A Comparative Forensic Analysis of Android based Social Media Applications
DOI:
https://doi.org/10.12928/mf.v4i2.6270Keywords:
Mobile Forensic, Android Forensic, Image Analysis, Social Application AnalysisAbstract
Smartphones are increasing worldwide rapidly. It works as a personal assistant that helps us master our everyday life. This is the reason why forensic experts always try to get the most crucial evidence from smartphones. While doing a forensic analysis of smartphones there is a need to identify the programs/files containing malicious actions or activity. Most of the users’ information resides inside the digital device and should be extracted carefully as it is needed for further users’ entity and behavior analytics. In this study, we used the most famous forensic tools MOBILedit and Autopsy for efficient extraction of potential evidence from the Android file system. The file system images from different android devices (rooted and unrooted) are extracted on multiple analyses (type-based, size-based). Additionally, a timeline of the log files has also been made, which can assist the investigator in locating any log files that were updated or altered at the scene of the crime by suspects or victims.
References
A. Ahmad, Mehdi Hussain, “A Forensic Analysis of Video Streaming Activities on Android Applications,” Mob. Forensics, vol. 4, no. 1, pp. 44–52, 2022, doi: https://doi.org/10.12928/mf.v4i1.5762.
B. Thesis, D. Patapas, “Investigation of Digital Forensic Methods for Mobile Devices,” 2021.
H. M. McGee, B. J. Crowley-Koch, “Performance Assessment of Organizations,” J. Organ. Behav. Manage., vol. 41, no. 3, pp. 255–285, 2021, doi: 10.1080/01608061.2021.1909687.
F. Amato, A. Castiglione, G. Cozzolino, F. Narducci, “A semantic-based methodology for digital forensics analysis,” J. Parallel Distrib. Comput., vol. 138, pp. 172–177, 2020, doi: 10.1016/j.jpdc.2019.12.017.
D. Kim, S. Lee, “Study of identifying and managing the potential evidence for effective Android forensics,” Forensic Sci. Int. Digit. Investig., vol. 33, p. 200897, 2020, doi: 10.1016/j.fsidi.2019.200897.
D. Quick and K. K. R. Choo, “Impacts of increasing volume of digital forensic data: A survey and future research challenges,” Digit. Investig., vol. 11, no. 4, pp. 273–294, 2014, doi: 10.1016/j.diin.2014.09.002.
K. Barmpatsalou, T. Cruz, E. Monteiro, and P. Simoes, “Current and future trends in mobile device forensics: A survey,” ACM Comput. Surv., vol. 51, no. 3, 2018, doi: 10.1145/3177847.
R. Ahmed, R.V. Dharaskar, Mobile forensics: an overview, tools, future trends and challenges from law enforcement perspective. In 6th international conference on e-governance, iceg, emerging technologies in e-government, m-government, pp. 312-23, 2008.
F. Marturana, G. Me, R. Bertè, and S. Tacconi, “A quantitative approach to triaging in mobile forensics,” Proc. 10th IEEE Int. Conf. Trust. Secur. Priv. Comput. Commun. Trust. 2011, 8th IEEE Int. Conf. Embed. Softw. Syst. ICESS 2011, 6th Int. Conf. FCST 2011, pp. 582–588, 2011, doi: 10.1109/TrustCom.2011.75.
G. Gogolin, “Mobile forensics,” Digit. Forensics Explain., pp. 55–68, 2012, doi: 10.1201/b13689-10.
M. M. Cruz-Cunha, N. R. Mateus-Coelho, IGI Global, Handbook of research on cyber crime and information privacy, vol. I, 2020.
V. Fernando, “Cyber Forensics Tools: A Review on Mechanism and Emerging Challenges,” 2021 11th IFIP Int. Conf. New Technol. Mobil. Secur. NTMS 2021, 2021, doi: 10.1109/NTMS49979.2021.9432641.
