SlideShare une entreprise Scribd logo

Forensics_1st_Presentation.pptx

Télécharger en tant que PPTX, PDF
F
FatemaAkter78

Hello

Ingénierie
1  sur  22
Analysis of a Third-Party Application for Mobile Forensic Investigation Authors: Jung Hyun, Ryu Nam Yong Kim, Byoung Wook Kwon, Sang Ki Suk, Jin Ho Park, and Jong Hyuk Park. 1
Presented To DR. MOHAMMED NASIR UDDIN Professor Dept. of Computer Science & Engineering Jagannath University Presented By Fatema Akter Roll # B150305017 Dept. of Computer Science & Engineering Jagannath University 2
Contents • Abstract • Introduction • Related work • Analysis Method • Data Analysis • Conclusion • Reference 3
Abstract • Third-party applications form an important part of the mobile environment. • Digital forensics of mobile third-party applications can provide important evidence to forensics investigators. • This paper presents scenario-based methods of forensic analysis for a specific third-party social networking service application on a specific mobile device. • When applied to certain third-party applications, digital forensics can provide forensic investigators with useful data for the investigation process. • The main purpose of the forensic analysis is to determine whether the general use of third-party applications leaves data in the mobile internal storage. 4
Introduction • The deep human desire to communicate more effectively and conveniently has led to the development of the wireless communication technology that we know and use today. • The percentage of social networking applications in the mobile environment is enormous. • In terms of digital forensics, users are more likely to leave traces of social networks, which is a difficult reality for mobile devices and applications. • In addition, each application depends on whether or not the developer intends to leave the data on the device's internal storage. 5
Introduction • A simple forensic analysis of mobile devices could be rendered meaningless if the smartphone used to solve a cybercrime is mostly made up of third- party applications [5]. • The main purpose of the mobile forensic analysis presented in this paper is to investigate the forensics issues raised by certain social networking services in iOS, Apple’s mobile device, and to assist in the digital forensic investigation process. • In this paper, we provided the location and meaning of the data left by a third-party application, Instagram, on the internal file system of iPhones. • To contribute to the investigation, we conducted examinations of the latest versions of iOS and various applications in order to resolve the difficulties faced by forensic investigators in the ever-changing mobile phone environment. 6
Related Works • The frequent updates and releases of diverse applications pose a considerable challenge to forensic investigators [6]. • These new technologies and updates of mobile operating systems are often distributed and result in a short cycle of production [7]. • New mobile devices, operating systems and applications, and that forensics analysis should be applied to other devices, operating systems, and third-party applications [8]. • A forensic analysis technique that used the backup function of the iPhone, the study is done through the iTunes backup utility for the forensic analysis process [11]. • Analysis of social network applications using the iTunes backup utility. Their study involved a forensic analysis of iOS version 4.3.5 of iPhone 4 [12] . 7
• Zdziarski [13] discussed the overall structure of the iPhone's internal and file systems, and presented a wide range of vulnerabilities and security issues relating to the iPhone. • Ahmed and Dharaskar [14] discussed the potential for emerging digital evidence in the mobile environment. • Raghav and Saxena [15] discussed the guidelines, challenges, and data preservation and acquisition in mobile forensics. They have been working to prepare for the growth of mobile cybercrime due to the ever- increasing use of mobile devices. • Stirparo and Kounelis [16] focused on where data is stored and where data can be found in the mobile environment. They proposed a forensic methodology for assessing the privacy of mobile devices. • Muraina et al. [17] proposed a framework for preserving data integrity in mobile device forensics. The main purpose of this study was to help mobile forensic investigations in Open Source Software (OSS) environments. 8 Related Works
Analysis Method Hypothetical Scenario • There are somethings to prepare such as installing the target application, Instagram, on the mobile device in the App Store and planning the hypothetical. • Fig. 1 is an overview of the scenario performed by hypothetical suspects. • The first spreader, suspect A, posts a defamation or canard using the photo filter utility inside Instagram, while B checks A’s post in the main feed, i.e., 'following’ and 'like’A. Then, C 'follows’A and posts the same post as A. Fig 1: Overview of Hypothetical Scenario 9
