Forensic Analysis of Popular Social Media Applications on Android Smartphones

Year 2021, Volume: 9 Issue: 4, 386 - 397, 30.10.2021

Fatma Güneş Eriş , Erhan Akbal

https://doi.org/10.17694/bajece.761271

Cited By: 6

Abstract

The use of mobile devices as an evidence of crime has increased. Social network forensics is a branch of science that includes accessing and analyzing many personal data that may contain evidence on social networks. Considering the multiplicity of personal data artefact by social networking applications in mobile devices, the importance of examining social media applications in mobile devices emerges. In this study, the necessary processes for the forensic investigation of mobile devices are examined, the necessary procedures for data extraction from mobile devices are explained and it is revealed how the analysis of social media applications in terms of forensic information in mobile devices should be realized. In the application part of the study, the most widely used mobile operating systems on android devices with android operating prompts; Facebook, WhatsApp Messenger, Instagram, Twitter applications have been installed, basic user behavior analysis of devices that have been performed. During the investigation phase, Oxygen Forensic, Paraben E3: DS and Magnet Axiom were used as tools for manual data extraction and mobile forensic information. The obtained data by both methods are shown comparatively.

Keywords

Mobile Forensics, Social Media Applications, Android OS, Instant messaging

References

• [1] Global digital report 2018. Retrieved 22.04.2018, from https://wearesocial.com/blog/2018/01/global-digital-report-2018
• [2] Casey, E. (2011). Digital evidence and computer crime: Forensic science, computers, and the internet: Academic press.
• [3] Lohiya, R., John, P., & Shah, P. (2015). Survey on mobile forensics. International Journal of Computer Applications, 118(16).
• [4] Jansen, W., & Ayers, R. (2007). Guidelines on cell phone forensics. NIST Special Publication, 800(101), 800-101.
• [5] Lin, I.-L., Chao, H.-C., & Peng, S.-H. (2011). Research of digital evidence forensics standard operating procedure with comparison and analysis based on smart phone. Paper presented at the Broadband and Wireless Computing, Communication and Applications (BWCCA), 2011 International Conference on.
• [6] Murphy, C. A. (2009). Developing process for mobile device forensics. SANS Digital Forensics and Incident Response.
• [7] Sadiq, M., Iqbal, M. S., Sajad, M., Naveed, K., & Malip, A. (2016). Mobile devices forensics investigation: process models and comparison. Theoretical & Applied Science(1), 164-168.
• [8] Ali, A., Razak, S. A., Othman, S. H., Mohammed, A., & Saeed, F. (2017). A metamodel for mobile forensics investigation domain. PloS one, 12(4), e0176223.
• [9] Hassan, M., & Pantaleon, L. (2017). An investigation into the impact of rooting android device on user data integrity. Paper presented at the Emerging Security Technologies (EST), 2017 Seventh International Conference on.
• [10] Wu, S., Zhang, Y., Wang, X., Xiong, X., & Du, L. (2017). Forensic analysis of WeChat on Android smartphones. Digital Investigation, 21, 3-10.
• [11] Ovens, K. M., & Morison, G. (2016). Forensic analysis of kik messenger on ios devices. Digital Investigation, 17, 40-52.
• [12] Gregorio, J., Gardel, A., & Alarcos, B. (2017). Forensic analysis of telegram messenger for windows phone. Digital Investigation, 22, 88-106.
• [13] Anglano, C. (2014). Forensic analysis of WhatsApp Messenger on Android smartphones. Digital Investigation, 11(3), 201-213.
• [14] Norouzizadeh Dezfouli, F., Dehghantanha, A., Eterovic-Soric, B., & Choo, K.-K. R. (2016). Investigating Social Networking applications on smartphones detecting Facebook, Twitter, LinkedIn and Google+ artefacts on Android and iOS platforms. Australian journal of forensic sciences, 48(4), 469-488.
• [15] Martini, B., & Choo, K.-K. R. (2012). An integrated conceptual digital forensic framework for cloud computing. Digital Investigation, 9(2), 71-80.
• [16] Cahyani, N. D. W., Ab Rahman, N. H., Glisson, W. B., & Choo, K.-K. R. (2017). The role of mobile forensics in terrorism investigations involving the use of cloud storage service and communication apps. Mobile Networks and Applications, 22(2), 240-254.
• [17] Daryabar, F., Dehghantanha, A., Eterovic-Soric, B., & Choo, K.-K. R. (2016). Forensic investigation of OneDrive, Box, GoogleDrive and Dropbox applications on Android and iOS devices. Australian journal of forensic sciences, 48(6), 615-642.
• [18] Azfar, A., Choo, K. K. R., & Liu, L. (2017). Forensic taxonomy of Android social apps. Journal of forensic sciences, 62(2), 435-456.
• [19] Bommisetty, S., Tamma, R., & Mahalik, H. (2014). Practical mobile forensics: Packt Publishing Ltd.
• [20] Carrier, B. (2005). File system forensic analysis. Addison-Wesley Professional.
• [21] Al Mutawa, N., Baggili, I., & Marrington, A. (2012). Forensic analysis of social networking applications on mobile devices. Digital Investigation, 9, S24-S33.
• [22] Cohen, M., Garfinkel, S., & Schatz, B. (2009). Extending the advanced forensic format to accommodate multiple data sources, logical evidence, arbitrary information and forensic workflow. Digital Investigation, 6, S57-S68.
• [23] Kausar, F., & Alyahya, T. N. (2016). Analysis of Physical Image Acquisition Forensic Tools for Android Smartphones. International Journal of Computer Science and Network Security (IJCSNS), 16(11), 38.
• [24] Aquila, I., Sacco, M., Gratteri, S., Sirianni, M., De Fazio, P., & Ricci, P. (2017). The “Social-Mobile Autopsy”: The Evolution of Psychological Autopsy with New Technologies in Forensic Investigations on Suicide. Legal Medicine.
• [25] Ogazi-Onyemaechi, B. C., Dehghantanha, A., & Choo, K.-K. (2017). Performance of android forensics data recovery tools Contemporary Digital Forensic Investigations of Cloud and Mobile Applications (pp. 91-110): Elsevier.
• [26] Quick, D., & Choo, K.-K. R. (2017). Pervasive social networking forensics: intelligence and evidence from mobile device extracts. Journal of Network and Computer Applications, 86, 24-33.
• [27] AKBAL, E., DOĞAN, Ş., & BALOĞLU, İ. Android İşletim Sisteminde WhatsApp Uygulamasının Adli Bilişim Açısından İncelenmesi. Bilişim Teknolojileri Dergisi, 11(2), 147-156.
• [28] Akbal, E., Baloglu, I., Tuncer, T., & Dogan, S. (2019). Forensic analysis of BiP Messenger on android smartphones. Australian Journal of Forensic Sciences, 1-20.