Browsing by Author "Nogueira, Ruben"
Now showing 1 - 2 of 2
Results Per Page
Sort Options
- Analyzing TikTok from a Digital Forensics PerspectivePublication . Domingues, Patricio; Nogueira, Ruben; Francisco, José Carlos; Frade, MiguelTikTok is a major hit in the digital mobile world, quickly reaching the top 10 installed applications for the two main mobile OS, iOS and Android. This paper studies Android's TikTok application from a digital forensic perspective, analyzing the digital forensic artifacts that can be retrieved on a post mortem analysis and their associations with operations performed by the user. The paper also presents FAMA (Forensic Analysis for Mobile Apps), an extensible framework for the forensic software Autopsy, and FAMA's TikTok module that collects, analyzes, and reports on the main digital forensic artifacts of TikTok's Android application. The most relevant digital artifacts of TikTok include messages exchanged between TikTok so-called ``friends'', parts of the email/phone number of registered users, data about devices, and transactions with TikTok's virtual currency. One of the results of this research is the set of forensic traces left by users' transactions with TikTok's in-app virtual currency. Another result is the detection of patterns that exist in TikTok's integer IDs, allowing to quickly link any 64-bit TikTok's integer ID to the type of resources -- user, device, video, etc. -- that it represents.
- Post-mortem digital forensic artifacts of TikTok Android AppPublication . Domingues, Patrício; Nogueira, Ruben; Francisco, José Carlos; Frade, MiguelTikTok is a social network known mostly for the creation and shar ing of short videos and for its popularity for those under 30 years old. Although it has only appeared as Android and iOS apps in 2017, it has gathered a large user base, being one of the most downloaded and used app. In this paper, we study the digital forensic artifacts of TikTok’s app that can be recovered with a post mortem analysis of an Android phone, detailing the databases and XML with data that might be relevant for a digital forensic practitioner. We also provide the module tiktok.py to extract several forensic artifacts of TikTok in a digital forensic analysis of an Android phone. The module runs under Autopsy’s Android Analyzer environment. Although TikTok offers a rich set of features, it is very internet-dependent, with a large amount of its inner data kept on the cloud, and thus not easily accessible in a post mortem analysis. Nonetheless, we were able to recover messages exchanged through the app commu nications channels, the list of TikTok users that have interacted with the TikTok account used at the smartphone, photos linked to the app and in some circumstances, TikTok’s videos watched by the smartphone’s user.