A FORENSICS ACTIVITY LOGGER TO EXTRACT USER ACTIVITY FROM MOBILE DEVICES
Main Article Content
Abstract
Mobile devices have become one of the most often used tools in everyday life, mostly because of the importance of its apps. In this case, mobile devices become personal trackers for daily activities that provide important information about the user by recording extra data in addition to the user's personal information. As a consequence of this information gathering, several tools are now accessible for use on mobile devices, however each tool is only able to provide discrete details about a certain application or activity. Consequently, the present research proposes a technology that allows investigators to get a detailed report and time line of all operations performed on the device. This report combines data from several sources to generate a unique collection of facts. Furthermore, an example is provided to illustrate how the solution works, highlighting the practicality of the instrument as well as the way in which investigators need to use it.
Downloads
Metrics
Article Details
This work is licensed under a Creative Commons Attribution 4.0 International License.
You are free to:
- Share — copy and redistribute the material in any medium or format for any purpose, even commercially.
- Adapt — remix, transform, and build upon the material for any purpose, even commercially.
- The licensor cannot revoke these freedoms as long as you follow the license terms.
Under the following terms:
- Attribution — You must give appropriate credit , provide a link to the license, and indicate if changes were made . You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
- No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.
Notices:
You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicable exception or limitation .
No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as publicity, privacy, or moral rights may limit how you use the material.
References
H. K. S. Tse, K. P. Chow, and M. Y. K. Kwan, “The next generation for the forensic extraction of electronic evidence from mobile telephones,” Int. Work. Syst. Approaches Digit. Forensics Eng., SADFE, 2014.
K. Barmpatsalou, D. Damopoulos, G. Kambourakis, and V. Katos, “A critical review of 7 years of Mobile Device Forensics,” Digit. Investig., vol. 10, no. 4, pp. 323–349, 2013.
A. Di Iorio, R. Sansevero, and M. Castellote, “La recuperación de la información y la informática forense: Una propuesta de proceso unificado,” no. March, 2013.
M. Taylor, G. Hughes, J. Haggerty, D. Gresty, and P. Almond, “Digital evidence from mobile telephone applications,” Comput. Law Secur. Rev., vol. 28, no. 3, pp. 335–339, 2012.
B. B. Carrier, “Open Source Digital Forensics Tools : The Legal Argument.,” @Stake, no. October, p. 11, 2002.
G. F. Limodio and P. A. Palazzi, “El uso de software abierto para el análisis de la evidencia digital,” 2016.
S. Yadav, K. Ahmad, and J. Shekhar, “Analysis of Digital Forensic Tools and Investigation Process,” High Perform. Archit. Grid …, pp. 435–441, 2011.
A. Shortall and M. A. H. Bin Azhar, “Forensic Acquisitions of WhatsApp Data on Popular Mobile Platforms,” Proc. - 2015 6th Int. Conf. Emerg. Secur. Technol. EST 2015, pp. 13–17, 2016.
T. B. Tajuddin and A. A. Manaf, “Forensic investigation and analysis on digital evidence discovery through physical acquisition on smartphone,” 2015 World Congr. Internet Secur. WorldCIS 2015, pp. 132–138, 2015.
“Welcome to Python.org.” [Online]. Available: https://www.python.org/. [Accessed: 21-Aug-2018].
C. Anglano, M. Canonico, and M. Guazzone, “Forensic analysis of Telegram Messenger on Android smartphones,” Digit. Investig., vol. 23, pp. 31–49, 2017.
C. Anglano, “Forensic analysis of whats app messenger on Android smartphones,” Digit. Investig., vol. 11, no. 3, pp. 201–213, 2014.
T. Alyahya and F. Kausar, “Snapchat Analysis to Discover Digital Forensic Artifacts on Android Smartphone,” Procedia Comput. Sci., vol. 109, pp. 1035–1040, 2017.
D. Walnycky, I. Baggili, A. Marrington, J. Moore, and F. Breitinger, “Network and device forensic analysis of Android social-messaging applications,” Digit. Investig., vol. 14, no. S1, pp. S77–S84, 2015.
I. P. Agus, “Prototyping SMS Forensic Tool Application Based On Digital Forensic Research Workshop 2001 ( DFRWS ) Investigation Model,” 2016.
“Norma UNE 71505-1:2013.” [Online]. Available: https://www.une.org/encuentra-tu-norma/busca-tunorma/norma/?c=N0051411. [Accessed: 21-Aug-2018].
“Andriller | Android Forensic Tools.” [Online]. Available: https://www.andriller.com/. [Accessed: 21-Aug-2018].
“MOBILedit.” [Online]. Available: https://www.mobiledit.com/. [Accessed: 21-Aug-2018].
“Oxygen Forensics - Mobile forensics solutions: software and hardware.” [Online]. Available: https://www.oxygen-forensic.com/en/. [Accessed: 21-Aug-2018].
ISO/IEC, “Information technology — Security techniques — Guidelines for identification, collection, acquisition and preservation of digital evidence.” 202AD.
“ISO/IEC 27037:2012 - Information technology -- Security techniques -- Guidelines for identification, collection, acquisition and preservation of digital evidence.” [Online]. Available: https://www.iso.org/standard/44381.html. [Accessed: 30-Aug-2018].
T. Killalea and D. Brezinski, “Guidelines for Evidence Collection and Archiving.”
“National Institute of Standards and Technology | NIST.” [Online]. Available: https://www.nist.gov/. [Accessed: 30-Aug-2018].
“SWGDE.” [Online]. Available: https://www.swgde.org/. [Accessed: 30- Aug-2018].
Gobierno del Ecuador, “Ley Orgánica de Educación Intercultural.” 2012.
“Kali Linux | Penetration Testing and Ethical Hacking Linux Distribution.” [Online]. Available: https://www.kali.org/. [Accessed: 21- Aug-2018].