WhatsApp network forensics: Decrypting and understanding the WhatsApp call signaling messages

Détails

ID Serval
serval:BIB_BBE7A739FC70
Type
Article: article d'un périodique ou d'un magazine.
Collection
Publications
Titre
WhatsApp network forensics: Decrypting and understanding the WhatsApp call signaling messages
Périodique
Digital Investigation
Auteur⸱e⸱s
Karpisek F., Baggili I., Breitinger F.
ISSN
1742-2876
Statut éditorial
Publié
Date de publication
12/2015
Volume
15
Pages
110-118
Langue
anglais
Résumé
Abstract WhatsApp is a widely adopted mobile messaging application with over 800 million users. Recently, a calling feature was added to the application and no comprehensive digital forensic analysis has been performed with regards to this feature at the time of writing this paper. In this work, we describe how we were able to decrypt the network traffic and obtain forensic artifacts that relate to this new calling feature which included the: a) WhatsApp phone numbers, b) WhatsApp server IPs, c) WhatsApp audio codec (Opus), d) WhatsApp call duration, and e) WhatsApp’s call termination. We explain the methods and tools used to decrypt the traffic as well as thoroughly elaborate on our findings with respect to the WhatsApp signaling messages. Furthermore, we also provide the community with a tool that helps in the visualization of the WhatsApp protocol messages.
Mots-clé
Audio encoding
Web of science
Création de la notice
06/05/2021 11:01
Dernière modification de la notice
06/05/2021 11:40
Données d'usage