Recent Advances in Computer Science and Communications

Author(s): Shshank Sourabh, Diwakar Chauhan, Vinay Singh and Monika Chauhan*

DOI: 10.2174/2666255813666201216114643

Analysis of Digital Data by File Signature Method on Android Version 9

Article ID: e111022189178 Pages: 8

  • * (Excluding Mailing and Handling)

Abstract

Objective: The use of smartphones has exponentially increased over the past decade. Nowadays, the use of a cellphone has not just been restricted to make calls, but it's also actively used to connect people throughout the globe through social media and sharing multimedia files over the internet. Smartphones have made these things possible and easily available with just a single touch. But along with this development and digitalization, an increase in the rate of cybercrime has also surfaced, which includes crime like illicit possession, distribution, and modification of multimedia files. Hence, smartphones are seen as a rich source of evidence-based on the crimes discussed. This process is carried out to analyze smartphone’s multimedia files to determine their origin and to verify if the multimedia files originated from the same device or transferred through any process.

Methods: An examiner must analyze, recover, and authenticate the files stored in a smartphone device. Android version 9 was used for analysis since it is the most common and abundant platform generally found on most people’s phones. Examination of computer files is achieved by analyzing the file in hexadecimal editor software; the software used in this analysis is HxD.

Results: File signature and metadata analysis of smartphones’ multimedia files was performed to render the source of the files.

Conclusion: The conducted file signature and metadata analysis clearly stated that by using hexadecimal editor software- HxD origin and source of smartphones’ multimedia file can be rendered.

Keywords: Smartphone, Multimedia, File Signature, Android, Metadata, HxD.

Graphical Abstract

[1]
"Statista", www.statista.com/statistics/263437/global-smartphone-sales-to-enndd-user-since-2007/
[2]
N. Koblitz, and A. Menezes, "Another Look at Provable Security", J. Cryptol., vol. 20, no. 1, pp. 3-37, 2005.
[http://dx.doi.org/10.1007/s00145-005-0432-z]
[3]
G. Mohay, A. Anderson, B. Collie, O. De Vel, and R. McKemmish, Computer and Intrusion Forensics., Artech House: MA, USA, 2003.
[4]
"File Signature", www.filesignatures.net
[5]
"HxD Computer Forensic Software", www.mh_nexus.de/en/hxd
[6]
E. Casey, M. Bann, and J. Doyle, "Introduction to Windows mobile forensics", Digit. Invest., vol. 6, no. 3, pp. 136-146, 2010.
[http://dx.doi.org/10.1016/j.diin.2010.01.004]
[7]
N. Ashraf, Forensic Multimedia File Carving, M.S. thesis, Department of Computer and Systems Sciences, Royal Institute of Technology, Stockholm University, Sweden, 2013.
[8]
R. Ahmed, and R.V. Dharaskar, "Mobile forensics: an overview, tools, future trends and challenges from law enforcement perspective", In Sixth International Conference on E-Governance, ICEG, Emerging Technologies in E-Government, M-Government, 2010, pp. 312-23.
[9]
T. Gale, A. Fischer, and M. Kirchner, "Forensic analysis of video file formats", Digit. Invest., 2010.
[10]
E. Kurvinen, "Only when miss universe snatches me: Teasing in MMS messaging", Proceedings of 2003 international conference on Designing pleasurable products and interfaces, 2003.
[http://dx.doi.org/10.1145/782896.782921]
[11]
A. Dziech, A. Glowacz, J. Wszołek, S. Ernst, and M. Pawłowski, "“A Distributed Architecture for Multimedia File Storage, Analysis and Processing. Intelligent Tools for Building a Scientific Information Platform”. R. Bembenik, L. Skonieczny, H. Rybinski, M. Kryszkiewicz and M. Niezgodka".Springer Berlin Heidelberg, vol. 467, pp. 435-452, 2013.
[12]
A. Ariffin, and K. Choo, K. R. & J. Slay, “Digital camcorder forensics", Proceedings of the Eleventh Australasian Information Security Conference, vol. Volume 138. 2013, pp. 39-47.
[13]
J. Haggerty, and M. Taylor, “FORSIGS: Forensic Signature Analysis of the Hard Drive for Multimedia File Fingerprints. New Approaches for Security, Privacy and Trust in Complex Environments”.  , vol. 232. H. Venter, M. Eloff, L. Labuschagne, J. Eloff, and R. von Solms Springer US, 2007, pp. 1-12.
[14]
M. Yip, Signature analysis and Computer Forensics., School of Computer Science, University of Birmingham, 2008.
[15]
"Guidance Software Encase", www.guidancesoftware.com
[16]
I. Jozwaik, M. Kedziora, and A. Melinska, Theoretical and Practical Aspects of Encrypted Containers Detection- Digital Forensics Approach., Dependable Computer System, Springer Science and Digital Media: New York, 2011, pp. 75-85.
[http://dx.doi.org/10.1007/978-3-642-21393-9_6]
[17]
"Jhead", www.sentex.net/~mwandle/jhead/
[18]
"DataLifter, Computer Forensics Software", http://www.datalifter.com
[19]
C.T. Li, "Source Camera Identification Using Enhanced Sensor Pattern Noise", IEEE Trans. Inf. Forensics Security, vol. 5, pp. 280-287, 2010.
[http://dx.doi.org/10.1109/TIFS.2010.2046268]
[20]
Z. Deng, A. Gijsenij, and J. Zhang, "Source camera identification using Auto-White Balance approximation", IEEE International Confrence, pp. 57-64, 2011.
[21]
M.J. Tsai, C.S. Wang, and J. Liu, "A hybrid model for digital camera source identification. In Image Processing (ICIP)", sixteenth IEEE International Conference, 2009, pp. 2901-2904.
[22]
T. Gale, A. Fischer, and M. Kirchner, "Forensic analysis of video file formats", Digit. Invest., 2014.
[http://dx.doi.org/10.1016/j.diin.2014.03.009]
[23]
E. Casey, "Digital evidence and computer crime", Forensic Sci., 2011.
[24]
"GCK’s file signatures table", www.graykessler.net/library/file_sigs.html