Skip to main content
Article
After Conversation - A Forensic ICQ Logfile Extraction Tool
ECU Publications Pre. 2011
  • Kim Morfitt, Edith Cowan University
  • Craig Valli, Edith Cowan University
Publication Date
1-1-2005
Document Type
Conference Proceeding
Publisher
School of Computer and Information Science, Edith Cowan University
Faculty
Computing, Health and Science
School
Computer and Information Science, Centre for Security Research
RAS ID
2896
Comments

This article was originally published as: Morfitt, K. , & Valli, C. (2005). After Conversation - A Forensic ICQ Logfile Extraction Tool. Proceedings of 3rd Australian Computer, Network and Information Forensics Conference. (pp. 54-61). Perth Western Australia. School of Computer and Information Science, Edith Cowan University. Original article available here

Abstract

Instant messenger programs such as ICQ are often used by hackers and criminals for illicit purposes and consequently the logfiles from such programs are of forensic interest. This paper outlines research in progress that has resulted in the development of a tool for the extraction of ICQ logfile entries. Detailed reconstruction of data from logfiles was achieved with a number of different ICQ software, with other programs still to be tested. There are several limitations including timestamp information not adjusted for the time zone, data could be altered, and conversations must be manually reconstructed. Future research will aim to address these and other limitations as pointed in this paper.

Disciplines
Citation Information
Kim Morfitt and Craig Valli. "After Conversation - A Forensic ICQ Logfile Extraction Tool" (2005)
Available at: http://works.bepress.com/craig_valli/4/