CFP last date
20 January 2025
Reseach Article

Forensic Analysis of Instant Messenger Applications on Android Devices

by Aditya Mahajan, M. S. Dahiya, H. P. Sanghvi
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 68 - Number 8
Year of Publication: 2013
Authors: Aditya Mahajan, M. S. Dahiya, H. P. Sanghvi
10.5120/11602-6965

Aditya Mahajan, M. S. Dahiya, H. P. Sanghvi . Forensic Analysis of Instant Messenger Applications on Android Devices. International Journal of Computer Applications. 68, 8 ( April 2013), 38-44. DOI=10.5120/11602-6965

@article{ 10.5120/11602-6965,
author = { Aditya Mahajan, M. S. Dahiya, H. P. Sanghvi },
title = { Forensic Analysis of Instant Messenger Applications on Android Devices },
journal = { International Journal of Computer Applications },
issue_date = { April 2013 },
volume = { 68 },
number = { 8 },
month = { April },
year = { 2013 },
issn = { 0975-8887 },
pages = { 38-44 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume68/number8/11602-6965/ },
doi = { 10.5120/11602-6965 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:27:18.777913+05:30
%A Aditya Mahajan
%A M. S. Dahiya
%A H. P. Sanghvi
%T Forensic Analysis of Instant Messenger Applications on Android Devices
%J International Journal of Computer Applications
%@ 0975-8887
%V 68
%N 8
%P 38-44
%D 2013
%I Foundation of Computer Science (FCS), NY, USA
Abstract

The modern day Smartphone's have built in apps like "WhatsApp & Viber" which allow users to exchange instant messages, share videos, audio's and images via Smartphone's instead of relying on their desktop Computers or laptop thereby increasing the portability and convenience for a layman smart phone user. An Instant Messenger (IM) can serve as a very useful yet very dangerous platform for the victim and the suspect to communicate. The increased use of Instant messengers on Android phones has turned to be the goldmine for mobile and computer forensic experts. Traces and Evidence left by applications can be held on Android phones and retrieving those potential evidences with right forensic technique is strongly required. This paper focuses on conducting forensic data analysis of 2 widely used IMs applications on Android phones: WhatsApp and Viber. 5 Android phones were analyzed covering 3 different versions of Android OS: Froyo (2. 2), GingerBread (2. 3. x) and Ice-Cream Sandwich (4. 0. x). The tests and analysis were performed with the aim of determining what data and information can be found on the device's internal memory for instant messengers e. g. chat messaging logs and history, send & received image or video files, etc. Determining the location of data found from FileSystem Extraction of the device was also determined. The experiments and results show that heavy amount of potential evidences and valuable data can be found on Android phones by forensic investigators.

References
  1. Alfred Kobsa, Sameer Patil, Bertolt Meyer. (2012). Privacy in Instant Messaging: An Impression Management Model. http://www. ics. uci. edu/~kobsa/papers/2012-B&IT-kobsa. pdf
  2. Mohammad Iftekhar Husain, Ramalingam Sridhar (2010) iForensics: Forensic Analysis of Instant Messaging on Smart Phones http://link. springer. com/chapter/10. 1007%2F978-3-642-115349n_2?LI =true#
  3. Android Encryption https://viaforensics. com/category/android-forensics/
  4. Al-Zarouni, Marwan (2006). "Mobile Handset Forensic Evidence: A Challenge for Law Enforcement". http://ro. ecu. edu. au/cgi/viewcontent. cgi?article=1023&context=adf
  5. January 2009, Test Results for Mobile Device Acquisition Tool: Cellebrite UFED 1. 1. 05 by National Institute of Standards and Technology [NIST]. Available at http://www. ncjrs. gov/pdffiles1/nij/228220. pdf
  6. October 2012, Test Results for Mobile Device Acquisition Tool: CelleBrite UFED 1. 1. 8. 6 -- Report Manager 1. 8. 3/UFED Physical Analyzer 2. 3. 0 by National Institute of Standards and Technology [NIST]. Available at http://ncjrs. gov/pdffiles1/nij/238993. pdf
  7. Noora Al Mutawa, Ibrahim Baggili, Andrew Marrington (2012), Digital Investigation (Elsevier), Available at http://www. dfrws. org/2012/proceedings/DFRWS2012-3. pdf
  8. Kailash Kumar, Sanjeev Sofat, S. K. Jain, Naveen Aggarwal (2012). Significance of Hash Value Generation in Digital Forensic: A Case Study. International Journal of Engineering Research and Development. Available at: http://www. ijerd. com/paper/vol2-issue5/I02056470. pdf.
  9. Curran, K. , Robinson, A. , Peacocke, S. , Cassidy, S. (2010) Mobile Phone Forensic Analysis, International Journal of Digital Crime and Forensics, Vol. 2, No. 2, pp:, April-May 2010, ISSN: 1941-6210, IGI Pub
  10. Timothy Vidas, Chengye Zhang, Nicolas Christin (2011). Toward a general collection methodology for Android devices. Available at: http://www. sciencedirect. com/science/article/pii/S1742287611000272
  11. Andre Morum de L. Simao, Fabio Caus Sicoli, Laerte Peotta de Melo, (2011) ACQUISITION OF DIGITAL EVIDENCE IN ANDROID SMARTPHONE. Available at http://igneous. scis. ecu. edu. au/proceedings/2011/adf/9thADFProceedings. pdf#page=122
Index Terms

Computer Science
Information Sciences

Keywords

SmartPhone Forensics Android Forensics WhatsApp Forensics Viber Forensics Instant Messenger Forensics