Journal Press India^®

Author Details ( * ) denotes Corresponding author

Numerous smartphone applications such as snapchat pose a major problem for a network administrator, as the chat gets deleted automatically removing every evidence of a conversation. It becomes difficult for an administrator to confirm whereabouts of a captured packet belonging to an IM application. However, if the same is captured in real time using Wireshark-a detailed analysis of the protocols would reveal information regarding the source of packet generation. This paper emulates a closed environment and uses freeware to capture encrypted packets from instant messengers and attempts to produce sufficient artifacts, so as to pin point the sender.

Keywords

Wireshark; Network Forensics; SnapChat; Controlled Environment; IM Packets; QUIC; STUN.

1. Arshad Iqbal,et al. Network Traffic Analysis and Intrusion Detection using Packet Sniffer. Second International Conference on Communication Software and Networks 2010,.


2. P Asrodia, H Patel. Network Traffic analysis using Packet Sniffer. International Journal of Engineering Research, 2, 2012, 3.


3. D Walnycky, I Baggili, A Marrington, J Moore. Network and device forensic analysis of Android. The International Journal of Digital Forensics & Incident Response, 2015, 8.


4. InetDaemon. TCP 3-Way Handshake (SYN,SYN-ACK,ACK). http://www.inetdaemon.com/tutorials/internet/tcp/3-way_handshake.shtml.


5. Sans. Ssl And Tls :Beginner's Guide. 2013. https://www.sans.org/reading-room/whitepapers/protocols/ssl-tls-beginners-guide-1029.


6. S A Thomas. SSL and TLS Essentials: Securing the Web. New York : Wiley Computer Publishing.


7. J. Rosenberg, R. Mahy,P. Matthews. Proposed Standard. 10, 2008. https://tools.ietf.org/html/rfc5389#page-34.


8. N Aviram, S Schinzel, J Somorovsky, N Heninger, M Dankel. Drown: Breaking TLS using SSLv2. 2016. 25th Usenix Security Symposium. p. 18.


9. Rt Lychev, S Jeroy, A Boldyrevaz. How Secure and Quick is QUIC? 2015. IEEE Symposium on Security and Privacy.