Přístupnostní navigace
E-přihláška
Vyhledávání Vyhledat Zavřít
Detail publikace
KARPÍŠEK, F. BAGGILI, I. BREITINGER, F.
Originální název
WhatsApp network forensics: Decrypting and understanding the WhatsApp call signaling messages
Typ
článek v časopise ve Web of Science, Jimp
Jazyk
angličtina
Originální abstrakt
WhatsApp is a widely adopted mobile messaging application with over 800 million users. Recently, a calling feature was added to the application and no comprehensive digital forensic analysis has been performed with regards to this feature at the time of writing this paper. In this work, we describe how we were able to decrypt the network trac and obtain forensic artifacts that relate to this new calling feature which included the: a) WhatsApp phone numbers, b) Whats- App server IPs, c) WhatsApp audio codec (Opus), d) WhatsApp call duration, and e) WhatsApp's call termination. We explain the methods and tools used to decrypt the trac as well as thoroughly elaborate on our ndings with respect to the WhatsApp signaling messages. Furthermore, we also provide the community with a tool that helps in the visualization of the WhatsApp protocol messages.
Klíčová slova
WhatsApp, reverse engineering, proprietary protocol, signaling protocols, network forensics, decryption, mobile forensics, digital forensics, cyber security, audio encoding
Autoři
KARPÍŠEK, F.; BAGGILI, I.; BREITINGER, F.
Rok RIV
2015
Vydáno
19. 9. 2015
ISSN
1742-2876
Periodikum
Digital Investigation
Ročník
Číslo
15
Stát
Nizozemsko
Strany od
110
Strany do
118
Strany počet
11
URL
https://www.fit.vut.cz/research/publication/10979/
BibTex
@article{BUT119912, author="Filip {Karpíšek} and Ibrahim {Baggili} and Frank {Breitinger}", title="WhatsApp network forensics: Decrypting and understanding the WhatsApp call signaling messages", journal="Digital Investigation", year="2015", volume="2015", number="15", pages="110--118", doi="10.1016/j.diin.2015.09.002", issn="1742-2876", url="https://www.fit.vut.cz/research/publication/10979/" }
Dokumenty
WhatsApp.pdf