CIIC - Artigos em Revistas com Peer Review
Permanent URI for this collection
Browse
Browsing CIIC - Artigos em Revistas com Peer Review by Subject "Android"
Now showing 1 - 4 of 4
Results Per Page
Sort Options
- Analyzing TikTok from a Digital Forensics PerspectivePublication . Domingues, Patricio; Nogueira, Ruben; Francisco, José Carlos; Frade, MiguelTikTok is a major hit in the digital mobile world, quickly reaching the top 10 installed applications for the two main mobile OS, iOS and Android. This paper studies Android's TikTok application from a digital forensic perspective, analyzing the digital forensic artifacts that can be retrieved on a post mortem analysis and their associations with operations performed by the user. The paper also presents FAMA (Forensic Analysis for Mobile Apps), an extensible framework for the forensic software Autopsy, and FAMA's TikTok module that collects, analyzes, and reports on the main digital forensic artifacts of TikTok's Android application. The most relevant digital artifacts of TikTok include messages exchanged between TikTok so-called ``friends'', parts of the email/phone number of registered users, data about devices, and transactions with TikTok's virtual currency. One of the results of this research is the set of forensic traces left by users' transactions with TikTok's in-app virtual currency. Another result is the detection of patterns that exist in TikTok's integer IDs, allowing to quickly link any 64-bit TikTok's integer ID to the type of resources -- user, device, video, etc. -- that it represents.
- Forensic Analysis of the Bumble Dating App for AndroidPublication . Barros, António; Almeida, Rafaela; Melo, Tiézer; Frade, MiguelMobile applications that facilitate interaction between people have grown in popularity and, as a result, the number of e-dating applications have expanded. In these types of applications, there is usually a trade-off between user privacy and safety. On one hand, users want to keep their data as private as possible, on the other hand, user identification forces accountability, which, hopefully, will foster the development of responsible behaviors and minimize abuses. The Bumble e-dating app has been growing in popularity and differs from other apps by giving women the power to make the first contact after a match. Their main goal is to prevent women’s harassment. In this work, we study the digital artifacts that can be found after the use of the Bumble app on Android devices. Despite applying many measures to ensure data protection, it was possible to obtain information that identifies users and exchanged messages. The data structure stored on the device is described, as well as the artifacts with forensic value for an investigation. Moreover, a script was created to parse and visualize the main forensic artifacts of the Bumble app.
- Post-mortem digital forensics analysis of the Zepp Life android applicationPublication . Domingues, Patricio; Francisco, José; Frade, MiguelThis paper studies the post-mortem digital forensic artifacts left by the Android Zepp Life (formerly Mi Fit) mobile application when used in conjunction with a Xiaomi Mi Band 6. The Mi Band 6 is a low-cost smart band device with several sensors that allow for health and activity monitoring, collecting metrics such as heart rate, blood oxygen saturation level, and step count. The device communicates via Bluetooth Low Energy with the Zepp Life application, which displays its data, provides some controls, and acts as a bridge to the Internet. We study, from a digital forensics perspective, the Android version of the mobile application in a rooted smartphone. For this purpose, we analyze the data repositories, namely its databases and XML files, and correlate the data on the smartphone with the corresponding usage of the Mi Band device. The paper also presents two open-source scripts we have developed to ease the task of forensic practitioners dealing with Zepp Life/Mi Band 6: ZL_std and ZL_autopsy. The former refers to a Python 3 script that extracts high-level views of Zepp Life data through the command-line, whereas the latter is a module that integrates ZL_std functionalities within the popular open-source Autopsy digital forensic software. Data stored on the Android companion device of a Mi Band 6 might include GPS coordinates, events and alarms, and biometric data such as heart rate, sleep time, and fitness activity, which can be valuable digital forensic artifacts.
- The Digital Footprints on the Run: A Forensic Examination of Android Running Workout ApplicationsPublication . Nunes, Fabian; Domingues, Patricio; Frade, MiguelThis study applies a forensic examination to six distinct Android fitness applications centered around monitoring running activities. The applications are Adidas Running, MapMyWalk,Nike Run Club, Pumatrac, Runkeeper and Strava. Specifically, we perform a post mortem analysis of each application to find and document artifacts such as timelines and Global Positioning System (GPS) coordinates of running workouts that could prove helpful in digital forensic investigations. First, we focused on the Nike Run Club application and used the gained knowledge to analyze the other applications, taking advantage of their similarity. We began by creating a test environment and using each application during a fixed period. This procedure allowed us to gather testing data, and, to ensure access to all data generated by the apps, we used a rooted Android smartphone. For the forensic analysis, we examined the data stored by the smartphone application and documented the forensic artifacts found. To ease forensic data processing, we created several Python modules for the well-known Android Logs Events And Protobuf Parser (ALEAPP) digital forensic framework. These modules process the data sources, creating reports with the primary digital artifacts, which include the workout activities and related GPS data.