Data Acquisition and Experimental Environment • This method of acquisition is a type of imaging because it copies the device’s file system to bits. • After performing the specific hypothetical activities described above, mobile must be set the mobile device flight mode to block all networks and connection with iTunes to perform backup of the device. • We determined which target device and free software would be suitable for the experiment. • The target device, application and software set for the forensic analysis are shown in Table 1. 10 Analysis Method
Fig 2: Analysis of Workflow Process 11 Analysis Method
Data Analysis • Three files were found to contain information about the user’s activities, using the plist editor and viewer, iBackupBot of VOW software, and iBackup Viewer of iMacTools. The file names are as follows: I. 72b88e49ac4f48605284907l9ld53d474397l00f II. 83bcb5a9e2e253fcdc549d8d33a2a8dd7476f5e0 III. 3l7bdcc8c07fcc4f7078e7d567cd58a474a30de4 • The path of first file is ’com.burbn.instagram.plist’ in the iPhone. • The path of second file is ‘Library/Cookies/Cookies.binarycookies’ in the iPhone file system. • The path of third file is 'group.com.burbn,instagram’ in the iPhone file system. 12
Figs. 3 and 4 are lists of data that can be verified by i BackupBot of the VOW software. Fig 4: Following User list of The Latest Version Fig 3: Following User list of The Previous Version 13 Data Analysis
The details of the contents of each file are shown in Table 2. 14 Data Analysis
Findings in the files Fig 5: Session Information of Cookie File 15 Data Analysis
Fig 6: Information of The Plist File Fig 6: Divice Internal Album Data in File System 16 Data Analysis
Fig 6: Following User List of The Latest Version Changes by Versions Fig 6: Following User List of The Previous Version 17 Data Analysis
Comparison This section presents a comparison with existing research based on an approach consisting of File System, Methodology, Examination, Specific Application, and Scenario. For this paper, we analyzed a specific social network application, Instagram, on the iPhone using a deeper approach than that applied by other papers to specific applications based on a hypothetical scenario. A comparison of the approaches is shown in Table 3. 18 Data Analysis
• We explain how specific data generated by performing activities are stored in the internal memory of a mobile device, and their significance. • This process gave us a partial view of the location and meaning of data left by a specific third-party application. • We found that the backup files on the iPhone can provide meaningful data for third-party applications, such as user information, activity history, and application settings. • The forensic analysis process covered in this research includes a hypothetical scenario, logical data acquisition, and data analysis. • The manufacturers and developers of mobile operating systems and applications need to consider potential forensic solutions in the face of increasing cybercrime, and develop the related forensic tools. Conclusion 19
References • [1]. Alexios Mylonas, Vasilis Meletiadis, Bill Tsoumas, Lilian Mitrou and Dimitris Gritzalis, “Smartphone Forensics: A Proactive Investigation Scheme for Evidence Acquisition.”, a chapter in Information Security and Privacy Research, Vol 376, pp 249-260, Springer Berlin Heidelberg, 2012. • [2]. Alexios Mylonas, Vasilis Meletiadis, Bill Tsoumas, Lilian Mitrou and Dimitris Gritzalis, “Smartphone Forensics: A Proactive Investigation Scheme for Evidence Acquisition.”, a chapter in Information Security and Privacy Research, Vol 376, pp 249-260, Springer Berlin Heidelberg, 2012. • [3]. Jeff Lessard, Gary C. Kessler, “Android Forensics: Simplifying Cell Phone Examinations”, Scale Digital Evidence Forensics Journal Vol.4, September 2010. • [4]. Muhammad Faheem, N-A. Le-Khac, Tahar Kechadi, “Smartphone Forensic Analysis: A Case Study for Obtaining Root Access of an Android Samsung S3 Device and Analyse the Image without an Expensive Commercial Tool”, Journal of Information Security, 2014. • [5]. Android Developers Website. Retrieved on 14 April 2015 from http://developer.android.com/index.html. 20
• [6]. Forensic Magazine Website, “An Introduction to Android Forensics”., Retrieved on 5 May 2015 from http://www.forensicmag.com/articles/2010/04/introduction-android-forensics. • [7]. The Sleuth Kit, Retrievedon 5 March 2015 from http://www.sleuthkit.org/sleuthkit/, • [8]. The Statistics Portal Website, Retrieve on 4 May 2015 from http://www.statista.com. • [9]. Jackson, W., Can digital forensics keep up with Smartphone Tech? Retrieved on 2 April from http://gcn.com/Articles/2014/06/16/forensics-technology-race.aspx?Page=2. • [10]. Networkworld.com, 2015 “Getting Forensics data off Smartphones and Tablets can be Tough”, http://www.networkworld.com/article/2160656/smartphones/getting-forensics-data-off-smartphones--tablets-can-be- tough--experts-say.html, Retrieve 12 March 2015. • [11]. Martin, A., “Mobile Device Forensic”, SANS Forensics White paper, Retrieved on 10 April, 2015 fromhttp://digital-forensics.sans.org/community/papers/gcfa/mobile-device-forensics_3553. • [12] Kubi, Appiah & Saleem, Shahzad & Popov, Oliver. (2015). Evaluation of some tools for extracting e-evidence from mobile devices. Application of Information and Communication Technologies. 21 References
22