A. Al-Sabaawi, E. Foo, and E. Au, “A Comparison Study of Android Mobile Forensics for Retrieving Files System Handprint Recognition Technique Based in Image Segmentation for Recognize View project A Comparison Study of Android Mobile Forensics for Retrieving Files System,” Int. J. Comput. Sci. Secur., no. 13, pp. 2019–148, 2019.
J. Grover, “Android forensics: Automated data collection and reporting from a mobile device,” Proc. Digit. Forensic Res. Conf. DFRWS 2013 USA, vol. 10, pp. S12–S20, 2013, doi: 10.1016/j.diin.2013.06.002.
H. H. B. Bhushan, S. M. Florance, “An Overview on Handling Anti Forensic Issues in Android Devices Using Forensic Automator Tool,” 2022.
S. Hu, S. Zhang, and K. Fu, “TFChain:Blockchain-based Trusted Forensics Scheme for Mobile Phone Data Whole Process,” pp. 155–165, 2022, doi: 10.1109/itoec53115.2022.9734408.
M. R. Arshad, M. Hussain, H. Tahir, S. Qadir, F. I. Ahmed Memon, and Y. Javed, “Forensic Analysis of Tor Browser on Windows 10 and Android 10 Operating Systems,” IEEE Access, vol. 9, pp. 141273–141294, 2021, doi: 10.1109/ACCESS.2021.3119724.
A. Afzal, M. Hussain, S. Saleem, M. K. Shahzad, A. T. S. Ho, and K. H. Jung, “Encrypted network traffic analysis of secure instant messaging application: A case study of signal messenger app,” Appl. Sci., vol. 11, no. 17, 2021, doi: 10.3390/app11177789.
H. H. Lwin, W. P. Aung, and K. K. Lin, “Comparative Analysis of Android Mobile Forensics Tools,” 2020 IEEE Conf. Comput. Appl. ICCA 2020, 2020, doi: 10.1109/ICCA49400.2020.9022838.
S. C. Sathe, N. M. Dongre, “Data acquisition techniques in mobile forensics,” Proc. 2nd Int. Conf. Inven. Syst. Control. ICISC 2018, no. Icisc, pp. 280–286, 2018, doi: 10.1109/ICISC.2018.8399079.
T. Almehmadi, O. Batarfi, “Impact of Android Phone Rooting on User Data Integrity in Mobile Forensics,” 2nd Int. Conf. Comput. Appl. Inf. Secur. ICCAIS 2019, 2019, doi: 10.1109/CAIS.2019.8769520.
P. Feng, Q. Li, P. Zhang, and Z. Chen, “Private Data Acquisition Method Based on System-Level Data Migration and Volatile Memory Forensics for Android Applications,” IEEE Access, vol. 7, pp. 16695–16703, 2019, doi: 10.1109/ACCESS.2019.2894643.
C. Anglano, M. Canonico, and M. Guazzone, “The Android Forensics Automator (AnForA): A tool for the Automated Forensic Analysis of Android Applications,” Comput. Secur., vol. 88, 2020, doi: 10.1016/j.cose.2019.101650.
C. M. da Silveira et al., “Methodology for forensics data reconstruction on mobile devices with android operating system applying in-system programming and combination firmware,” Appl. Sci., vol. 10, no. 12, pp. 1–29, 2020, doi: 10.3390/app10124231.
R. Zhang, M. Xie, and J. Bian, “ReLF: Scalable Remote Live Forensics for Android,” pp. 822–831, 2022, doi: 10.1109/trustcom53373.2021.00117.
J. A. M. Jeyaseeli and C. Shanthi, “Physical Data Extraction from Android mobile using Apeaksoft Android toolkit and Android Debug Bridge,” vol. 8, no. 5, pp. 1913–1922, 2021.
Downloads
Published
Issue
Section
License
Copyright (c) 2022 Naveed Naeem Abbas, Adeel Ahmed Zeerak, Mohammad Awais Javaid, Mehdi Hussain
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Start from 2019 issues, authors who publish with JURNAL MOBILE AND FORENSICS agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License (CC BY-SA 4.0) that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.