Search results

The purpose of this paper is to propose an approach that helps in acquisition of live data as well as data stored in the internal/external memory of android mobile device considering that the data on the device are not much altered during the extraction process. Also, the emphasis is laid on testing the validity of existing forensic tools against the data obtained manually and by using this approach. Smartphones have spurred the mobile computing technology, and Android is widely used as an Operating System in these devices. These days, users store most of their personal information like emails, images, contacts etc., on Phones/Tablets as their data would be readily accessible and thus convenient for them.

Android Operating System is built on the Linux Kernel and scripts to extract data from Android Mobile Device with the use of Android Debugging Bridge have been written. The approach is more focused on the logical acquisition of data from devices rather than acquisition using physical methods.

Live data of the Facebook application running on the device can be extracted. Also, the password of the LuksManager application (used to create an encrypted volume on the device), which is stored in the internal memory, is also extracted and identified.

The study has been conducted in an academic environment, thereby limiting external validity. Another limitation is the limited edition of some of the software forensics tools that are used. The full access to these software tools are restricted by Law enforcement and Investigation policies. The research provides a different approach which could aid in criminal investigation activities on mobile devices.

The devices which have the latest versions of Android not only store messages and mails, but a lot of information about GPS, as well as information about popular applications like Facebook, WhatsApp, etc. This could practically help a lot in criminal investigation.

This study is important because very few works have been done on recent versions (Jellybean and Kitkat) of Android. The proposed approach could extract large amounts of information as compared to earlier approaches with the newer versions of Android having larger memory and new features.

The purpose of this paper is to conduct a forensic analysis of Google Allo messenger on an Android-based mobile phone. The focus was on the analysis of the data stored by this application in the internal memory of the mobile device, with minimal use of third-party applications. The findings were compared with the already existing works on this topic. Android is the most popular operating system for mobile devices, and these devices often contain a massive amount of personal information about the user such as photos and contact details. Analysis of these applications is required in case of a forensic investigation and makes the process easier for forensic analysts.

Logical acquisition of the data stored by these applications was performed. A locked Android device was used for this purpose. Some scripts are presented to help in data acquisition using Android Debug Bridge (ADB). Manual forensic analysis of the device image was performed to see whether the activities carried out on these applications are stored in the internal memory of the device. A comparative analysis of an existing mobile forensic tool was also performed to show the effectiveness of the methodology adopted.

Forensic artifacts were recovered from Allo application. Multimedia content such as images were also retrieved from the internal memory.

As this study was conducted for forensic analysis, it assumed that the mobile device used already has USB debugging enabled on it, although this might not be the applicable in some of the cases. This work provides an optimal approach to acquiring artifacts with minimal use of third-party applications.

Most of the mobile devices contain messaging application such as Allo installed. A large amount of personal information can be obtained from the forensic analysis of these applications, which can be useful in any criminal investigation.

This is the first study which focuses on the Google Allo application. The proposed methodology was able to extract almost as much as the data obtained using earlier approaches, but with minimal third-party application usage.

This study aims to provide a systematic review of consumer privacy literature in the context of smartphones and undertake a comprehensive analysis of academic research on this evolving research area.

This review synthesises antecedents, consequences and mediators reported in consumer privacy literature and presents these factors in a conceptual framework to demonstrate the consumer privacy phenomenon.

Based on the synthesis of constructs reported in the existing literature, a conceptual framework is proposed highlighting antecedents, mediators and outcomes of experiential marketing efforts. Finally, this study deciphers overlooked areas of consumer privacy in the context of smartphone research and provides insightful directions to advance research in this domain in terms of theory development, context, characteristics and methodology.

This study significantly contributes to consumer behaviour literature, specifically consumer privacy literature.

The purpose of this paper is to investigate the private-data pertaining to the interaction of users with social media applications that can be recovered from second-hand Android devices.

