E-Detective Decoding Centre (EDDC) is designed as a Linux based centralized system for offline Internet raw data file parsing and reconstruction. It can be used to parser (decode and reconstruct) raw data files in PCAP format collected from different sources. Internet raw data (Internet packets) files can be collected from an Ethernet/LAN network or a WLAN network through different packet capturing or sniffing tools such as Ethereal, Wireshark, tcpdump, WinDump etc.

EDDC comes with specifically designed features that allow different forensic investigators to identify project or case specific offline Internet raw data files for decoding and reconstruction on a system. It allows the administrator to create different user accounts and different cases of investigation for various users or forensic professionals or investigators. The administrator has the flexibility to assign different rights and access levels to different users to manage access to the reconstructed data on different cases. The users can then import their Internet raw data files collected from different sources into the system to carry out the parser and analyzing process.

EDDC allows Internet Content Forensics tasks to be carried out easily and systematically in order to obtain a variety of information and evidence needed from the Internet raw data files collected. EDDC also aims to assist Police Intelligence Services, Military Intelligence Organizations, Intelligence Bureaus, National Security Agencies, Government Intelligence Agencies and all forensics related agencies in conducting Internet Content Forensics geared towards enhancing their investigative effort.

Diagram1: EDDC Implementation (1)

Diagram2: EDDC Implementation (2)

More EDDC Product Information

• 1. Criminology as a criminal investigation based on network designed for members of the dedicated network packet content to restore the software


• 2. To classify the rawdata into human readable informations and unknown packets


• 3. Content recovery for Email (POP3, IMAP and SMTP), Webmail (Yahoo Mail, Windows Live Hotmail, Gmail etc.), Instant Messaging (Yahoo, MSN, ICQ, QQ, Google Talk, IRC, UT Chat Room, Skype), File Transfer (FTP, P2P), Online Games, Telnet, HTTP (Link, Content, Reconstruct, Upload and Download, Video Streaming), VOIP (optional module) etc.


• 4. To export data content for forensic evidence use


• 5. Multiple accounts for different investigators for individual case


• 6. To export rawdata for analysis by other investigation tools

• 1. Government Agencies
• 2. Criminal Investigation Bureau
• 3. Military Police
• 4. National Security Bureau