Enhancing the forensic ICQ logfile extraction tool

Document Type

Conference Proceeding

Publisher

School of Computer and Information Science, Edith Cowan University

Faculty

Faculty of Computing, Health and Science

School

School of Computer and Information Science

RAS ID

5154

Comments

Morfitt, K. (2006). Enhancing the Forensic ICQ Logfile Extraction Tool. In proceedings of the 4th Australian Digital Forensics Conference, Edith Cowan University. Available here

Abstract

Programmers of forensic tools need to ensure that their tools are of suitable use, robustness and correctness for their output to be used as evidence. One tool for logfile extraction that is currently under development and is intended for forensic use extracts information from ICQ clients has several limitations that need to be overcome before it is of significant value to forensic investigators. This paper covers the process and research involved in further developing the tool, and overcoming a subset of the limitations of the tool. It also documents what was learnt in the process about the logfiles and the extraction tool and provides a snapshot of its current state of development. Also highlighted are the main areas for future development, area’s where research is needed, and areas where research could be performed that were highlighted by the current research and development cycle.

DOI

10.4225/75/57b13506c7054

Access Rights

free_to_read

Share

 
COinS
 

Link to publisher version (DOI)

10.4225/75/57b13506c7054