This study uses a black-box testing-principles based methodology to develop use-cases that simulate real-world case-scenarios of the activities performed by the users on the social media application. The authors executed these use-cases in a controlled experiment and examined the Android smartphone to recover the private-data pertaining to these use-cases.

The results suggest that the social media data recovered from Android devices can reveal a complete timeline of activities performed by the user, identify all the videos watched, uploaded, shared and deleted by the user, disclose the username and user-id of the user, unveil the email addresses used by the user to download the application and share the videos with other users and expose the social network of the user on the platform. Forensic investigators may find this data helpful in investigating crimes such as cyber bullying, racism, blasphemy, vehicle thefts, road accidents and so on. However, this data-breach in Android devices is a threat to user's privacy, identity and profiling in second-hand market.

Perceived notion of data sanitisation as a result of application removal and factory-reset can have serious implications. Though being helpful to forensic investigators, it leaves the user vulnerable to privacy breach, identity theft, profiling and social network revealing in second-hand market. At the same time, users' sensitivity towards data-breach might compel users to refrain from selling their Android devices in second-hand market and hamper device recycling.

This study attempts to bridge the literature gap in social media data-breach in second-hand Android devices by experimentally determining the extent of the breach. The findings of this study can help digital forensic investigators in solving crimes such as vehicle theft, road accidents, cybercrimes and so on. It can assist smartphone users to decide whether to sell their smartphones in a second-hand market, and at the same time encourage developers and researchers to design methods of social media data sanitisation.

The Android pattern lock screen (or graphical password) is a popular user authentication method that relies on the advantages provided by the visual representation of a password, which enhance its memorability. Graphical passwords are vulnerable to attacks (e.g. shoulder surfing); thus, the need for more complex passwords becomes apparent. This paper aims to focus on the features that constitute a usable and secure pattern and investigate the existence of heuristic and physical rules that possibly dictate the formation of a pattern.

The authors conducted a survey to study the users’ understanding of the security and usability of the pattern lock screen. The authors developed an Android application that collects graphical passwords, by simulating user authentication in a mobile device. This avoids any potential bias that is introduced when the survey participants are not interacting with a mobile device while forming graphical passwords (e.g. in Web or hard-copy surveys).

The findings verify and enrich previous knowledge for graphical passwords, namely, that users mostly prefer usability than security. Using the survey results, the authors demonstrate how biased input impairs security by shrinking the available password space.

The sample’s demographics may affect our findings. Therefore, future work can focus on the replication of our work in a sample with different demographics.

The authors define metrics that measure the usability of a pattern (handedness, directionality and symmetry) and investigate their impact to its formation. The authors propose a security assessment scheme using features in a pattern (e.g. the existence of knight moves or overlapping nodes) to evaluate its security strengths.

Mobile agent‐based e‐marketplaces are business applications that have been developed as flexible and efficient approaches to help companies or corporations to extend their businesses to outreach larger markets without regional and continental boundaries. Every distributed system is unable to avoid security problems due to the open internet environment. Mobile agent‐based e‐marketplaces are no exceptions. The purpose of this paper is to design and implement a framework and system of a secure and trustworthy mobile agent‐based e‐marketplace to overcome this problem.

The authors present an analysis and evaluation of a secure and trustworthy mobile agent‐based e‐marketplace, which was specified and prototyped. The experimental results of the implemented system are used to address the evaluation of the system. The discussion of the solution is also presented.

The evaluation and performance results show that the proposed framework and system have the ability to provide a secure and efficient e‐marketplace environment for trading products. The authors draw conclusions and highlight future work on this specific research area.

The performance and scalability are the two most important issues for mobile‐agent based systems together with their feasibility. The evaluation and performance results are used to reflect the results of the research in its entirety.

This paper aims to give an overview on a number of selected applications in comparison to a previous evaluation conducted two years ago, as well as performing an analysis on several new applications. Mobile messaging and VoIP applications for smartphones have seen a massive surge in popularity, which has also sparked the interest in research related to their security and privacy protection, leading to in-depth analyses of specific applications or vulnerabilities.

