Research Article
Forensic Analysis of Webex on the iOS Platform
@INPROCEEDINGS{10.1007/978-3-031-36574-4_5, author={Jiaxuan Zhou and Umit Karabiyik}, title={Forensic Analysis of Webex on the iOS Platform}, proceedings={Digital Forensics and Cyber Crime. 13th EAI International Conference, ICDF2C 2022, Boston, MA, November 16-18, 2022, Proceedings}, proceedings_a={ICDF2C}, year={2023}, month={7}, keywords={Mobile Forensics Webex Digital Forensics iOS Forensics}, doi={10.1007/978-3-031-36574-4_5} }- Jiaxuan Zhou
Umit Karabiyik
Year: 2023
Forensic Analysis of Webex on the iOS Platform
ICDF2C
Springer
DOI: 10.1007/978-3-031-36574-4_5
Abstract
An increasing number of companies have adopted online telecommunication software for their office software pack, and Webex was one of the popular choices. With the surging usage of online telecommunication software, online meeting exploitation and disruptions cases also increased. However, there is limited research performed on online telecommunication software from the forensics perspective, and most are focused on Skype. Also, even though the iPhone’s market share outperforms Android in the United States, the iOS system is under-researched. This paper fills the gap by performing a forensic analysis of Webex on the iOS platform, elucidating the structure of Webex in the iOS system, and displaying pertinent artifacts. The findings show that retrieving critical information in plain text from the application is possible. We retrieved data such as the username, phone number, device type, meeting session start time, meeting session attendee ID, etc. Also, we compared the evidence left from two types of accounts, basic and enterprise. The result shows that an enterprise account leaves more user data on the phone, a basic account keeps more device data. We used three tools, Cellebrite, Axiom, and DB Browser for SQLite, to validate the results. The result of the three tools all align.
