Skip to main content


Instant messaging technology is increasingly becoming popular among individuals, businesses, as well as criminals. Technologies such as Skype is widely used due to its secure and cheap services. Traditional static media computer forensics approach is not effective in retrieving traces of instant messaging activity. This research presents the findings from physical memory forensics examination of Skype communication. We examined both client-based Skype as well as web-based Skype to determine whether the forensics data remnants in memory would be different for each case. For each case, we evaluated the forensics artifacts at both the operating system level and the application level. At the operating system level, we examined active processes, terminated processes, hidden processes and open files related to Skype activity. At the application level, we evaluated Skype activity artifacts such as logins credentials, audio and video conversations, transferred files, emails, and geographical location of the caller. In addition, we found some differences in the client-based and web-based Skype data remnants in memory. Overall, we confirm that physical memory forensics is the most effective technique for retrieving forensics artifacts of instant messaging technology.


File nameDate UploadedVisibilityFile size
19 Jul 2022
2.81 kB



  • Institution
    • Dahlonega

  • Publisher
    • Foundation of Computer Science

  • Date submitted

    19 July 2022

  • Keywords
  • Additional information
    • Author Biography:

      Dr. Ahmad Ghafarian is a full time Professor of Computer Science & Cybersecurity at the University of North Georgia, UNG. His educational credentials include a Postdoctoral Fellowship in Information Security, Ph.D. & M.S. in Computer Science, and B.S. in Mathematics. He is specialized and conduct research in various areas of cybersecurity including but not limited to malware analysis, various aspects of digital forensics, cloud computing security, VoIP security, and social computing security. He has about forty peer reviewed publications to his credit.

      Book or Journal Information:

      International Journal of Computer Applications