Forensic analysis of Google Allo messenger on Android platform

Author:

Agrawal Vinayak,Tapaswi Shashikala

Abstract

Purpose The purpose of this paper is to conduct a forensic analysis of Google Allo messenger on an Android-based mobile phone. The focus was on the analysis of the data stored by this application in the internal memory of the mobile device, with minimal use of third-party applications. The findings were compared with the already existing works on this topic. Android is the most popular operating system for mobile devices, and these devices often contain a massive amount of personal information about the user such as photos and contact details. Analysis of these applications is required in case of a forensic investigation and makes the process easier for forensic analysts. Design/methodology/approach Logical acquisition of the data stored by these applications was performed. A locked Android device was used for this purpose. Some scripts are presented to help in data acquisition using Android Debug Bridge (ADB). Manual forensic analysis of the device image was performed to see whether the activities carried out on these applications are stored in the internal memory of the device. A comparative analysis of an existing mobile forensic tool was also performed to show the effectiveness of the methodology adopted. Findings Forensic artifacts were recovered from Allo application. Multimedia content such as images were also retrieved from the internal memory. Research limitations/implications As this study was conducted for forensic analysis, it assumed that the mobile device used already has USB debugging enabled on it, although this might not be the applicable in some of the cases. This work provides an optimal approach to acquiring artifacts with minimal use of third-party applications. Practical implications Most of the mobile devices contain messaging application such as Allo installed. A large amount of personal information can be obtained from the forensic analysis of these applications, which can be useful in any criminal investigation. Originality/value This is the first study which focuses on the Google Allo application. The proposed methodology was able to extract almost as much as the data obtained using earlier approaches, but with minimal third-party application usage.

Publisher

Emerald

Subject

Management of Technology and Innovation,Information Systems and Management,Computer Networks and Communications,Information Systems,Software,Management Information Systems

Reference18 articles.

1. Forensic analysis of social networking applications on mobile devices;Digital Investigation,2012

2. Ayers, R.P. Brothers, S. Jansen, W. and Materese, R. (2016), “Guidelines on mobile device forensics”, available at: www.nist.gov/node/563446

3. Faruque, S. (2015), “Android bootloader/fastboot mode and recovery mode explained/Android boot process”, available at: https://tektab.com/2015/10/31/android-bootloaderfastboot-mode-and-recovery-mode-explained/

4. Rapid differential forensic imaging of mobile devices;Digital Investigation,2016

Cited by 6 articles. 订阅此论文施引文献 订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献

同舟云学术

1.学者识别学者识别

2.学术分析学术分析

3.人才评估人才评估

"同舟云学术"是以全球学者为主线,采集、加工和组织学术论文而形成的新型学术文献查询和分析系统,可以对全球学者进行文献检索和人才价值评估。用户可以通过关注某些学科领域的顶尖人物而持续追踪该领域的学科进展和研究前沿。经过近期的数据扩容,当前同舟云学术共收录了国内外主流学术期刊6万余种,收集的期刊论文及会议论文总量共计约1.5亿篇,并以每天添加12000余篇中外论文的速度递增。我们也可以为用户提供个性化、定制化的学者数据。欢迎来电咨询!咨询电话:010-8811{复制后删除}0370

www.globalauthorid.com

TOP

Copyright © 2019-2024 北京同舟云网络信息技术有限公司
京公网安备11010802033243号  京ICP备18003416号-3