Memory and Browser Forensics in Assessing Data Security of Google Meet and Cisco WebEx Web Clients
摘要
Growing adoption of web-based video conferencing applications like Cisco WebEx, Google Meet, Microsoft Team, GoToMeeting, etc., has added a new level of concern regarding the protection of user data. These types of services are cloud-based; thus, their artefacts may be stored on servers across the globe raising jurisdictional questions in the course of a forensic investigation. It then proceeded to analyse Cisco WebEx and Google Meet, emphasizing the web application interfaces of the two applications. Due to these considerations, memory and browser forensics helped us overcome the restrictions of the cloud-based approach and collected artefacts from the user’s local context. Our investigation exposed sensitive aspects of the users such as meeting records (meeting ID, meeting links, Timestamps, participant details, emails, etc.), user account details (usernames, display names, email addresses, and profile pictures), in-call messages (content of messages, timestamps of messages along with sender display name etc.), shared files and documents (in-call shared pdf, doc, pictures, etc., were recovered along with the metadata) that can raise extreme security concerns. The study of such differences determines various platform security consequences as the artefacts are compared between the two. This work establishes an imperative for a secure approach to web-based videoconferencing systems and lays down the groundwork for further work in the digital forensics spectrum of this constantly growing domain. This research provides important implications for such audiences as law enforcement agencies, cybersecurity experts, and companies and applications that intend to safeguard users’ information in the context of web-based video telecommunication. Moreover, this research presents schemata of efficacious counteractions and practices that may help counter the dangers connected with the usage of these platforms.