Social Networks IM Forensics: Encryption Analysis

Barghouthy, Nedaa Al; Said, Huwida

doi:10.12720/jcm.8.11.708-715

Cited by 26 publications

(12 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Messenger, and Google Talk) on the iOS platform. (Al Barghuthi and Said, 2013) presents the analysis of several IM applications on various smartphone platforms, aimed at identifying the encryption algorithms used by them. (Tso et al, 2012) discusses the analysis of iTunes backups for iOS devices aimed at identifying the artifacts left by various social network applications.…”

Section: Related Workmentioning

confidence: 99%

Forensic analysis of the ChatSecure instant messaging application on android smartphones

Anglano

Canonico

Guazzone

2016

Digital Investigation

View full text Add to dashboard Cite

We present the forensic analysis of the artifacts generated on Android smartphones by ChatSecure, a secure Instant Messaging application that provides strong encryption for transmitted and locally-stored data to ensure the privacy of its users.We show that ChatSecure stores local copies of both exchanged messages and files into two distinct, AES-256 encrypted databases, and we devise a technique able to decrypt them when the secret passphrase, chosen by the user as the initial step of the encryption process, is known.Furthermore, we show how this passphrase can be identified and extracted from the volatile memory of the device, where it persists for the entire execution of ChatSecure after having been entered by the user, thus allowing one to carry out decryption even if the passphrase is not revealed by the user. Finally, we discuss how to analyze and correlate the data stored in the databases used by ChatSecure to identify the IM accounts used by the user and his/her buddies to communicate, as well as to reconstruct the chronology and contents of the messages and files that have been exchanged among them.For our study we devise and use an experimental methodology, based on the use of emulated devices, that provides a very high degree of reproducibility of the results, and we validate the results it yields against those obtained from real smartphones.

show abstract

Section: Related Workmentioning

confidence: 99%

Forensic analysis of the ChatSecure instant messaging application on android smartphones

Anglano

Canonico

Guazzone

2016

Digital Investigation

View full text Add to dashboard Cite

show abstract

“…Their work differs from ours for both the IM applications and the smartphone platform it considers. [2] focus on the analysis of several IM applications (including WhatsApp Messenger) on various smartphone platforms, including Android, with the aim of identifying the encryption algorithms used by them. Their work, unlike ours, does not deal with the identification, analysis, and correlation of all the artifacts generated by WhatsApp Messenger.…”

Section: Related Workmentioning

confidence: 99%

Forensic analysis of WhatsApp Messenger on Android smartphones

Anglano

2014

Digital Investigation

170

View full text Add to dashboard Cite

We present the forensic analysis of the artifacts left on Android devices by WhatsApp Messenger, the client of the WhatsApp instant messaging system. We provide a complete description of all the artifacts generated by WhatsApp Messenger, we discuss the decoding and the interpretation of each one of them, and we show how they can be correlated together to infer various types of information that cannot be obtained by considering each one of them in isolation.By using the results discussed in this paper, an analyst will be able to reconstruct the list of contacts and the chronology of the messages that have been exchanged by users. Furthermore, thanks to the correlation of multiple artifacts, (s)he will be able to infer information like when a specific contact has been added, to recover deleted contacts and their time of deletion, to determine which messages have 1 arXiv:1507.07739v1 [cs.CR] 28 Jul 2015 been deleted, when these messages have been exchanged, and the users that exchanged them.(c) 2014. This manuscript version is made available under the CC-BY-NC-ND 4.0 license http://creativecommons.org/licenses/by-nc-nd/4.0/

show abstract

“…The CelleBrite UFED tool, on the other hand, facilitated the recovery of SMS/MMS messages, call logs, videos, photos, and contact information. In [13] authors undertook a study seeking to establish adaptable encryption standards to hide communication on instant messaging apps purposing to secure the exchanged message. These include symmetric and asymmetric algorithms.…”

Section: Related Workmentioning

confidence: 99%

Forensic Analysis of Third-party Mobile Application

ALThebaity¹,

Mishra²,

Shukla³

2020

HELIX

View full text Add to dashboard Cite

The expansion of the phone's memory space and processing power comprise some of the primary contributing factors to the evolution of digital crime. Therefore, wide adoption and reliance of third-party applications expose individuals to various digital crimes. In this research both qualitative and quantitative methods are used. The recovered data items from the phone's memory were classified and facilitate the description of the recoverable app and user information after the deletion of the social networking app like Facebook. The choice of Facebook as the subject app for investigation arises from the fact that it comprises one of the major social network platforms. Some of the recoverable data in both scenarios include but not limited to text messages, login information, friends' information, and user account details, among others. The research seeks to fill an existing gap concerning the establishment of the location and types of recoverable data after the uninstallation of the Facebook application from a smartphone device.

show abstract

Social Networks IM Forensics: Encryption Analysis

Cited by 26 publications

References 9 publications

Forensic analysis of the ChatSecure instant messaging application on android smartphones

Forensic analysis of the ChatSecure instant messaging application on android smartphones

Forensic analysis of WhatsApp Messenger on Android smartphones

Forensic Analysis of Third-party Mobile Application

Contact Info

Product

Resources

About