Forensic Taxonomy of Android Social Apps

An Android social app taxonomy incorporating artifacts that are of forensic interest will enable users and forensic investigators to identify the personally identifiable information (PII) stored by the apps. In this study, 30 popular Android social apps were examined. Artifacts of forensic interest (e.g., contacts lists, chronology of messages, and timestamp of an added contact) were recovered. In addition, images were located, and Facebook token strings used to tie account identities and gain access to information entered into Facebook by a user were identified. Based on the findings, a two‐dimensional taxonomy of the forensic artifacts of the social apps is proposed. A comparative summary of existing forensic taxonomies of different categories of Android apps, designed to facilitate timely collection and analysis of evidentiary materials from Android devices, is presented.

[1]  E. Casey,et al.  Investigation Delayed Is Justice Denied: Proposals for Expediting Forensic Examinations of Digital Evidence * , 2009, Journal of forensic sciences.

[2]  Ching-Hsien Hsu,et al.  Digital evidence discovery of networked multimedia smart devices based on social networking activities , 2012, Multimedia Tools and Applications.

[3]  Kim-Kwang Raymond Choo,et al.  Dropbox analysis: Data remnants on user machines , 2013, Digit. Investig..

[4]  Lin Liu,et al.  DIGITAL & MULTIMEDIA SCIENCES , 2016 .

[5]  R. Briggs,et al.  Association for Information Systems , 2009 .

[6]  Ali Dehghantanha,et al.  Ubuntu One investigation: Detecting evidences on client machines , 2015, The Cloud Security Ecosystem.

[7]  Marco Furini,et al.  Location privacy and public metadata in social media platforms: attitudes, behaviors and opinions , 2014, Multimedia Tools and Applications.

[8]  Neha S Thakur,et al.  Forensic Analysis of WhatsApp on Android Smartphones , 2013 .

[9]  T. Bartolotta,et al.  A Review of 21 iPad Applications for Augmentative and Alternative Communication Purposes , 2012 .

[10]  Kim-Kwang Raymond Choo,et al.  Android Cache Taxonomy and Forensic Process , 2015, 2015 IEEE Trustcom/BigDataSE/ISPA.

[11]  Samir Chatterjee,et al.  A Taxonomy of mHealth Apps -- Security and Privacy Concerns , 2015, 2015 48th Hawaii International Conference on System Sciences.

[12]  Ali Dehghantanha,et al.  Investigating Social Networking applications on smartphones detecting Facebook, Twitter, LinkedIn and Google+ artefacts on Android and iOS platforms , 2016 .

[13]  Jung-Hyun Lee,et al.  Catching up faster data in digital crime using mobile devices , 2015, Multimedia Tools and Applications.

[14]  Young-Sik Jeong,et al.  Relative weight evaluation of the factors inducing social media service use , 2013, Multimedia Tools and Applications.

[15]  Kim-Kwang Raymond Choo,et al.  Google Drive: Forensic analysis of data remnants , 2014, J. Netw. Comput. Appl..

[16]  Georgios Kambourakis,et al.  A critical review of 7 years of Mobile Device Forensics , 2013, Digit. Investig..

[17]  Jin Kwak,et al.  Digital forensics investigation methodology applicable for social network services , 2014, Multimedia Tools and Applications.

[18]  真鍋 龍太郎,et al.  AIS-Association for Information Systems(国際情報システム学会) , 1996 .

[19]  Nickson M. Karie,et al.  Toward a General Ontology for Digital Forensic Disciplines , 2014, Journal of forensic sciences.

[20]  Daryl Johnson,et al.  Third Party Application Forensics on Apple Mobile Devices , 2011, 2011 44th Hawaii International Conference on System Sciences.

[21]  Kim-Kwang Raymond Choo,et al.  Forensic Taxonomy of Popular Android mHealth Apps , 2015, AMCIS.

[22]  Ali Dehghantanha,et al.  SugarSync forensic analysis , 2016 .

[23]  Paul Benjamin Lowry,et al.  A Longitudinal Study of Information Privacy on Mobile Devices , 2013, 2014 47th Hawaii International Conference on System Sciences.

[24]  Kim-Kwang Raymond Choo,et al.  Cloud storage forensics: ownCloud as a case study , 2013, Digit. Investig..

[25]  Kim-Kwang Raymond Choo,et al.  Privacy Risks in Mobile Dating Apps , 2015, AMCIS.

[26]  Kim-Kwang Raymond Choo,et al.  Cloud Storage Forensic Framework , 2014 .

[27]  Ibrahim Baggili,et al.  Forensic analysis of social networking applications on mobile devices , 2012, Digit. Investig..

[28]  Kim-Kwang Raymond Choo,et al.  Cloud Storage Forensics , 2013, Contemporary Digital Forensic Investigations of Cloud and Mobile Applications.

[29]  Cosimo Anglano,et al.  Forensic analysis of WhatsApp Messenger on Android smartphones , 2014, Digit. Investig..

[30]  Daniele Sgandurra,et al.  A Survey on Security for Mobile Devices , 2013, IEEE Communications Surveys & Tutorials.

[31]  Kim-Kwang Raymond Choo,et al.  Mobile cloud forensics: An analysis of seven popular Android apps , 2015, The Cloud Security Ecosystem.