Mobile Forensic Tools Validation and Evaluation for Instant Messaging
Mobile technology is experiencing rapid development from year to year. Various types of models and operating systems are available on the market, followed by the development of applications for mobile devices. Behind the development of mobile technology, mobile devices are often used for crime. To handle a case related to a mobile device, an investigator needs to use forensic methodologies. Investigator also needs to know which tools are capable of handling mobile forensics of a specific artefact or mobile devices since each forensic tool has its limitation. The rapid development of mobile technology and the lack of understanding of forensic tools sometimes become an obstacle for an investigator in handling a case. This research conducted a forensic analysis of WhatsApp (WA) application on the Samsung Galaxy S4 and Samsung A3 using the logical acquisition of 3 forensic tools, namely: WA Key/DB Extractor, Oxygen Forensics, and Magnet AXIOM. National Institute of Standards and Technology (NIST) forensic tool parameters and additional parameters related to WA artefact s were used to evaluate forensic tools which will then be calculated to find acquisition capability index for each forensic tool. Acquisition capability index is expected to provide an overview and recommendations regarding forensic tools for conducting WA forensic analysis. Based on the acquisition capability index, Magnet AXIOM has advantages over Oxygen Forensics, and WA Key/DB Extractor in conducting forensic analysis of WA artefact s on Samsung Galaxy S4 and Samsung A3 with 77.77%. Thus it can be concluded that Magnet AXIOM is recommended to be used in handling WA artefacts.
statista.com, “Number of monthly active WhatsApp users worldwide from April 2013 to July 2017 (in millions),” 2017. https://www.statista.com/statistics/260819/number-of-monthly-active-whatsapp-users/ (accessed Nov. 10, 2017).
statista.com, “Numbers of WhatsApp users in the United States from 2015 to 2021 (in millions),” 2018. https://www.statista.com/statistics/558290/number-of-whatsapp-users-usa/ (accessed Jan. 25, 2018).
comScore.com, “comScore Announces Launch of MMX Multi-Platform, As Well As Major Enhancements to Mobile Metrix in Indonesia with Introduction of Mobile Consumer Panel Data,” comScore Inc., 2017. https://www.comscore.com/Insights/Press-Releases/2017/3/comScore-Announces-Launch-of-MMX-Multi-Platform-Indonesia (accessed Jan. 25, 2018).
T. Sutikno, L. Handayani, D. Stiawan, M. A. Riyadi, and I. M. I. Subroto, “WhatsApp, viber and telegram: Which is the best for instant messaging?,” Int. J. Electr. Comput. Eng., vol. 6, no. 3, pp. 909–914, 2016, doi: 10.11591/ijece.v6i3.10271.
A. Griffin, “WhatsApp: After Killings in India, How The Messaging App is Being Used to Spread Deadly Fake News,” 2018. https://www.independent.co.uk/life-style/gadgets-and-tech/news/whatsapp-india-killings-latest-update-explained-app-fake-hoax-rumours-a8428746.html.
Vix.com, “5 Crimes That People Do On WhatsApp And Can Actually Be Reported,” 2018. https://www.vix.com/en/apps-internet/530661/5-crimes-people-do-whatsapp-and-can-actually-be-reported.
Techzim.co.zw, “How WhatsApp Is Aiding Criminal Activity, We Should Copy The Shady Guys,” 2018. https://www.techzim.co.zw/2018/07/how-whatsapp-has-aided-criminal-actvivity/.
A. Nurlitasari, “Hacker Manfaatkan WhatsApp untuk Curi Data Pribadi Pengguna,” 2018. https://techno.okezone.com/read/2018/08/09/207/1934241/hacker-manfaatkan-whatsapp-untuk-curi-data-pribadi-pengguna.
M. Chin, “Here’s how one WhatsApp photo led to 11 drug-trafficking convictions,” 2018. https://mashable.com/2018/04/16/police-use-whatsapp-to-catch-criminal/#03i.1j8.tmq2.
A. Kusumadewi and J. P. Sasongko, “Polisi Usut Percakapan ‘Jessica-Mirna’ yang Beredar di Sosmed,” 2016. http://www.cnnindonesia.com/nasional/20160121080758-12-105715/polisi-usut-percakapan-jessica-mirna-yang-beredar-di-sosmed/ (accessed Nov. 10, 2017).
