Identification of Whatsapp Digital Evidence on Android Smartphones using The Android Backup APK (Application Package Kit) Downgrade Method

Sulisdyantoro, Deny; Marzuki, Marza Ihsan

doi:10.51662/jiae.v3i1.70

Cited by 1 publication

(1 citation statement)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These studies have yielded valuable insights into call metadata including the timestamp, duration, and IP address used during calls. In recent research endeavors, two studies, [23] focused on the Identification of WhatsApp Digital Evidence on Android Smartphones using The Android Backup Application Package Kit (APK) Downgrade Method, and [24] aimed at Enabling the forensic study of applicationlevel encrypted data in Android via a Frida-based decryption framework. Both studies present methodologies for extracting artifacts from mobile devices, with a caveat that physical device access is mandatory, and the analysis is limited to a single application within the Android platform.…”

Section: Related Workmentioning

confidence: 99%

VoIP Network Forensics of Instant Messaging Calls

Sarhan,

Youness,

Bahaa-Eldin

et al. 2024

IEEE Access

View full text Add to dashboard Cite

Digital forensics is a prime professional field for law enforcement organizations. This is also a major active research topic in cybersecurity. Although traffic and content analysis are leading tasks in this field, most Internet traffic is now encrypted, making traditional content analysis impossible. Furthermore, instant messaging (IM) applications have become increasingly popular for communication between individuals and groups. However, IM conversations can be used for illicit activities such as planning criminal activities or exchanging sensitive information. In such cases, law enforcement agencies may need to perform VoIP forensics to identify suspects involved in conversations. This study proposes a network forensic approach (NFA) for correlating IM calls to identify the IP addresses of suspects. The approach involves capturing and analyzing IM call data, correlating the data with other network traffic, and using the correlation to identify suspects' IP addresses. The proposed approach was tested on real-world IM call data and yielded promising results. The network forensics approach for VoIP is superior to other approaches that need physical access to the end-users' devices, making NFA suitable for early crime detection and in situations where the devices may have been destroyed or burnt. The proposed method attained a success rate of 92.5% in identifying voice IM calls and providing information about the participants involved in the calls.

show abstract

Section: Related Workmentioning

confidence: 99%