Forensic methods for detection of deniable encryption in mobile networks (original) (raw)

Related papers

Doi: 10.2298/FUEE1202121S the Importance and the Role of Forensics of Mobile

2016

Abstract. Scientific-technological development, along with initiating integrative forces that offer improvement of the quality of human life, concurrently created prerequisites for individuals to exploit certain innovations for performing criminal activities. Modern criminals wander through electronic networks, and assisted by high technology, perform a variety of criminal acts and “launder ” large sums of money. Computer forensics is a technological, systemic control of the computer system and its content for the purpose of gathering evidence of a criminal act or other abuse that it has been used for. Digital forensics requires particular expertise that goes beyond traditional data collection, as well as employment of techniques available to the final user or system support personnel. In this context, this article examines principles, methods and procedures in mobile device investigation, which nowadays represent a multifunctional, powerful computer weapon, and considers the necess...

Forensic analysis of the ChatSecure instant messaging application on android smartphones

Abstract We present the forensic analysis of the artifacts generated on Android smartphones by ChatSecure, a secure Instant Messaging application that provides strong encryption for transmitted and locally-stored data to ensure the privacy of its users. We show that ChatSecure stores local copies of both exchanged messages and files into two distinct, AES-256 encrypted databases, and we devise a technique able to decrypt them when the secret passphrase, chosen by the user as the initial step of the encryption process, is known. Furthermore, we show how this passphrase can be identified and extracted from the volatile memory of the device, where it persists for the entire execution of ChatSecure after having been entered by the user, thus allowing one to carry out decryption even if the passphrase is not revealed by the user. Finally, we discuss how to analyze and correlate the data stored in the databases used by ChatSecure to identify the \{IM\} accounts used by the user and his/her buddies to communicate, as well as to reconstruct the chronology and contents of the messages and files that have been exchanged among them. For our study we devise and use an experimental methodology, based on the use of emulated devices, that provides a very high degree of reproducibility of the results, and we validate the results it yields against those obtained from real smartphones.

Forensic analysis in Mobile Cloud Computing Architecture

Digital Forensics 4n6, 2020

Data has become a bigger challenge to handle in mobile networks, today. In case of mobile devices data needs to be processed in large amounts so insufficient space issues may occur in case of low hardware configurations. For this, cloud platform provides ease of migrating apps to various places without giving platform dependency, space issues and also giving better data processing on low hardware costs. But is highly susceptible to malware attacks and data loss due to various factors and in case of digital data forensics becomes a greater challenge. In this paper, we present an overview of MCC and digital forensics, focusing on its key aspects and significant forensic challenges faced by digital investigators in MCC. The purpose of this paper is to provide a comprehensive understanding about forensic research challenges and redirect researchers towards new research areas.

Mobile Forensics: Beyond Traditional Sources of Digital Evidence

2020

Mobility is the future and people of the 21st century are continuously witnessing the fast-paced growth of mobile technology. The ever-increasing storage capacity of mobile devices allows for the capturing of the user activities in digital format. Traditionally, such digital data include contacts, text and instant messages, call history, electronic mail, web browsing history, documents and geographical data. These rich sources of digital data present on mobile devices become increasingly important when mobile devices are linked to civil or criminal digital investigations. However, these sheer quantities of traditional digital data available on mobile devices often cause other forms of noteworthy digital data to go unnoticed. This paper investigates and identifies other available sources of digital data present on mobile devices that can be of value to digital forensic investigations. The study focuses exclusively on the Android operating system and presents an extensive evaluation o...