R. Ayers, W. Jansen, and S. Brothers, “Guidelines on mobile device forensics (NIST Special Publication 800-101 Revision 1),” NIST Spec. Publ., vol. 1, no. 1, p. 85, 2014, doi: 10.6028/NIST.SP.800-101r1.
M. Al-Hadadi and A. AlShidhani, “Smartphone Forensics Analysis: A Case Study,” Int. J. Comput. Electr. Eng., vol. 5, no. 6, pp. 576–580, 2013, doi: 10.7763/IJCEE.2013.V5.776.
I. Riadi, R. Umar, and A. Firdonsyah, “Identification Of Digital Evidence On Android ’ s,” Int. J. Comput. Sci. Inf. Secur., vol. 15, no. 5, pp. 3–8, 2017.
S. Dogan and E. Akbal, “Analysis of Mobile Phones in Digital Forensics,” MIPRO 2017, pp. 1241–1244, 2017, doi: 10.23919/MIPRO.2017.7973613.
E. C. Cankaya and B. Kupka, “A survey of digital forensics tools for database extraction,” FTC 2016 - Proc. Futur. Technol. Conf., no. December, pp. 1014–1019, 2017, doi: 10.1109/FTC.2016.7821727.
R. Umar, I. Riadi, and G. M. Zamroni, “Mobile Forensic Tools Evaluation for Digital Crime Investigation,” Int. J. Adv. Sci. Eng. Inf. Technol., vol. 8, no. 3, p. 949, 2018, doi: 10.18517/ijaseit.8.3.3591.
A. Abdallah, M. Alamin, A. Babiker, and N. Mustafa, “A Survey on Mobile Forensic for Android Smartphones,” IOSR J. Comput. Eng., vol. 17, no. 1, pp. 2278–661, 2015, doi: 10.9790/0661-17211519.
National Institute of Standards and Technology, “Mobile Device Tool Specification Version 2.0,” 2016, [Online]. Available: https://www.cftt.nist.gov/documents/Mobile Device Tool Secification_v2.0.pdf.
National Institute of Standards and Technology, “Mobile Device Tool Test Assertions and Test Plan Version 2.0,” 2016, [Online]. Available: https://www.cftt.nist.gov/documents/Mobile_Device_Tool_Test_Assertions_and_Test_Plan_v2.0.pdf.
K. D. Lutes and R. P. Mislan, “Challenges in Mobile Phone Forensics,” Imeti 2008 Int. Multi-Conference Eng. Technol. Innov. Vol I, Proc., pp. 348–352, 2008.
N. Santos, “Mobile Forensics : Android,” 2015.
R. Ahmed, Q. M. Computech, and A. Mtech, “Mobile phones now vital source of evidence in investigations,” pp. 1–4, 2016.
D. M. Sai, N. R. G. K. Prasad, and S. Dekka, “The Forensic Process Analysis of Mobile Device,” Int. J. Comput. Sci. Inf. Technol., vol. 6, no. 5, pp. 4847–4850, 2015.
statista.com, “Android operating system share worldwide by OS version from 2013 to 2018*,” 2018. https://www.statista.com/statistics/271774/share-of-android-platforms-on-mobile-devices-with-android-os/.
I. Riadi, R. Umar, and A. Sugandi, “Web forensic on kubernetes cluster services using grr rapid response framework,” Int. J. Sci. Technol. Res., vol. 9, no. 1, pp. 3484–3488, 2020.
R. Ahmed, D. V. Rajiv, and T. M. Vilas, “Forensic Presevation of Digital Evidence on Mobile Devices from the Perspective of Efficient Generalized Forensics Framework for Mobile Devices ( EGFFMD ),” Int. J. Adv. Res. Comput. Sci., vol. 5, no. 4, pp. 28–29, 2014.
Magnet Forensics, “12 Tips for Presenting Digital Evidence in Court From Before the Case To Delivering Testimony 12 Tips for Presenting,” 2017.
R. Umar, I. Riadi, and G. Maulana, “A Comparative Study of Forensic Tools for WhatsApp Analysis using NIST Measurements,” Int. J. Adv. Comput. Sci. Appl., vol. 8, no. 12, pp. 69–75, 2017, doi: 10.14569/IJACSA.2017.081210.
C. Gaffney, “How to Calculate Index Number,” Leaf Group Ltd, 2018. https://bizfluent.com/how-5339534-calculate-index-numbers.html (accessed Jun. 24, 2018).
- There are currently no refbacks.
Published by INSIGHT - Indonesian Society for Knowledge and Human Development