Recommandé

A Comparison Study of Android Mobile Forensics for Retrieving Files System
A Comparison Study of Android Mobile Forensics for Retrieving Files SystemA Comparison Study of Android Mobile Forensics for Retrieving Files System
A Comparison Study of Android Mobile Forensics for Retrieving Files SystemCSCJournals
 
On the Availability of Anti-Forensic Tools for Smartphones
On the Availability of Anti-Forensic Tools for SmartphonesOn the Availability of Anti-Forensic Tools for Smartphones
On the Availability of Anti-Forensic Tools for SmartphonesCSCJournals
 
DasGreenPerezMurphy_Paper
DasGreenPerezMurphy_PaperDasGreenPerezMurphy_Paper
DasGreenPerezMurphy_PaperMichael Murphy
 
BEHAVIOR-BASED SECURITY FOR MOBILE DEVICES USING MACHINE LEARNING TECHNIQUES
BEHAVIOR-BASED SECURITY FOR MOBILE DEVICES USING MACHINE LEARNING TECHNIQUESBEHAVIOR-BASED SECURITY FOR MOBILE DEVICES USING MACHINE LEARNING TECHNIQUES
BEHAVIOR-BASED SECURITY FOR MOBILE DEVICES USING MACHINE LEARNING TECHNIQUESijaia
 
Post-Genesis Digital Forensics Investigation
Post-Genesis Digital Forensics InvestigationPost-Genesis Digital Forensics Investigation
Post-Genesis Digital Forensics InvestigationUniversitas Pembangunan Panca Budi
 
Proposed Workable Process Flow with Analysis Framework for Android Forensics ...
Proposed Workable Process Flow with Analysis Framework for Android Forensics ...Proposed Workable Process Flow with Analysis Framework for Android Forensics ...
Proposed Workable Process Flow with Analysis Framework for Android Forensics ...theijes
 
Experimental Analysis of Web Browser Sessions Using Live Forensics Method
Experimental Analysis of Web Browser Sessions Using Live Forensics Method Experimental Analysis of Web Browser Sessions Using Live Forensics Method
Experimental Analysis of Web Browser Sessions Using Live Forensics Method IJECEIAES
 
IOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDY
IOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDYIOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDY
IOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDYIJNSA Journal
 

Recommandé

A Comparison Study of Android Mobile Forensics for Retrieving Files System
A Comparison Study of Android Mobile Forensics for Retrieving Files SystemA Comparison Study of Android Mobile Forensics for Retrieving Files System
A Comparison Study of Android Mobile Forensics for Retrieving Files SystemCSCJournals
 
On the Availability of Anti-Forensic Tools for Smartphones
On the Availability of Anti-Forensic Tools for SmartphonesOn the Availability of Anti-Forensic Tools for Smartphones
On the Availability of Anti-Forensic Tools for SmartphonesCSCJournals
 
DasGreenPerezMurphy_Paper
DasGreenPerezMurphy_PaperDasGreenPerezMurphy_Paper
DasGreenPerezMurphy_PaperMichael Murphy
 
BEHAVIOR-BASED SECURITY FOR MOBILE DEVICES USING MACHINE LEARNING TECHNIQUES
BEHAVIOR-BASED SECURITY FOR MOBILE DEVICES USING MACHINE LEARNING TECHNIQUESBEHAVIOR-BASED SECURITY FOR MOBILE DEVICES USING MACHINE LEARNING TECHNIQUES
BEHAVIOR-BASED SECURITY FOR MOBILE DEVICES USING MACHINE LEARNING TECHNIQUESijaia
 
Post-Genesis Digital Forensics Investigation
Post-Genesis Digital Forensics InvestigationPost-Genesis Digital Forensics Investigation
Post-Genesis Digital Forensics InvestigationUniversitas Pembangunan Panca Budi
 
Proposed Workable Process Flow with Analysis Framework for Android Forensics ...
Proposed Workable Process Flow with Analysis Framework for Android Forensics ...Proposed Workable Process Flow with Analysis Framework for Android Forensics ...
Proposed Workable Process Flow with Analysis Framework for Android Forensics ...theijes
 
Experimental Analysis of Web Browser Sessions Using Live Forensics Method
Experimental Analysis of Web Browser Sessions Using Live Forensics Method Experimental Analysis of Web Browser Sessions Using Live Forensics Method
Experimental Analysis of Web Browser Sessions Using Live Forensics Method IJECEIAES
 
IOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDY
IOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDYIOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDY
IOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDYIJNSA Journal
 
IOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDY
IOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDYIOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDY
IOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDYIJNSA Journal
 
Evidence Gathering and Identification of LINE Messenger on Android Device
Evidence Gathering and Identification of LINE Messenger on Android DeviceEvidence Gathering and Identification of LINE Messenger on Android Device
Evidence Gathering and Identification of LINE Messenger on Android DeviceIJCSIS Research Publications
 
A Survey on Mobile Forensic for Android Smartphones
A Survey on Mobile Forensic for Android SmartphonesA Survey on Mobile Forensic for Android Smartphones
A Survey on Mobile Forensic for Android SmartphonesIOSR Journals
 
C017211519
C017211519C017211519
C017211519IOSR Journals
 
A Survey on Mobile Forensic for Android Smartphones
A Survey on Mobile Forensic for Android SmartphonesA Survey on Mobile Forensic for Android Smartphones
A Survey on Mobile Forensic for Android SmartphonesIOSR Journals
 
