Analysis of Skype Digital Evidence Recovery based on Android Smartphones Using the NIST Framework

2020 ◽  
Vol 4 (4) ◽  
pp. 682-690
Author(s):  
Anton Yudhana ◽  
Abdul Fadlil ◽  
Muhammad Rizki Setyawan
Keyword(s):  
Electronic Devices ◽  
Data Recovery ◽  
Digital Evidence ◽  
Network Technology ◽  
Removal Method ◽  
Manual Removal ◽  
Digital Forensic ◽  
Forensic Tools

Cybercrime is an activity utilizing electronic devices and network technology as tools or media to commit crimes. One of them uses the Skype application that is installed on the smartphone. In finding evidence from a cybercrime case, a forensic activity known as digital forensic must be carried out. This study aims to recover digital evidence that has been erased using the NIST framework and forensic tools such as Oxygen and Belkasoft. The results of digital evidence recovery from smartphone Samsung J2 in the removal scenario via the application manager, the Oxygen tool cannot recover deleted data and the percentage of success using Belkasoft is 26%. While the results of data recovery with the manual removal method the percentage of success using Oxygen was 63% and Belkasoft was 44%. Digital evidence recovery results from smartphones Andromax A on the erase scenario through the application manager, Oxygen and Belkasoft tools cannot recover deleted data. While manual removal of Oxygen by 61% and Belkasoft cannot restore data. It can be concluded the results of data recovery from both smartphones that are used according to the erasure method through the application manager, Belkasoft has better performance than Oxygen, and data recovery according to the method of erasing manually, Oxygen has better performance than Belkasoft.

Forensic Data Extraction and Analysis of Left Artifacts on emulated Android Phones: A Case Study of Instant Messaging Applications

2017 ◽  
Vol 2 (11) ◽  
pp. 8-16
Author(s):  
Moses Ashawa ◽  
Innocent Ogwuche
Keyword(s):  
Mobile Phones ◽  
Instant Messaging ◽  
Data Extraction ◽  
Digital Evidence ◽  
Cyber Attack ◽  
Forensic Evidence ◽  
Digital Forensic ◽  
Proportional Increase ◽  
Forensic Tools

The fast-growing nature of instant messaging applications usage on Android mobile devices brought about a proportional increase on the number of cyber-attack vectors that could be perpetrated on them. Android mobile phones store significant amount of information in the various memory partitions when Instant Messaging (IM) applications (WhatsApp, Skype, and Facebook) are executed on them. As a result of the enormous crimes committed using instant messaging applications, and the amount of electronic based traces of evidence that can be retrieved from the suspect’s device where an investigation could convict or refute a person in the court of law and as such, mobile phones have become a vulnerable ground for digital evidence mining. This paper aims at using forensic tools to extract and analyse left artefacts digital evidence from IM applications on Android phones using android studio as the virtual machine. Digital forensic investigation methodology by Bill Nelson was applied during this research. Some of the key results obtained showed how digital forensic evidence such as call logs, contacts numbers, sent/retrieved messages, and images can be mined from simulated android phones when running these applications. These artefacts can be used in the court of law as evidence during cybercrime investigation.

Akuisisi Bukti Digital Viber Messenger Android Menggunakan Metode National Institute of Standards and Technology (NIST)

2021 ◽  
Vol 5 (1) ◽  
pp. 45-54
Author(s):  
Imam Riadi ◽  
Rusydi Umar ◽  
Muhammad Irwan Syahib
Keyword(s):  
Extraction Process ◽  
Text Messages ◽  
Digital Evidence ◽  
Digital Forensic ◽  
Digital Crime ◽  
The World ◽  
Instant Messenger ◽  
Negative Impacts ◽  
Forensic Tools ◽  
Voice Calls

Viber is one of the most popular social media in the Instant Messenger application category that can be used to send text messages, make voice calls, send picture messages and video messages to other users. As many as 260 million people around the world have used this application. Increasing the number of viber users certainly brings positive and negative impacts, one of the negative impacts of this application is the use of digital forensic crime. This research simulates and removes digital crime evidence from the viber application on Android smartphones using the National Institute of Standards Technology (NIST) method, which is a method that has work guidelines on forensic policy and process standards to ensure each investigator follows the workflow the same so that their work is documented and the results can be accounted for. This study uses three forensic tools, MOBILedit Forensic Express, Belkasoft and Autopsy. The results in this study show that MOBILedit Forensic Express gets digital evidence with a percentage of 100% in getting accounts, contacts, pictures and videos. While proof of digital chat is only 50%. Belkasoft gets digital evidence with a percentage of 100% in getting accounts, contacts, pictures and videos. While proof of digital chat is only 50%. For Autopsy does not give the expected results in the extraction process, in other words the Autopsy application gives zero results. It can be concluded that MOBILedit Forensic Express and Belkasoft have a good performance compared to Autopsy and thus this research has been completed and succeeded in accordance with the expected goals.