The evaluation methods mostly focus on known vulnerabilities in connection with authentication and validation mechanisms but also describe some newly identified attack vectors.

The results show a positive trend for new applications, which are mostly being developed with security and privacy features, whereas some of the older applications have shown little progress or have even introduced new vulnerabilities. In addition, this paper shows privacy implications of smartphone messaging that are not even solved by today’s most sophisticated “secure” smartphone messaging applications, as well as discusses methods for protecting user privacy during the creation of the user network.

Currently, there is no perfect solution available; thus, further research on this topic needs to be conducted.

In addition to conducting a security evaluation of existing applications together with newly designed messengers that were designed with a security background in mind, several methods for protecting user privacy were discussed. Furthermore, some new attack vectors were discussed.

The existing authentication procedures (pin, pattern, password) are not very secure. Therefore, the Gait pattern authentication scheme is introduced to verify the own user. The current research proposes a running Gaussian grey wolf boosting (RGGWB) model to recognize the owner.

The biometrics system plays an important role in smartphones in securing confidential data stored in them. Moreover, the authentication schemes such as passwords and patterns are widely used in smartphones.

To validate this research model, the unauthenticated user's Gait was trained and tested simultaneously with owner gaits. Furthermore, if the gait matches, the smartphone unlocks automatically; otherwise, it rejects it.

Finally, the effectiveness of the proposed model is proved by attaining better accuracy and less error rate.

The purpose of this paper is to identify whether there is a lower willingness to report a crime if a victim must hand in their mobile phone as evidence. If that is the case, the research seeks to examine whether privacy concerns and lower willingness correlate with one another and thereby investigate whether privacy concerns could lead to fewer crimes being reported and resolved.

A mobile phone survey was distributed to 400 Swedish adults to identify their hypothetical willingness to report certain crimes with and without handing in their mobile phones as evidence. The results were then analysed using inferential statistics.

The result suggests that there is no meaningful correlation between privacy attitudes and willingness to report crime when the handover of a mobile phone is necessary. The results of this study however show a significant lower willingness to report crimes when the mobile phone must be handed in.

Because the chosen target group were Swedish adults, the research results may lack generalisability for other demographics. Therefore, researchers are encouraged to test other demographics.

This paper’s contribution is the novel exploration of attitudes and behaviours regarding the combination of privacy, digital forensics, mobile phones and crime reportage. This research effort examined the problematic situation that can arise for victims of crime, the invasion of privacy when providing evidence by handing in a mobile phone to the police’s forensic unit for examination.

Digital contact tracing technologies are critical to the fight against COVID-19 in many countries including the UK. However, a number of ethical, legal and socio-economic concerns that can affect uptake of the app have been raised. The purpose of this research is to explore the perceptions of the UK digital contact tracing app in the Black, Asian and Minority Ethnic (BAME) community in Leicester and how this can affect its deployment and implementation.

Data was collected through virtual focus groups in Leicester, UK. A total of 28 participants were recruited for the study. All participants are members of the BAME community, and data was thematically analysed with NVivo 11.

A majority of the participants were unwilling to download and use the app owing to legal and ethical concerns. A minority were willing to use the app based on the need to protect public health. There was a general understanding that lack of uptake will negatively affect the fight against COVID-19 in BAME communities and an acknowledgement of the need for the government to rebuild trust through transparency and development of regulatory safeguards to enhance privacy and prevent misuse.

To the best of the authors’ knowledge, the research makes original contributions being the first robust study conducted to explore perceptions of marginalised communities, particularly BAME which may be adversely impacted by the deployment of the app. By exploring community-based perceptions, this study further contributes to the emerging citizens’ perceptions on digital contact tracing which is crucial to the effectiveness and the development of an efficient, community-specific response to public attitudes towards the app. The findings can also help the development of responsible innovation approaches that balances the competing interests of digital health interventions with the needs and expectations of the BAME community in the UK.