Bibliometric Analysis on Computer Vision based Anomaly Detection using Deep L...
Bibliometric Analysis on Computer Vision based Anomaly Detection using Deep L...Bibliometric Analysis on Computer Vision based Anomaly Detection using Deep L...
Bibliometric Analysis on Computer Vision based Anomaly Detection using Deep L...IRJET Journal
 
Client Forensics: An Assessment of Existing Research And Future Directions
Client Forensics: An Assessment of Existing Research And Future DirectionsClient Forensics: An Assessment of Existing Research And Future Directions
Client Forensics: An Assessment of Existing Research And Future DirectionsCSCJournals
 
Applying Data Mining Principles in the Extraction of Digital Evidence
Applying Data Mining Principles in the Extraction of Digital EvidenceApplying Data Mining Principles in the Extraction of Digital Evidence
Applying Data Mining Principles in the Extraction of Digital EvidenceDr. Richard Otieno
 
ICMRI2023_paper_3887.pdf
ICMRI2023_paper_3887.pdfICMRI2023_paper_3887.pdf
ICMRI2023_paper_3887.pdfBurhanNaeem1
 
digital forensic examination of mobile phone data
digital forensic examination of mobile phone datadigital forensic examination of mobile phone data
digital forensic examination of mobile phone dataINFOGAIN PUBLICATION
 
IJWMN -Malware Detection in IoT Systems using Machine Learning Techniques
IJWMN -Malware Detection in IoT Systems using Machine Learning TechniquesIJWMN -Malware Detection in IoT Systems using Machine Learning Techniques
IJWMN -Malware Detection in IoT Systems using Machine Learning Techniquesijwmn
 
MALWARE DETECTION IN IOT SYSTEMS USING MACHINE LEARNING TECHNIQUES
MALWARE DETECTION IN IOT SYSTEMS USING MACHINE LEARNING TECHNIQUESMALWARE DETECTION IN IOT SYSTEMS USING MACHINE LEARNING TECHNIQUES
MALWARE DETECTION IN IOT SYSTEMS USING MACHINE LEARNING TECHNIQUESijwmn
 
Proposed Effective Solution for Cybercrime Investigation in Myanmar
Proposed Effective Solution for Cybercrime Investigation in MyanmarProposed Effective Solution for Cybercrime Investigation in Myanmar
Proposed Effective Solution for Cybercrime Investigation in Myanmartheijes
 
Review on Computer Forensic
Review on Computer ForensicReview on Computer Forensic
Review on Computer ForensicEditor IJCTER
 
New research directions in the area of
New research directions in the area ofNew research directions in the area of
New research directions in the area ofIJCNCJournal
 
Conceptual Study of Mobile Forensics
Conceptual Study of Mobile ForensicsConceptual Study of Mobile Forensics
Conceptual Study of Mobile Forensicsijtsrd
 
Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)AltheimPrivacy
 
Review on effectiveness of deep learning approach in digital forensics
Review on effectiveness of deep learning approach in digital forensicsReview on effectiveness of deep learning approach in digital forensics
Review on effectiveness of deep learning approach in digital forensicsIJECEIAES
 
Ijmet 10 01_095
Ijmet 10 01_095Ijmet 10 01_095
Ijmet 10 01_095IAEME Publication
 
Synopsis
SynopsisSynopsis
SynopsisAnkita Jain
 
School management system project Report.pdf
School management system project Report.pdfSchool management system project Report.pdf
School management system project Report.pdfKamal Acharya
 
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptxA CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptxmaisarahman1
 

Contenu connexe

Similaire à Forensics_1st_Presentation.pptx

IOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDY
IOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDYIOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDY
IOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDYIJNSA Journal
 
Evidence Gathering and Identification of LINE Messenger on Android Device
Evidence Gathering and Identification of LINE Messenger on Android DeviceEvidence Gathering and Identification of LINE Messenger on Android Device
Evidence Gathering and Identification of LINE Messenger on Android DeviceIJCSIS Research Publications
 
A Survey on Mobile Forensic for Android Smartphones
A Survey on Mobile Forensic for Android SmartphonesA Survey on Mobile Forensic for Android Smartphones
A Survey on Mobile Forensic for Android SmartphonesIOSR Journals
 
A Survey on Mobile Forensic for Android Smartphones
A Survey on Mobile Forensic for Android SmartphonesA Survey on Mobile Forensic for Android Smartphones
A Survey on Mobile Forensic for Android SmartphonesIOSR Journals
 
Bibliometric Analysis on Computer Vision based Anomaly Detection using Deep L...
Bibliometric Analysis on Computer Vision based Anomaly Detection using Deep L...Bibliometric Analysis on Computer Vision based Anomaly Detection using Deep L...
Bibliometric Analysis on Computer Vision based Anomaly Detection using Deep L...IRJET Journal
 
