Forensic Artifact Discovery and Suspect Profiling through Google Assistant
DOI:
https://doi.org/10.12928/mf.v5i1.8046Keywords:
Google Assistant, Cloud Forensics, Mobile Forensics, Suspect Profiling, ClusteringAbstract
It has become impossible to imagine modern society without the internet and mobile devices dominating our daily lives. As a result, popular apps like Google Assistant, Gmail, Google Home, etc., are quietly entering our veins. People aren't even aware of how much of a digital footprint they leave behind, let alone the fact that it can be completely chronologized and used to put any criminal in jail. The data that we intentionally send to Google is fully retrievable from both the client side (a mobile device) and the cloud. Even if a suspect changes his mobile device, his previous digital footprint still follows him wherever he goes. In this project, we pinpointed the location of the primary database and the major repository for Google Assistant. Here, forensic artifacts of interest from our inquiry have been revealed, including the timeline and copies of previously traded audio chats, as well as a record of deleted data. In addition to that, we have applied the K-means clustering algorithm to isolate the suspect’s voice records and their chronological order among various call records stored in the cloud, where the cluster size is determined using the Silhouette score and the CH index. The findings of the research are to identify forensic artifacts and suspect profiling so that forensic investigators make it easier to conduct criminal investigations
References
S. Levy, In the plex: how Google thinks, works, and shapes our lives, 1. ed. New York, NY: Simon & Schuster, 2011.
N. Zhang, X. Mi, X. Feng, X. Wang, Y. Tian, and F. Qian, “Dangerous Skills: Understanding and Mitigating Security Risks of Voice-Controlled Third-Party Functions on Virtual Personal Assistant Systems,” in 2019 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA: IEEE, May 2019, pp. 1381–1396. doi: 10.1109/SP.2019.00016.
A. Klein, A. Hinderks, M. Rauschenberger, and J. Thomaschewski, “Exploring Voice Assistant Risks and Potential with Technology-based Users:,” in Proceedings of the 16th International Conference on Web Information Systems and Technologies, Budapest, Hungary: SCITEPRESS - Science and Technology Publications, 2020, pp. 147–154. doi: 10.5220/0010150101470154.
A. Castro and A. Perez-Pons, “Virtual Assistant for Forensics Recovery of IoT Devices,” in 2021 7th IEEE Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS), NY, USA: IEEE, May 2021, pp. 186–190. doi: 10.1109/BigDataSecurityHPSCIDS52275.2021.00043.
A. Akinbi and T. Berry, “Forensic Investigation of Google Assistant,” SN COMPUT. SCI., vol. 1, no. 5, p. 272, Sep. 2020, doi: 10.1007/s42979-020-00285-x.
G. Germanos, D. Kavallieros, N. Kolokotronis, and N. Georgiou, “Privacy Issues in Voice Assistant Ecosystems,” in 2020 IEEE World Congress on Services (SERVICES), Beijing, China: IEEE, Oct. 2020, pp. 205–212. doi: 10.1109/SERVICES48979.2020.00050.
I. Yildirim, E. Bostanci, and M. S. Guzel, “Forensic Analysis with Anti-Forensic Case Studies on Amazon Alexa and Google Assistant Build-In Smart Home Speakers,” in 2019 4th International Conference on Computer Science and Engineering (UBMK), Samsun, Turkey: IEEE, Sep. 2019, pp. 1–3. doi: 10.1109/UBMK.2019.8907007.
C. Krueger and S. McKeown, “Using Amazon Alexa APIs as a Source of Digital Evidence,” in 2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security), Dublin, Ireland: IEEE, Jun. 2020, pp. 1–8. doi: 10.1109/CyberSecurity49315.2020.9138849.
K. P, K. G. Ganiga, C. L, A. Srivatsava, D. V. S. S. Kumar, and P. N. S, “Forensic Data Analysis using the Case Studies on Anti Forensic Devices,” vol. 9, no. 9, pp. 49–52, Sep. 2022.
D. D. Nath, N. I. Khan, J. Akhter, and A. S. Md. M. Rahaman, “Prediction of Android Malicious Software Using Boosting Algorithms,” in Emerging Technologies in Computing, vol. 395, M. H. Miraz, G. Southall, M. Ali, A. Ware, and S. Soomro, Eds., in Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol. 395. , Cham: Springer International Publishing, 2021, pp. 21–36. doi: 10.1007/978-3-030-90016-8_2.
D. Saha, S. Karmakar, F. N. Nur, A. Mariam, N. N. Moon, and A. Ahmed, “Mobile Device and Social Media Forensic Analysis: Impacts on Cyber-Crime,” in 2021 1st International Conference on Emerging Smart Technologies and Applications (eSmarTA), Sana’a, Yemen: IEEE, Aug. 2021, pp. 1–8. doi: 10.1109/eSmarTA52612.2021.9515742.
N. Zhang, X. Mi, X. Feng, X. Wang, Y. Tian, and F. Qian, “Understanding and Mitigating the Security Risks of Voice-Controlled Third-Party Skills on Amazon Alexa and Google Home,” 2018, doi: 10.48550/ARXIV.1805.01525.
Downloads
Published
Issue
Section
License
Copyright (c) 2023 Abu Sayed Md. Mostafizur Rahaman, Saiyeda Marzia, Tafsir Haque Arnob, Md.Zahidur Rahman, Jesmin Akhter
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Start from 2019 issues, authors who publish with JURNAL MOBILE AND FORENSICS agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License (CC BY-SA 4.0) that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.