Title

Structural analysis of the log files of the ICQ client version 2003b

Document Type

Conference Proceeding

Publisher

School of Computer and Information Science, Edith Cowan University

Faculty

Computing, Health and Science

School

Computer and Information Science

RAS ID

5082

Comments

Originally published as: Morfitt, K. (2006). Structural analysis of the log files of the ICQ client version 2003b. Paper presented at the Proceedings of 4th Australian Digital Forensics Conference. Original article available here

Abstract

Instant messenger programs can generate log files of user interactions which are of interest to forensic investigators. Some of the log files are in formats that are difficult for investigators to extract useful and accurate information from. The official ICQ client is one such program. Users log files are stored in a binary format that is difficult to understand and often changes with different client versions. Previous research has been performed that documents the format of the log files, however this research only covers earlier versions of the client. This paper explores the 2003b version of the ICQ client. It documents the analysis process that was undertaken, the files found, much of their structure, and the structure of the records found within. It attempts to provide an accurate and reasonable description of any issues and presents possible solutions to those issues. Finally a brief conclusion is provided which lists outstanding issues.

DOI

10.4225/75/57b13687c7055

Access Rights

free_to_read

 
COinS
 

Link to publisher version (DOI)

10.4225/75/57b13687c7055