Investigating Social Networking applications on smartphones detecting Facebook, Twitter, LinkedIn and Google+ artefacts on Android and iOS platforms

The rapid growth in usage and application of Social Networking (SN) platforms make them a potential target by cyber criminals to conduct malicious activities such as identity theft, piracy, illegal trading, sexual harassment, cyber stalking and cyber terrorism. Many SN platforms are extending their services to mobile platforms, making them an important source of evidence in cyber investigation cases. Therefore, understanding the types of potential evidence of users’ SN activities available on mobile devices is crucial to forensic investigation and research. In this paper, we examine four popular SN applications: Facebook, Twitter, LinkedIn and Google+, on Android and iOS platforms, to detect remnants of users’ activities that are of forensic interest. We detect a variety of artefacts (e.g. usernames, passwords, login information, personal information, uploaded posts, exchanged messages and uploaded comments from SN applications) that could facilitate a criminal investigation.

[1]  Georgios Kambourakis,et al.  iSAM: An iPhone Stealth Airborne Malware , 2011, SEC.

[2]  Nicolas Christin,et al.  Toward a general collection methodology for Android devices , 2011, Digit. Investig..

[3]  Cosimo Anglano,et al.  Forensic analysis of WhatsApp Messenger on Android smartphones , 2014, Digit. Investig..

[4]  Mats Engman Forensic investigations of Apple's iPhone , 2013 .

[5]  Kim-Kwang Raymond Choo,et al.  Digital droplets: Microsoft SkyDrive forensic data remnants , 2013, Future Gener. Comput. Syst..

[6]  Martin S Olivier,et al.  Acquisition of a Symbian Smart phone’s Content with an On-Phone Forensic Tool , 2007 .

[7]  Tim Storer,et al.  A comparison of forensic evidence recovery techniques for a windows mobile smart phone , 2011, Digit. Investig..

[8]  Shiuh-Jeng Wang,et al.  iPhone social networking for evidence investigations using iTunes forensics , 2012, ICUIMC.

[9]  John Haggerty,et al.  Forensic investigation of social networking applications , 2014, Netw. Secur..

[10]  Danah Boyd,et al.  Social Network Sites: Definition, History, and Scholarship , 2007, J. Comput. Mediat. Commun..

[11]  Kim-Kwang Raymond Choo,et al.  Google Drive: Forensic analysis of data remnants , 2014, J. Netw. Comput. Appl..

[12]  Georgios Kambourakis,et al.  A critical review of 7 years of Mobile Device Forensics , 2013, Digit. Investig..

[13]  Kim-Kwang Raymond Choo,et al.  Mobile cloud forensics: An analysis of seven popular Android apps , 2015, The Cloud Security Ecosystem.

[14]  Kim-Kwang Raymond Choo,et al.  iOS Forensics: How Can We Recover Deleted Image Files with Timestamp in a Forensically Sound Manner? , 2013, 2013 International Conference on Availability, Reliability and Security.

[15]  Sean Morrissey,et al.  iOS Forensic Analysis: for iPhone, iPad, and iPod touch , 2010 .

[16]  Andrew Hoog Android forensic techniques , 2011 .

[17]  Sangjin Lee,et al.  Sensitive Privacy Data Acquisition in the iPhone for Digital Forensic Analysis , 2011 .

[18]  Ibrahim Baggili,et al.  Forensic analysis of social networking applications on mobile devices , 2012, Digit. Investig..

[19]  Miroslav Baca,et al.  Forensic analysis of social networks (case study) , 2013, Proceedings of the ITI 2013 35th International Conference on Information Technology Interfaces.

[20]  Chris Hutchings,et al.  Commercial use of Facebook and Twitter – risks and rewards , 2012 .

[21]  Stilianos Vidalis,et al.  Towards ‘Crime Specific’ Digital Investigation Frameworks , 2013 .

[22]  Katharina Wagner,et al.  Digital Evidence And Computer Crime Forensic Science Computers And The Internet , 2016 .

[23]  Ibrahim Baggili,et al.  iPhone 3GS Forensics: Logical analysis using Apple iTunes Backup Utility , 2010 .

[24]  Linda Volonino,et al.  A Framework for the E-Discovery of Social Media Content in the United States , 2013, Inf. Syst. Manag..

[25]  Kim-Kwang Raymond Choo,et al.  An integrated conceptual digital forensic framework for cloud computing , 2012, Digit. Investig..

[26]  Gary C. Kessler,et al.  Android forensics: Simplifying cell phone examinations , 2010 .

[27]  Kim-Kwang Raymond Choo,et al.  Remote Programmatic vCloud Forensics: A Six-Step Collection Process and a Proof of Concept , 2014, 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications.

[28]  Sangjin Lee,et al.  A study of user data integrity during acquisition of Android devices , 2013, Digit. Investig..

[29]  Andrew Hoog Android forensics : investigation, analysis, and mobile security for Google Android / Andrew Hoog ; John McCash, technical editor. , 2011 .

[30]  Kim-Kwang Raymond Choo,et al.  Distributed filesystem forensics: XtreemFS as a case study , 2014, Digit. Investig..

[31]  Georgios Kambourakis,et al.  From keyloggers to touchloggers: Take the rough with the smooth , 2013, Comput. Secur..

[32]  Huwida Said,et al.  IPhone forensics techniques and crime investigation , 2011, The 2011 International Conference and Workshop on Current Trends in Information Technology (CTIT 11).

[33]  Kim-Kwang Raymond Choo,et al.  Dropbox analysis: Data remnants on user machines , 2013, Digit. Investig..

[34]  Golden G. Richard,et al.  Acquisition and analysis of volatile memory from android devices , 2012, Digit. Investig..

[35]  Georgios Kambourakis,et al.  Exposing mobile malware from the inside (or what is your mobile app really doing?) , 2014, Peer-to-Peer Netw. Appl..

[36]  Richard P. Ayers,et al.  Guidelines on Mobile Device Forensics , 2014 .

[37]  David Llewellyn-Jones,et al.  A Digital Forensic Investigation Model for Online Social Networking , 2010 .

[38]  H. Raghav Rao,et al.  Extent of private information disclosure on online social networks: An exploration of Facebook mobile phone users , 2013, Comput. Hum. Behav..

[39]  Kim-Kwang Raymond Choo,et al.  Exfiltrating data from Android devices , 2015, Comput. Secur..

[40]  Kim-Kwang Raymond Choo,et al.  Conceptual evidence collection and analysis methodology for Android devices , 2015, The Cloud Security Ecosystem.

[41]  Kim-Kwang Raymond Choo,et al.  Mobile device forensics: a snapshot , 2013 .

[42]  Ali Dehghantanha,et al.  Ubuntu One investigation: Detecting evidences on client machines , 2015, The Cloud Security Ecosystem.