Enhancing the forensic ICQ logfile extraction tool
Document Type
Conference Proceeding
Publisher
School of Computer and Information Science, Edith Cowan University
Faculty
Faculty of Computing, Health and Science
School
School of Computer and Information Science
RAS ID
5154
Abstract
Programmers of forensic tools need to ensure that their tools are of suitable use, robustness and correctness for their output to be used as evidence. One tool for logfile extraction that is currently under development and is intended for forensic use extracts information from ICQ clients has several limitations that need to be overcome before it is of significant value to forensic investigators. This paper covers the process and research involved in further developing the tool, and overcoming a subset of the limitations of the tool. It also documents what was learnt in the process about the logfiles and the extraction tool and provides a snapshot of its current state of development. Also highlighted are the main areas for future development, area’s where research is needed, and areas where research could be performed that were highlighted by the current research and development cycle.
DOI
10.4225/75/57b13506c7054
Access Rights
free_to_read
Comments
Morfitt, K. (2006). Enhancing the Forensic ICQ Logfile Extraction Tool. In proceedings of the 4th Australian Digital Forensics Conference, Edith Cowan University. Available here