Client Forensics: An Assessment of Existing Research And Future Directions
Client Forensics: An Assessment of Existing Research And Future DirectionsClient Forensics: An Assessment of Existing Research And Future Directions
Client Forensics: An Assessment of Existing Research And Future DirectionsCSCJournals
 
Applying Data Mining Principles in the Extraction of Digital Evidence
Applying Data Mining Principles in the Extraction of Digital EvidenceApplying Data Mining Principles in the Extraction of Digital Evidence
Applying Data Mining Principles in the Extraction of Digital EvidenceDr. Richard Otieno
 
ICMRI2023_paper_3887.pdf
ICMRI2023_paper_3887.pdfICMRI2023_paper_3887.pdf
ICMRI2023_paper_3887.pdfBurhanNaeem1
 
digital forensic examination of mobile phone data
digital forensic examination of mobile phone datadigital forensic examination of mobile phone data
digital forensic examination of mobile phone dataINFOGAIN PUBLICATION
 
IJWMN -Malware Detection in IoT Systems using Machine Learning Techniques
IJWMN -Malware Detection in IoT Systems using Machine Learning TechniquesIJWMN -Malware Detection in IoT Systems using Machine Learning Techniques
IJWMN -Malware Detection in IoT Systems using Machine Learning Techniquesijwmn
 
MALWARE DETECTION IN IOT SYSTEMS USING MACHINE LEARNING TECHNIQUES
MALWARE DETECTION IN IOT SYSTEMS USING MACHINE LEARNING TECHNIQUESMALWARE DETECTION IN IOT SYSTEMS USING MACHINE LEARNING TECHNIQUES
MALWARE DETECTION IN IOT SYSTEMS USING MACHINE LEARNING TECHNIQUESijwmn
 
Proposed Effective Solution for Cybercrime Investigation in Myanmar
Proposed Effective Solution for Cybercrime Investigation in MyanmarProposed Effective Solution for Cybercrime Investigation in Myanmar
Proposed Effective Solution for Cybercrime Investigation in Myanmartheijes
 
Review on Computer Forensic
Review on Computer ForensicReview on Computer Forensic
Review on Computer ForensicEditor IJCTER
 
New research directions in the area of
New research directions in the area ofNew research directions in the area of
New research directions in the area ofIJCNCJournal
 
Conceptual Study of Mobile Forensics
Conceptual Study of Mobile ForensicsConceptual Study of Mobile Forensics
Conceptual Study of Mobile Forensicsijtsrd
 
Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)AltheimPrivacy
 
Review on effectiveness of deep learning approach in digital forensics
Review on effectiveness of deep learning approach in digital forensicsReview on effectiveness of deep learning approach in digital forensics
Review on effectiveness of deep learning approach in digital forensicsIJECEIAES
 

Similaire à Forensics_1st_Presentation.pptx (20)

IOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDY
IOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDYIOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDY
IOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDY
 
Evidence Gathering and Identification of LINE Messenger on Android Device
Evidence Gathering and Identification of LINE Messenger on Android DeviceEvidence Gathering and Identification of LINE Messenger on Android Device
Evidence Gathering and Identification of LINE Messenger on Android Device
 
A Survey on Mobile Forensic for Android Smartphones
A Survey on Mobile Forensic for Android SmartphonesA Survey on Mobile Forensic for Android Smartphones
A Survey on Mobile Forensic for Android Smartphones
 
C017211519
C017211519C017211519
C017211519
 
A Survey on Mobile Forensic for Android Smartphones
A Survey on Mobile Forensic for Android SmartphonesA Survey on Mobile Forensic for Android Smartphones
A Survey on Mobile Forensic for Android Smartphones
 
Bibliometric Analysis on Computer Vision based Anomaly Detection using Deep L...
Bibliometric Analysis on Computer Vision based Anomaly Detection using Deep L...Bibliometric Analysis on Computer Vision based Anomaly Detection using Deep L...
Bibliometric Analysis on Computer Vision based Anomaly Detection using Deep L...
 
Client Forensics: An Assessment of Existing Research And Future Directions
Client Forensics: An Assessment of Existing Research And Future DirectionsClient Forensics: An Assessment of Existing Research And Future Directions
Client Forensics: An Assessment of Existing Research And Future Directions
 
Applying Data Mining Principles in the Extraction of Digital Evidence
Applying Data Mining Principles in the Extraction of Digital EvidenceApplying Data Mining Principles in the Extraction of Digital Evidence
Applying Data Mining Principles in the Extraction of Digital Evidence
 
ICMRI2023_paper_3887.pdf
ICMRI2023_paper_3887.pdfICMRI2023_paper_3887.pdf
ICMRI2023_paper_3887.pdf
 
digital forensic examination of mobile phone data
digital forensic examination of mobile phone datadigital forensic examination of mobile phone data
digital forensic examination of mobile phone data
 
IJWMN -Malware Detection in IoT Systems using Machine Learning Techniques
IJWMN -Malware Detection in IoT Systems using Machine Learning TechniquesIJWMN -Malware Detection in IoT Systems using Machine Learning Techniques
IJWMN -Malware Detection in IoT Systems using Machine Learning Techniques
 
