Comparative Analysis of Forensic Digital Evidence on Android Smartphone based Instant Messaging Using NIST Framework
Main Article Content
Abstract
Smartphones are currently experiencing rapid development along with technological developments. The rapid development of smartphones is also followed by the increasing use of social media and instant messaging. One of the well-known instant messaging applications, namely Whatsapp, issues a notification that its user content, whether uploading, storing, receiving or sending anything on WhatsApp, the company can use, reproduce, and display or distribute it. With this notification, WhatsApp users switch to more private instant messaging, namely Telegram and Signal Messenger. This study uses the National Institute of Standards and Technology (NIST) method, namely collection, examination, analysis,presentation. This study uses two smartphones with root and non-root conditions that have installed the whatsapp, telegram, and signal messenger applications. The case used in this study is a narcotics sale and purchase transaction. Digital evidence was obtained using four forensic tools, namely MOBILedit Forensic Express,Oxygen forensics, Belkasoft Evidence, and Magnet Axiom. This study produces digital evidence in the form of chat files, images, videos, perpetrator accounts,contacts, locations and conversations that have been deleted from smartphone devices. The calculation of the index result from the percentage of evidenceobtained by the WhatsApp application on a smartphone with root conditions usingthe forensic tool Oxygen forensic got the result, namely 50%. Telegram gets 50%results using Oxygen forensic with root conditions. While the signal gets the result,which is 30% using MOBILedit with root conditions.
Downloads
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
References
R. Umar, I. Riadi, and G. M. Zamroni, “Mobile forensic tools evaluation for
digital crime investigation,” Int. J. Adv. Sci. Eng. Inf. Technol., vol. 8, no. 3, pp.
–955, 2018, doi: 10.18517/ijaseit.8.3.3591.
K. Rathi, U. Karabiyik, T. Aderibigbe, and H. Chi, “Forensic analysis of
encrypted instant messaging applications on Android,” 6th Int. Symp.
Digit. Forensic Secur. ISDFS 2018 -Proceeding, vol. 2018-Janua, pp. 1–6,
, doi: 10.1109/ISDFS.2018.8355344.
A. Wirara, B. Hardiawan, M. Salman, and B. Siber dan Sandi Negara,
“Identifikasi Bukti Digital pada Akuisisi Perangkat Mobile dari Aplikasi Pesan
Instan ‘WhatsApp.’”
“DIGITAL 2021 GLOBAL OVERVIEW
REPORT.”
“An Empirical Study on “Whatsapp
Privacy .”
I. Riadi, A. Yudhana, M. Caesar, and F. Putra, “Forensic Tool Comparison on
Instagram Digital Evidence Based on Android with The NIST Method,” Sci. J.
Informatics, vol. 5, no. 2, pp. 2407–7658, 2018, [Online]. Available:
http://journal.unnes.ac.id/nju/index.php/sji.
A. N. Ichsan and I. Riadi, “Mobile Forensic on Android-based IMO
Messenger Services using Digital Forensic Research Workshop
(DFRWS) Method,” Int. J. Comput. Appl., vol. 174, no. 18, pp. 34–40, Feb.
, doi: 10.5120/ijca2021921076.
“Framework for Improving Critical Infrastructure Cybersecurity, Version
1,” Gaithersburg, MD, Apr. 2018. doi: 10.6028/NIST.CSWP.04162018.
B. M. Samantha Judge Edmond, “MOBILE FORENSICS: ANALYSIS OF
THE MESSAGING APPLICATION SIGNAL,” 2017.
S. K. Dirjen et al., “Terakreditasi SINTA Peringkat 2 Analisis Recovery Bukti
Digital Skype berbasis Smartphone Android Menggunakan Framework
NIST,” masa berlaku mulai, vol. 1, no. 3, pp. 682–690, 2017.
I. Zuhriyanto, A. Yudhana, and I. Riadi, “Analisis Perbandingan Tools Forensic
pada Aplikasi Twitter Menggunakan Metode Digital Forensics Research
Workshop,” J. RESTI (Rekayasa Sist. dan Teknol. Informasi), vol. 4, no. 5, pp.
–836, 2020.
I. Riadi, “Analisis Forensik Smartphone Android Menggunakan Metode NIST
dan Tool MOBILedit Forensic Express,” [Online]. Available:
http://openjournal.unpam.ac.id/index.php/informatika89.
“Forensik Mobile pada Layanan Media Sosial LinkedIn."