scholarly journals Live Forensics Analysis of Line App on Proprietary Operating System

2019 ◽  
pp. 305-314
Author(s):  
Imam Riadi ◽  
Sunardi Sunardi ◽  
Muhamad Ermansyah Rauli
Keyword(s):  
Operating System ◽  
Random Access ◽  
Digital Evidence ◽  
Negative Effects ◽  
Access Memory ◽  
Digital Forensic ◽  
Instant Messenger ◽  
Forensic Tools ◽  
Live Forensics ◽  
Analyze Data

 The development of computer technology is increasing rapidly. This has positive and negative effects. One of the negative effects that occurred was the use of Line applications to conduct online shop fraud. Line is one of the instant messenger applications that can be used on computers, especially on Windows 8.1 operating system computers. Applications that run on the computer leave traces of data on Random Access Memory (RAM). Data left in RAM can be obtained using digital forensic techniques, namely live forensics which is used when the computer is running and connected to the internet. This study aims to find digital evidence regarding cases of online shop fraud using the National Institute of Standards and Technology (NIST) method. Digital evidence can be obtained using forensic tools, namely RamCapturer, FTK Imager and Winhex. RamCapturer is used to acquire data in RAM, FTK Imager is used for imaging and Winhex is used to analyze data that has been taken. The results obtained in this study were conversational recordings consisting of conversation time, conversation content and conversation status which could be digital evidence in uncovering the online shop fraud crime that occurred.

Digital Forensics

2011 ◽  
pp. 311-325
Author(s):  
David A. Dampier ◽  
A. Chris Bogen
Keyword(s):  
Law Enforcement ◽  
Digital Media ◽  
Digital Forensics ◽  
Criminal Activity ◽  
Computer Forensics ◽  
Data Recovery ◽  
Digital Evidence ◽  
Digital Forensic ◽  
Network Device

This chapter introduces the field of digital forensics. It is intended as an overview to permit the reader to understand the concepts and to be able to procure the appropriate assistance should the need for digital forensics expertise arise. Digital forensics is the application of scientific techniques of discovery and exploitation to the problem of finding, verifying, preserving, and exploiting digital evidence for use in a court of law. It involves the use of hardware and software for finding evidence of criminal activity on digital media, either in a computer or in a network device, and attributing that evidence to a suspect for the purposes of conviction. Digital forensics can also be used for non-law enforcement purposes. Data recovery is a form of computer forensics used outside of the legal arena. The authors hope that the reader will understand some of the intricacies of digital forensics and be able to intelligently respond to incidents requiring a digital forensic response.

scholarly journals An Australian Longitudinal Study Into Remnant Data Recovered From Second-Hand Memory Cards

2018 ◽  
Vol 12 (4) ◽  
pp. 82-97
Author(s):  
Patryk Szewczyk ◽  
Krishnun Sansurooah ◽  
Patricia A. H. Williams
Keyword(s):  
Electronic Devices ◽  
High Capacity ◽  
Financial Loss ◽  
The Public ◽  
Government Organizations ◽  
Digital Forensic ◽  
Memory Card ◽  
Longitudinal Comparison ◽  
Forensic Tools ◽  
The Impact

Consumers demand fast, high capacity, upgradeable memory cards for portable electronic devices, with secure digital (SD) and microSD the most popular. Despite this demand, secure erasure of data is still not a composite part of disposure practices. To investigate the extent of this problem, second-hand memory cards were procured from the Australian eBay site between 2011 and 2015. Digital forensic tools were used to acquire and analyze each memory card to determine the type and quantity of remnant data. This paper presents the results of the 2014 and 2015 studies and compares these findings to the 2011–2013 research studies. The longitudinal comparison indicates resold memory cards are disposed insecurely, with personal, confidential and business data undeleted or easily recoverable. The impact of such discoveries, where information is placed in the public domain, has the potential to cause embarrassment and financial loss to individuals, business, and government organizations.

scholarly journals Identifikasi Bukti Digital WhatsApp pada Sistem Operasi Proprietary Menggunakan Live Forensics

2018 ◽  
Vol 10 (1) ◽  
pp. 18-22
Author(s):  
Imam Riadi ◽  
Sunardi Sunardi ◽  
Muhamad Ermansyah Rauli
Keyword(s):  
Computer Technology ◽  
Rapid Development ◽  
Random Access ◽  
Digital Evidence ◽  
Access Memory ◽  
Digital Forensic ◽  
Instant Messenger ◽  
Forensic Tools ◽  
Live Forensics ◽  
Analyze Data

