ABSTRACT As the utilization rate of smart device increases, various applications for smart device have been developed. Since these applications can contain important data related to user behavio rs in digital forensic perspective, the analysis of them should be conducted in advance. However, lots of applications get to have new data format or type when they are updated. Therefore, whether the applications are updated or not should be checked o ne by one, and if they are, whether their data are changed should be also analyzed. But observing application data repeatedly is a time-consuming task, and that is why the effective method for dealing with this problem is needed. This paper suggests the automatic system which gets updated inf ormation and checks changed data by collecting application information. Keywords: Digital Forensics, Smartphone Forensics, Android Forensics, An droid Application, Android Data Acquisition접수일(2013년 12월 19일), 수정일(2014년 1월 15일), 게재확정일(2014년 1월 16일)* 본 연구는 2013년도 정부(미래창조과학부)의 재원으로 한국연구재단-공공복지안전사업의 지원을 받아 수행되었습니다. [2012M3A2A1051106]†주저자, timemachine@korea.ac.kr‡교신저자, sangjin@korea.ac.kr(Corresponding author)
[1]
Andrew Hunt,et al.
Automated identification of installed malicious Android applications
,
2013,
Digit. Investig..
[2]
Kim-Kwang Raymond Choo,et al.
Dropbox analysis: Data remnants on user machines
,
2013,
Digit. Investig..
[3]
Nicolas Christin,et al.
Toward a general collection methodology for Android devices
,
2011,
Digit. Investig..
[4]
Ralf D. Brown.
Reconstructing corrupt DEFLATEd files
,
2011
.
[5]
Sangjin Lee,et al.
A study of user data integrity during acquisition of Android devices
,
2013,
Digit. Investig..
[6]
Steve Mead,et al.
Unique file identification in the National Software Reference Library
,
2006,
Digit. Investig..
[7]
Sangjin Lee,et al.
Forensic analysis techniques for fragmented flash memory pages in smartphones
,
2012,
Digit. Investig..