A Comparative Forensic Analysis of Android based Social Media Applications

Authors

  • Naveed Naeem Abbas School of Electrical Engineering and Computer Science, National University of Sciences and Technology (NUST), Islamabad - Pakistan.
  • Adeel Ahmed Zeerak School of Electrical Engineering and Computer Science, National University of Sciences and Technology (NUST), H-12, Islamabad - Pakistan
  • Mohammad Awais Javaid School of Electrical Engineering and Computer Science, National University of Sciences and Technology (NUST), H-12, Islamabad - Pakistan
  • Mehdi Hussain School of Electrical Engineering and Computer Science, National University of Sciences and Technology (NUST), H-12, Islamabad - Pakistan

DOI:

https://doi.org/10.12928/mf.v4i2.6270

Keywords:

Mobile Forensic, Android Forensic, Image Analysis, Social Application Analysis

Abstract

Smartphones are increasing worldwide rapidly. It works as a personal assistant that helps us master our everyday life. This is the reason why forensic experts always try to get the most crucial evidence from smartphones. While doing a forensic analysis of smartphones there is a need to identify the programs/files containing malicious actions or activity. Most of the users’ information resides inside the digital device and should be extracted carefully as it is needed for further users’ entity and behavior analytics. In this study, we used the most famous forensic tools MOBILedit and Autopsy for efficient extraction of potential evidence from the Android file system. The file system images from different android devices (rooted and unrooted) are extracted on multiple analyses (type-based, size-based). Additionally, a timeline of the log files has also been made, which can assist the investigator in locating any log files that were updated or altered at the scene of the crime by suspects or victims.

References

A. Ahmad, Mehdi Hussain, “A Forensic Analysis of Video Streaming Activities on Android Applications,” Mob. Forensics, vol. 4, no. 1, pp. 44–52, 2022, doi: https://doi.org/10.12928/mf.v4i1.5762.

B. Thesis, D. Patapas, “Investigation of Digital Forensic Methods for Mobile Devices,” 2021.

H. M. McGee, B. J. Crowley-Koch, “Performance Assessment of Organizations,” J. Organ. Behav. Manage., vol. 41, no. 3, pp. 255–285, 2021, doi: 10.1080/01608061.2021.1909687.

F. Amato, A. Castiglione, G. Cozzolino, F. Narducci, “A semantic-based methodology for digital forensics analysis,” J. Parallel Distrib. Comput., vol. 138, pp. 172–177, 2020, doi: 10.1016/j.jpdc.2019.12.017.

D. Kim, S. Lee, “Study of identifying and managing the potential evidence for effective Android forensics,” Forensic Sci. Int. Digit. Investig., vol. 33, p. 200897, 2020, doi: 10.1016/j.fsidi.2019.200897.

D. Quick and K. K. R. Choo, “Impacts of increasing volume of digital forensic data: A survey and future research challenges,” Digit. Investig., vol. 11, no. 4, pp. 273–294, 2014, doi: 10.1016/j.diin.2014.09.002.

K. Barmpatsalou, T. Cruz, E. Monteiro, and P. Simoes, “Current and future trends in mobile device forensics: A survey,” ACM Comput. Surv., vol. 51, no. 3, 2018, doi: 10.1145/3177847.

R. Ahmed, R.V. Dharaskar, Mobile forensics: an overview, tools, future trends and challenges from law enforcement perspective. In 6th international conference on e-governance, iceg, emerging technologies in e-government, m-government, pp. 312-23, 2008.

F. Marturana, G. Me, R. Bertè, and S. Tacconi, “A quantitative approach to triaging in mobile forensics,” Proc. 10th IEEE Int. Conf. Trust. Secur. Priv. Comput. Commun. Trust. 2011, 8th IEEE Int. Conf. Embed. Softw. Syst. ICESS 2011, 6th Int. Conf. FCST 2011, pp. 582–588, 2011, doi: 10.1109/TrustCom.2011.75.

G. Gogolin, “Mobile forensics,” Digit. Forensics Explain., pp. 55–68, 2012, doi: 10.1201/b13689-10.

M. M. Cruz-Cunha, N. R. Mateus-Coelho, IGI Global, Handbook of research on cyber crime and information privacy, vol. I, 2020.

