications Conference, pp Nov (2007). 5. Ronald. C. Dodge, J.R,: Skype Fingerprint. In: IEEE Proceedings of the 41st Annual Hawaii International Conference on System Sciences, pp. 484—452. January (2008). 6. Rossi. D, Mellia. M, Meo. M,: Evidences Behind Skype Outage. In: IEEE International Conference on Communications, pp. 1—6. June (2009). 7. Tinta. S.P, Wong. J.L, : Characterizing end-to-end packet reordering with UDP traffic. In: IEEE Symposium on Computers and Communications, pp. 321—324. July (2009). 8. Manesh. T, B. Brijith, Mahendra. Prathap. Singh, :An Improved Approach towards network Forensic Investigation of HTTP and FTP Protocols. In: PDCTA-11, Springer Heidelberg, pp. 385—392. Sept (2011) 9.Manesh. T, B.Brijith, Bhraguram. T. M, R. Rajaram, : Network Forensic Investigation of HTTPS Protocol. In: IJMER, Vol. 3, Issue. 5, pp Oct (2013).

12 THANK YOU !

Download ppt "Forensic Framework for Skype Communication"

Similar presentations

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
KISS: Stochastic Packet Inspection for UDP Traffic Classification

KISS: Stochastic Packet Inspection for UDP Traffic Classification
Camarillo / Schulzrinne / Kantola November 26th, 2001 SIP over SCTP performance analysis

Camarillo / Schulzrinne / Kantola November 26th, 2001 SIP over SCTP performance analysis
VOYAGER: Yet Another Secure Web Browser to Demonstrate Secure Socket Layer Working and Implementation By : Shrinivas G. Deshpande Advisor: Dr. Chung E.

VOYAGER: Yet Another Secure Web Browser to Demonstrate Secure Socket Layer Working and Implementation By : Shrinivas G. Deshpande Advisor: Dr. Chung E.
Lawful Interception & Packet Forensics Analysis System Casper Kan Chang Decision Group June 2010.

Lawful Interception & Packet Forensics Analysis System Casper Kan Chang Decision Group June 2010.
Bradley Cowie, Barry Irwin and Richard Barnett Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING.

Bradley Cowie, Barry Irwin and Richard Barnett Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING.
STUN Date: 2011-05-25 Speaker: Hui-Hsiung Chung 1.

STUN Date: Speaker: Hui-Hsiung Chung 1.
Review of a research paper on Skype

Review of a research paper on Skype
Comparison between Skype and SIP- based Peer-to-Peer Voice-Over-IP Overlay Network Johnson Lee EECE 565 Data Communications.

Comparison between Skype and SIP- based Peer-to-Peer Voice-Over-IP Overlay Network Johnson Lee EECE 565 Data Communications.
The testbed environment for this research to generate real-world Skype behaviors for analyzation is as follows: A NAT-ed LAN consisting of 7 machines running.

The testbed environment for this research to generate real-world Skype behaviors for analyzation is as follows: A NAT-ed LAN consisting of 7 machines running.
As computer network experiments increase in complexity and size, it becomes increasingly difficult to fully understand the circumstances under which a.

As computer network experiments increase in complexity and size, it becomes increasingly difficult to fully understand the circumstances under which a.
H. 323 and firewalls: Problem Statement and Solution Framework Author: Melinda Shore, Nokia Presenter: Shannon McCracken.

H. 323 and firewalls: Problem Statement and Solution Framework Author: Melinda Shore, Nokia Presenter: Shannon McCracken.
SIDD: A Framework for Detecting Sensitive Data Exfiltration by an Insider Attack 42 nd Hawaii International Conference on System Sciences, 2009. Electrical.

SIDD: A Framework for Detecting Sensitive Data Exfiltration by an Insider Attack 42 nd Hawaii International Conference on System Sciences, Electrical.
An Empirical Study of Real Audio Traffic A. Mena and J. Heidemann USC/Information Sciences Institute In Proceedings of IEEE Infocom Tel-Aviv, Israel March.

An Empirical Study of Real Audio Traffic A. Mena and J. Heidemann USC/Information Sciences Institute In Proceedings of IEEE Infocom Tel-Aviv, Israel March.
BotMiner Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee College of Computing, Georgia Institute of Technology.

BotMiner Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee College of Computing, Georgia Institute of Technology.
More about Skype. Overview Any node with a public IP address having sufficient CPU, memory and network bandwidth is a candidate to become a super node.

More about Skype. Overview Any node with a public IP address having sufficient CPU, memory and network bandwidth is a candidate to become a super node.
Kyushu University Graduate School of Information Science and Electrical Engineering Department of Advanced Information Technology Supervisor: Professor.

Kyushu University Graduate School of Information Science and Electrical Engineering Department of Advanced Information Technology Supervisor: Professor.
Circuit & Application Level Gateways CS-431 Dick Steflik.

Circuit & Application Level Gateways CS-431 Dick Steflik.
A Selective Retransmission Protocol for Multimedia on the Internet Mike Piecuch, Ken French, George Oprica and Mark Claypool Computer Science Department.

A Selective Retransmission Protocol for Multimedia on the Internet Mike Piecuch, Ken French, George Oprica and Mark Claypool Computer Science Department.
11. 2 Cloud Computing Forensics 3 rd Annual AFCEA Student Conference Eric Oltman 26 October 2010 The Queen Elizabeth II Conference Centre London, United.

11. 2 Cloud Computing Forensics 3 rd Annual AFCEA Student Conference Eric Oltman 26 October 2010 The Queen Elizabeth II Conference Centre London, United.

Similar presentations

Ads by Google