MALWARE DETECTION IN IOT SYSTEMS USING MACHINE LEARNING TECHNIQUES
MALWARE DETECTION IN IOT SYSTEMS USING MACHINE LEARNING TECHNIQUESMALWARE DETECTION IN IOT SYSTEMS USING MACHINE LEARNING TECHNIQUES
MALWARE DETECTION IN IOT SYSTEMS USING MACHINE LEARNING TECHNIQUES
 
Proposed Effective Solution for Cybercrime Investigation in Myanmar
Proposed Effective Solution for Cybercrime Investigation in MyanmarProposed Effective Solution for Cybercrime Investigation in Myanmar
Proposed Effective Solution for Cybercrime Investigation in Myanmar
 
Review on Computer Forensic
Review on Computer ForensicReview on Computer Forensic
Review on Computer Forensic
 
New research directions in the area of
New research directions in the area ofNew research directions in the area of
New research directions in the area of
 
Conceptual Study of Mobile Forensics
Conceptual Study of Mobile ForensicsConceptual Study of Mobile Forensics
Conceptual Study of Mobile Forensics
 
Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)
 
Review on effectiveness of deep learning approach in digital forensics
Review on effectiveness of deep learning approach in digital forensicsReview on effectiveness of deep learning approach in digital forensics
Review on effectiveness of deep learning approach in digital forensics
 
Ijmet 10 01_095
Ijmet 10 01_095Ijmet 10 01_095
Ijmet 10 01_095
 
Synopsis
SynopsisSynopsis
Synopsis
 

Dernier

School management system project Report.pdf
School management system project Report.pdfSchool management system project Report.pdf
School management system project Report.pdfKamal Acharya
 
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptxA CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptxmaisarahman1
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Arindam Chakraborty, Ph.D., P.E. (CA, TX)
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayEpec Engineered Technologies
 
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdfAldoGarca30
 
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...drmkjayanthikannan
 
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...HenryBriggs2
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdfKamal Acharya
 
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKARHAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKARKOUSTAV SARKAR
 
Unleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapUnleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapRishantSharmaFr
 
Hospital management system project report.pdf
Hospital management system project report.pdfHospital management system project report.pdf
Hospital management system project report.pdfKamal Acharya
 
DeepFakes presentation : brief idea of DeepFakes
DeepFakes presentation : brief idea of DeepFakesDeepFakes presentation : brief idea of DeepFakes
DeepFakes presentation : brief idea of DeepFakesMayuraD1
 
PE 459 LECTURE 2- natural gas basic concepts and properties
PE 459 LECTURE 2- natural gas basic concepts and propertiesPE 459 LECTURE 2- natural gas basic concepts and properties
PE 459 LECTURE 2- natural gas basic concepts and propertiessarkmank1
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptDineshKumar4165
 
Computer Networks Basics of Network Devices
Computer Networks Basics of Network DevicesComputer Networks Basics of Network Devices
Computer Networks Basics of Network DevicesChandrakantDivate1
 
457503602-5-Gas-Well-Testing-and-Analysis-pptx.pptx
457503602-5-Gas-Well-Testing-and-Analysis-pptx.pptx457503602-5-Gas-Well-Testing-and-Analysis-pptx.pptx
457503602-5-Gas-Well-Testing-and-Analysis-pptx.pptxrouholahahmadi9876
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXssuser89054b
 
Online electricity billing project report..pdf
Online electricity billing project report..pdfOnline electricity billing project report..pdf
Online electricity billing project report..pdfKamal Acharya
 
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best ServiceTamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Servicemeghakumariji156
 

Dernier (20)

School management system project Report.pdf
School management system project Report.pdfSchool management system project Report.pdf
School management system project Report.pdf
 
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptxA CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
 
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced LoadsFEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power Play
 
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
 
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
 
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdf
 
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKARHAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR
 
Unleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapUnleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leap
 
Hospital management system project report.pdf
Hospital management system project report.pdfHospital management system project report.pdf
Hospital management system project report.pdf
 
DeepFakes presentation : brief idea of DeepFakes
DeepFakes presentation : brief idea of DeepFakesDeepFakes presentation : brief idea of DeepFakes
DeepFakes presentation : brief idea of DeepFakes
 
PE 459 LECTURE 2- natural gas basic concepts and properties
PE 459 LECTURE 2- natural gas basic concepts and propertiesPE 459 LECTURE 2- natural gas basic concepts and properties
PE 459 LECTURE 2- natural gas basic concepts and properties
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . ppt
 
Computer Networks Basics of Network Devices
Computer Networks Basics of Network DevicesComputer Networks Basics of Network Devices
Computer Networks Basics of Network Devices
 