Rapid development of computer technology is also accompanied with increasing of cybercrime. One of the most common crimes is fraud case in the online shop. This crime  abuses Whatapps, one of the most popular Instant Messenger (IM) applications.  WhatsApp is one of the IM applications that can be used on computers, especially on windows 8.1 operating system. All applications running on the computer leave data and information on Random Access Memory (RAM). The data and information that exist in RAM can be obtained using digital forensic technique calledLive Forensics. Live forensics can be used when the computer is running and connected to the  network. This research aims to find digital evidence related to online shop fraud case. The digital evidence can be obtained using one of the forensic tools FTK Imager. FTK Imager can retrieve and analyze data and information on RAM. The results obtained in this research is the content of WhatsApp conversations that can be used as digital evidence to reveala fraud in the online shop.

scholarly journals A Survey on Digital Forensic Investigation Practitioners Approach and Challenges

2021 ◽  
Vol 9 (VI) ◽  
pp. 2733-2736
Author(s):  
Prof. Sachin Babulal Jadhav
Keyword(s):  
Data Collection ◽  
Digital Forensics ◽  
Electronic Devices ◽  
Digital Evidence ◽  
Cyber Crime ◽  
Forensic Investigation ◽  
Digital Forensic ◽  
Digital Crime ◽  
Entire World ◽  
Investigation Process

Digital crimes are taking place over the entire world. For any digital crime which commit at any part of world, computer or any electronic devices are used. The devices which are used to commit the crime are useful evidences which must be identified and protected for further use. The crimes involving electronic devices are called as cyber-crime. To investigate such crimes, a scientific procedures needs to be followed. The data collection, analysis, preservation and presentation of digital evidence is must in order investigate the cybercrime. This paper highlights the practices that are used worldwide in the investigation process of cyber-crime. Keywords: Digital Forensics, Analysis, Investigation, models of investigation.

scholarly journals Comparative analysis of Forensic Tools on Twitter applications using the DFRWS method

2020 ◽  
Vol 4 (5) ◽  
pp. 829-836
Author(s):  
Ikhsan Zuhriyanto ◽  
Anton Yudhana ◽  
Imam Riadi
Keyword(s):  
Social Media ◽  
Hate Speech ◽  
Smartphone Application ◽  
Digital Evidence ◽  
Forensic Evidence ◽  
Digital Forensic ◽  
Research Workshop ◽  
The Social ◽  
Forensic Tools ◽  
Media Applications

Current crime is increasing, one of which is the crime of using social media, although no crime does not leave digital evidence. Twitter application is a social media that is widely used by its users. Acts of crime such as fraud, insults, hate speech, and other crimes lately use many social media applications, especially Twitter. This research was conducted to find forensic evidence on the social media Twitter application that is accessed using a smartphone application using the Digital Forensics Research Workshop (DFRWS) method. These digital forensic stages include identification, preservation, collection, examination, analysis, and presentation in finding digital evidence of crime using the MOBILedit Forensic Express software and Belkasoft Evidence Center. Digital evidence sought on smartphones can be found using case scenarios and 16 variables that have been created so that digital proof in the form of smartphone specifications, Twitter accounts, application versions, conversations in the way of messages and status. This study's results indicate that MOBILedit Forensic Express digital forensic software is better with an accuracy rate of 85.75% while Belkasoft Evidence Center is 43.75%.

scholarly journals Assess of Forensic Tools on Android Based Facebook Lite with the NIST Method

2021 ◽  
Vol 8 (1) ◽  
pp. 1-9
Author(s):  
Rauhulloh Noor Bintang ◽  
Rusydi Umar ◽  
Anton Yudhana
Keyword(s):  
Social Media ◽  
Research Methods ◽  
Media Use ◽  
Text Message ◽  
Digital Evidence ◽  
Digital Forensic ◽  
The Social ◽  
Forensic Tools ◽  
Performance Results ◽  
Social Media Network

The increase in social media use of Facebook lite by using Android-based smartphones is quite high. Activities when communicating through the social media network Facebook Lite Facebook lite can send a text message, image, or Video. Not a few users of Facebook lite social media abusing this app to commit fraud crimes, pornographic acts, or defamation actions from social media users Facebook lite. In such cases, it can be a digital forensic benchmark to get results from digital evidence from the Facebook lite application. In this investigation, National Institute of Standards and Technology NIST research methods with various stages, namely Collection, Examination, Analysis, and Reporting. While the forensic tools to be used are Magnet Axiom Forensic and MOBILedit Forensic Express Pro. Comparison and results of data conducted with forensic tools Magnet Axiom Forensic and MOBILedit Forensic Express Pro in the form of parameter data specified. Axiom Forensic Magnet data is 57.14% while MOBILedit Forensic Express Pro data is 85.71%. This data is the data of the performance results of both forensic tool applications in obtaining digital evidence on Facebook lite application.

Sign in / Sign up

Export Citation Format

Share Document