Proposed Method for Mobile Forensics Investigation Analysis of Remnant Data on Google Drive Client

The best known software developers all offer cloud storage services. Microsoft offers Onedrive to its users, Apple offers iCloud Drive and Google offers Google Drive or GDrive. The battle between these software developers is ongoing and they will always strive to give the best services to their users. It is not only technology that is evolving, however, but also ways in which security can be breached and data abused. The security of information on the Internet is increasingly at risk and there are many threats to cloud storage platforms. This research used the mobile forensics approach to help in identifying and analyzing user behavior that may occur while using GDrive application for cybercrime. The novelty of comparison and analyzing methods performed in this research can help to find remnant data from all activities performed by GDrive users in Android smartphones. Hence, this proposed method can assist investigators in finding remnant data on GDrive client and can provide knowledge for legal practitioners.

[1]  Soo Young Shin,et al.  Android forensics analysis: Private chat on social messenger , 2016, 2016 Eighth International Conference on Ubiquitous and Future Networks (ICUFN).

[2]  Hai-Cheng Chu,et al.  Live Information Discovery of the P2P Instant Messaging Based on Skype's Finger Printing , 2010 .

[3]  Vassil Roussev,et al.  Forensic analysis of cloud-native artifacts , 2016 .

[4]  Eoghan Casey,et al.  Digital Evidence and Computer Crime , 2000 .

[5]  Mark John Taylor,et al.  Forensic investigation of cloud computing systems , 2011, Netw. Secur..

[6]  Toshihiro Yamauchi,et al.  VMM-Based Log-Tampering and Loss Detection Scheme , 2012 .

[7]  Soo Young Shin,et al.  Identifying artefact on Microsoft OneDrive client to support Android forensics , 2017, Int. J. Electron. Secur. Digit. Forensics.

[8]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[9]  Timothy P. Kosiba Handbook of Computer Crime Investigation: Forensic Tools and Technology , 2003 .

[10]  Andrew Hoog Android forensics : investigation, analysis, and mobile security for Google Android / Andrew Hoog ; John McCash, technical editor. , 2011 .

[11]  Kim-Kwang Raymond Choo,et al.  Cloud Storage Forensics , 2013, Contemporary Digital Forensic Investigations of Cloud and Mobile Applications.

[12]  Kim-Kwang Raymond Choo,et al.  Google Drive: Forensic analysis of data remnants , 2014, J. Netw. Comput. Appl..

[13]  Rodney McKemmish,et al.  When is Digital Evidence Forensically Sound? , 2008, IFIP Int. Conf. Digital Forensics.

[14]  Christoph Wegener,et al.  Technical Issues of Forensic Investigations in Cloud Computing Environments , 2011, 2011 Sixth IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering.

[15]  Kim-Kwang Raymond Choo,et al.  Forensic collection of cloud storage data: Does the act of collection result in changes to the data or its metadata? , 2013, Digit. Investig..