Videoconferencing, Cyber intelligence (Computer security), Computer security
Computer Engineering | Computer Sciences | Electrical and Computer Engineering | Forensic Science and Technology | Information Security
The global pandemic of COVID-19 has turned the spotlight on video conferencing applications like never before. In this critical time, applications such as Zoom have experienced a surge in its user base jump over the 300 million daily mark (ZoomBlog, 2020). The increase in use has led malicious actors to exploit the application, and in many cases perform Zoom Bombings. Therefore forensically examining Zoom is inevitable. Our work details the primary disk, network, and memory forensic analysis of the Zoom video conferencing application. Results demonstrate it is possible to find users' critical information in plain text and/or encrypted/encoded, such as chat messages, names, email addresses, passwords, and much more through network captures, forensic imaging of digital devices, and memory forensics. Furthermore we elaborate on interesting anti-forensics techniques employed by the Zoom application when contacts are deleted from the Zoom application's contact list.
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.
Mahr, Andrew; Cichon, Meghan; Mateo, Sophia; Grajeda, Cinthya; and Baggili, Ibrahim, "Zooming into the pandemic! A forensic analysis of the Zoom Application" (2021). Electrical & Computer Engineering and Computer Science Faculty Publications. 96.
Andrew Mahr, Meghan Cichon, Sophia Mateo, Cinthya Grajeda, Ibrahim Baggili, Zooming into the pandemic! A forensic analysis of the Zoom Application, Forensic Science International: Digital Investigation, Volume 36, 2021, 301107, ISSN 2666-2817, https://doi.org/10.1016/j.fsidi.2021.301107. (https://www.sciencedirect.com/science/article/pii/S2666281721000019)