457503602-5-Gas-Well-Testing-and-Analysis-pptx.pptx
457503602-5-Gas-Well-Testing-and-Analysis-pptx.pptx457503602-5-Gas-Well-Testing-and-Analysis-pptx.pptx
457503602-5-Gas-Well-Testing-and-Analysis-pptx.pptx
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 
Online electricity billing project report..pdf
Online electricity billing project report..pdfOnline electricity billing project report..pdf
Online electricity billing project report..pdf
 
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best ServiceTamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
 

Forensics_1st_Presentation.pptx

  • 1. Analysis of a Third-Party Application for Mobile Forensic Investigation Authors: Jung Hyun, Ryu Nam Yong Kim, Byoung Wook Kwon, Sang Ki Suk, Jin Ho Park, and Jong Hyuk Park. 1
  • 2. Presented To DR. MOHAMMED NASIR UDDIN Professor Dept. of Computer Science & Engineering Jagannath University Presented By Fatema Akter Roll # B150305017 Dept. of Computer Science & Engineering Jagannath University 2
  • 3. Contents • Abstract • Introduction • Related work • Analysis Method • Data Analysis • Conclusion • Reference 3
  • 4. Abstract • Third-party applications form an important part of the mobile environment. • Digital forensics of mobile third-party applications can provide important evidence to forensics investigators. • This paper presents scenario-based methods of forensic analysis for a specific third-party social networking service application on a specific mobile device. • When applied to certain third-party applications, digital forensics can provide forensic investigators with useful data for the investigation process. • The main purpose of the forensic analysis is to determine whether the general use of third-party applications leaves data in the mobile internal storage. 4
  • 5. Introduction • The deep human desire to communicate more effectively and conveniently has led to the development of the wireless communication technology that we know and use today. • The percentage of social networking applications in the mobile environment is enormous. • In terms of digital forensics, users are more likely to leave traces of social networks, which is a difficult reality for mobile devices and applications. • In addition, each application depends on whether or not the developer intends to leave the data on the device's internal storage. 5
  • 6. Introduction • A simple forensic analysis of mobile devices could be rendered meaningless if the smartphone used to solve a cybercrime is mostly made up of third- party applications [5]. • The main purpose of the mobile forensic analysis presented in this paper is to investigate the forensics issues raised by certain social networking services in iOS, Apple’s mobile device, and to assist in the digital forensic investigation process. • In this paper, we provided the location and meaning of the data left by a third-party application, Instagram, on the internal file system of iPhones. • To contribute to the investigation, we conducted examinations of the latest versions of iOS and various applications in order to resolve the difficulties faced by forensic investigators in the ever-changing mobile phone environment. 6
  • 7. Related Works • The frequent updates and releases of diverse applications pose a considerable challenge to forensic investigators [6]. • These new technologies and updates of mobile operating systems are often distributed and result in a short cycle of production [7]. • New mobile devices, operating systems and applications, and that forensics analysis should be applied to other devices, operating systems, and third-party applications [8]. • A forensic analysis technique that used the backup function of the iPhone, the study is done through the iTunes backup utility for the forensic analysis process [11]. • Analysis of social network applications using the iTunes backup utility. Their study involved a forensic analysis of iOS version 4.3.5 of iPhone 4 [12] . 7
  • 8. • Zdziarski [13] discussed the overall structure of the iPhone's internal and file systems, and presented a wide range of vulnerabilities and security issues relating to the iPhone. • Ahmed and Dharaskar [14] discussed the potential for emerging digital evidence in the mobile environment. • Raghav and Saxena [15] discussed the guidelines, challenges, and data preservation and acquisition in mobile forensics. They have been working to prepare for the growth of mobile cybercrime due to the ever- increasing use of mobile devices. • Stirparo and Kounelis [16] focused on where data is stored and where data can be found in the mobile environment. They proposed a forensic methodology for assessing the privacy of mobile devices. • Muraina et al. [17] proposed a framework for preserving data integrity in mobile device forensics. The main purpose of this study was to help mobile forensic investigations in Open Source Software (OSS) environments. 8 Related Works
  • 9. Analysis Method Hypothetical Scenario • There are somethings to prepare such as installing the target application, Instagram, on the mobile device in the App Store and planning the hypothetical. • Fig. 1 is an overview of the scenario performed by hypothetical suspects. • The first spreader, suspect A, posts a defamation or canard using the photo filter utility inside Instagram, while B checks A’s post in the main feed, i.e., 'following’ and 'like’A. Then, C 'follows’A and posts the same post as A. Fig 1: Overview of Hypothetical Scenario 9