V. Fernando, “Cyber Forensics Tools: A Review on Mechanism and Emerging Challenges,” 2021 11th IFIP Int. Conf. New Technol. Mobil. Secur. NTMS 2021, 2021, doi: 10.1109/NTMS49979.2021.9432641.

A. Al-Sabaawi, E. Foo, and E. Au, “A Comparison Study of Android Mobile Forensics for Retrieving Files System Handprint Recognition Technique Based in Image Segmentation for Recognize View project A Comparison Study of Android Mobile Forensics for Retrieving Files System,” Int. J. Comput. Sci. Secur., no. 13, pp. 2019–148, 2019.

J. Grover, “Android forensics: Automated data collection and reporting from a mobile device,” Proc. Digit. Forensic Res. Conf. DFRWS 2013 USA, vol. 10, pp. S12–S20, 2013, doi: 10.1016/j.diin.2013.06.002.

H. H. B. Bhushan, S. M. Florance, “An Overview on Handling Anti Forensic Issues in Android Devices Using Forensic Automator Tool,” 2022.

S. Hu, S. Zhang, and K. Fu, “TFChain:Blockchain-based Trusted Forensics Scheme for Mobile Phone Data Whole Process,” pp. 155–165, 2022, doi: 10.1109/itoec53115.2022.9734408.

M. R. Arshad, M. Hussain, H. Tahir, S. Qadir, F. I. Ahmed Memon, and Y. Javed, “Forensic Analysis of Tor Browser on Windows 10 and Android 10 Operating Systems,” IEEE Access, vol. 9, pp. 141273–141294, 2021, doi: 10.1109/ACCESS.2021.3119724.

A. Afzal, M. Hussain, S. Saleem, M. K. Shahzad, A. T. S. Ho, and K. H. Jung, “Encrypted network traffic analysis of secure instant messaging application: A case study of signal messenger app,” Appl. Sci., vol. 11, no. 17, 2021, doi: 10.3390/app11177789.

H. H. Lwin, W. P. Aung, and K. K. Lin, “Comparative Analysis of Android Mobile Forensics Tools,” 2020 IEEE Conf. Comput. Appl. ICCA 2020, 2020, doi: 10.1109/ICCA49400.2020.9022838.

S. C. Sathe, N. M. Dongre, “Data acquisition techniques in mobile forensics,” Proc. 2nd Int. Conf. Inven. Syst. Control. ICISC 2018, no. Icisc, pp. 280–286, 2018, doi: 10.1109/ICISC.2018.8399079.

T. Almehmadi, O. Batarfi, “Impact of Android Phone Rooting on User Data Integrity in Mobile Forensics,” 2nd Int. Conf. Comput. Appl. Inf. Secur. ICCAIS 2019, 2019, doi: 10.1109/CAIS.2019.8769520.

P. Feng, Q. Li, P. Zhang, and Z. Chen, “Private Data Acquisition Method Based on System-Level Data Migration and Volatile Memory Forensics for Android Applications,” IEEE Access, vol. 7, pp. 16695–16703, 2019, doi: 10.1109/ACCESS.2019.2894643.

C. Anglano, M. Canonico, and M. Guazzone, “The Android Forensics Automator (AnForA): A tool for the Automated Forensic Analysis of Android Applications,” Comput. Secur., vol. 88, 2020, doi: 10.1016/j.cose.2019.101650.

C. M. da Silveira et al., “Methodology for forensics data reconstruction on mobile devices with android operating system applying in-system programming and combination firmware,” Appl. Sci., vol. 10, no. 12, pp. 1–29, 2020, doi: 10.3390/app10124231.

R. Zhang, M. Xie, and J. Bian, “ReLF: Scalable Remote Live Forensics for Android,” pp. 822–831, 2022, doi: 10.1109/trustcom53373.2021.00117.

J. A. M. Jeyaseeli and C. Shanthi, “Physical Data Extraction from Android mobile using Apeaksoft Android toolkit and Android Debug Bridge,” vol. 8, no. 5, pp. 1913–1922, 2021.

Downloads

Published

2023-02-03

Issue

Section

Articles