  • 10. Data Acquisition and Experimental Environment • This method of acquisition is a type of imaging because it copies the device’s file system to bits. • After performing the specific hypothetical activities described above, mobile must be set the mobile device flight mode to block all networks and connection with iTunes to perform backup of the device. • We determined which target device and free software would be suitable for the experiment. • The target device, application and software set for the forensic analysis are shown in Table 1. 10 Analysis Method
  • 11. Fig 2: Analysis of Workflow Process 11 Analysis Method
  • 12. Data Analysis • Three files were found to contain information about the user’s activities, using the plist editor and viewer, iBackupBot of VOW software, and iBackup Viewer of iMacTools. The file names are as follows: I. 72b88e49ac4f48605284907l9ld53d474397l00f II. 83bcb5a9e2e253fcdc549d8d33a2a8dd7476f5e0 III. 3l7bdcc8c07fcc4f7078e7d567cd58a474a30de4 • The path of first file is ’com.burbn.instagram.plist’ in the iPhone. • The path of second file is ‘Library/Cookies/Cookies.binarycookies’ in the iPhone file system. • The path of third file is 'group.com.burbn,instagram’ in the iPhone file system. 12
  • 13. Figs. 3 and 4 are lists of data that can be verified by i BackupBot of the VOW software. Fig 4: Following User list of The Latest Version Fig 3: Following User list of The Previous Version 13 Data Analysis
  • 14. The details of the contents of each file are shown in Table 2. 14 Data Analysis
  • 15. Findings in the files Fig 5: Session Information of Cookie File 15 Data Analysis
  • 16. Fig 6: Information of The Plist File Fig 6: Divice Internal Album Data in File System 16 Data Analysis
  • 17. Fig 6: Following User List of The Latest Version Changes by Versions Fig 6: Following User List of The Previous Version 17 Data Analysis
  • 18. Comparison This section presents a comparison with existing research based on an approach consisting of File System, Methodology, Examination, Specific Application, and Scenario. For this paper, we analyzed a specific social network application, Instagram, on the iPhone using a deeper approach than that applied by other papers to specific applications based on a hypothetical scenario. A comparison of the approaches is shown in Table 3. 18 Data Analysis
  • 19. • We explain how specific data generated by performing activities are stored in the internal memory of a mobile device, and their significance. • This process gave us a partial view of the location and meaning of data left by a specific third-party application. • We found that the backup files on the iPhone can provide meaningful data for third-party applications, such as user information, activity history, and application settings. • The forensic analysis process covered in this research includes a hypothetical scenario, logical data acquisition, and data analysis. • The manufacturers and developers of mobile operating systems and applications need to consider potential forensic solutions in the face of increasing cybercrime, and develop the related forensic tools. Conclusion 19
  • 20. References • [1]. Alexios Mylonas, Vasilis Meletiadis, Bill Tsoumas, Lilian Mitrou and Dimitris Gritzalis, “Smartphone Forensics: A Proactive Investigation Scheme for Evidence Acquisition.”, a chapter in Information Security and Privacy Research, Vol 376, pp 249-260, Springer Berlin Heidelberg, 2012. • [2]. Alexios Mylonas, Vasilis Meletiadis, Bill Tsoumas, Lilian Mitrou and Dimitris Gritzalis, “Smartphone Forensics: A Proactive Investigation Scheme for Evidence Acquisition.”, a chapter in Information Security and Privacy Research, Vol 376, pp 249-260, Springer Berlin Heidelberg, 2012. • [3]. Jeff Lessard, Gary C. Kessler, “Android Forensics: Simplifying Cell Phone Examinations”, Scale Digital Evidence Forensics Journal Vol.4, September 2010. • [4]. Muhammad Faheem, N-A. Le-Khac, Tahar Kechadi, “Smartphone Forensic Analysis: A Case Study for Obtaining Root Access of an Android Samsung S3 Device and Analyse the Image without an Expensive Commercial Tool”, Journal of Information Security, 2014. • [5]. Android Developers Website. Retrieved on 14 April 2015 from http://developer.android.com/index.html. 20
  • 21. • [6]. Forensic Magazine Website, “An Introduction to Android Forensics”., Retrieved on 5 May 2015 from http://www.forensicmag.com/articles/2010/04/introduction-android-forensics. • [7]. The Sleuth Kit, Retrievedon 5 March 2015 from http://www.sleuthkit.org/sleuthkit/, • [8]. The Statistics Portal Website, Retrieve on 4 May 2015 from http://www.statista.com. • [9]. Jackson, W., Can digital forensics keep up with Smartphone Tech? Retrieved on 2 April from http://gcn.com/Articles/2014/06/16/forensics-technology-race.aspx?Page=2. • [10]. Networkworld.com, 2015 “Getting Forensics data off Smartphones and Tablets can be Tough”, http://www.networkworld.com/article/2160656/smartphones/getting-forensics-data-off-smartphones--tablets-can-be- tough--experts-say.html, Retrieve 12 March 2015. • [11]. Martin, A., “Mobile Device Forensic”, SANS Forensics White paper, Retrieved on 10 April, 2015 fromhttp://digital-forensics.sans.org/community/papers/gcfa/mobile-device-forensics_3553. • [12] Kubi, Appiah & Saleem, Shahzad & Popov, Oliver. (2015). Evaluation of some tools for extracting e-evidence from mobile devices. Application of Information and Communication Technologies. 21 References
  • 22. 22