{"title":"使用Android Backup APK (Application Package Kit)降级方法识别Android智能手机上的Whatsapp数字证据","authors":"Deny Sulisdyantoro, M. I. Marzuki","doi":"10.51662/jiae.v3i1.70","DOIUrl":null,"url":null,"abstract":"The use of WhatsApp for actions that lead to unlawful acts is a serious matter that needs to be proven in court. Android and the WhatsApp messaging application continue to update their features and security to provide maximum service and protection to its users, such as the WhatsApp database encryption using crypt14. With crypt14 encryption on the WhatsApp database, investigations of WhatsApp digital evidence against Electronic Evidence (BBE) require an acquisition and extraction method to identify artefacts relevant to digital evidence needs. The National Institute Standard Technology (NIST) reference methodology, from the collection, examination, and analysis to reporting stages, has become a widely used framework for digital forensics against BBE. The Android Backup Application Package Kit (APK) Downgrade method can decrypt the WhatsApp database crypt14 to become a solution that can be used in the framework of mobile forensics to answer the needs of investigations into certain criminal cases, including data that users have deleted. With the Cellebrite tools, the Android Backup Application Package Kit (APK) Downgrade method can identify approximately 651% more artefacts than the Android Backup and logical acquisition methods using the FinalData and MobilEdit tools.","PeriodicalId":424190,"journal":{"name":"Journal of Integrated and Advanced Engineering (JIAE)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-03-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Identification of Whatsapp Digital Evidence on Android Smartphones using The Android Backup APK (Application Package Kit) Downgrade Method\",\"authors\":\"Deny Sulisdyantoro, M. I. Marzuki\",\"doi\":\"10.51662/jiae.v3i1.70\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The use of WhatsApp for actions that lead to unlawful acts is a serious matter that needs to be proven in court. Android and the WhatsApp messaging application continue to update their features and security to provide maximum service and protection to its users, such as the WhatsApp database encryption using crypt14. With crypt14 encryption on the WhatsApp database, investigations of WhatsApp digital evidence against Electronic Evidence (BBE) require an acquisition and extraction method to identify artefacts relevant to digital evidence needs. The National Institute Standard Technology (NIST) reference methodology, from the collection, examination, and analysis to reporting stages, has become a widely used framework for digital forensics against BBE. The Android Backup Application Package Kit (APK) Downgrade method can decrypt the WhatsApp database crypt14 to become a solution that can be used in the framework of mobile forensics to answer the needs of investigations into certain criminal cases, including data that users have deleted. With the Cellebrite tools, the Android Backup Application Package Kit (APK) Downgrade method can identify approximately 651% more artefacts than the Android Backup and logical acquisition methods using the FinalData and MobilEdit tools.\",\"PeriodicalId\":424190,\"journal\":{\"name\":\"Journal of Integrated and Advanced Engineering (JIAE)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-03-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Integrated and Advanced Engineering (JIAE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.51662/jiae.v3i1.70\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Integrated and Advanced Engineering (JIAE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.51662/jiae.v3i1.70","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Identification of Whatsapp Digital Evidence on Android Smartphones using The Android Backup APK (Application Package Kit) Downgrade Method
The use of WhatsApp for actions that lead to unlawful acts is a serious matter that needs to be proven in court. Android and the WhatsApp messaging application continue to update their features and security to provide maximum service and protection to its users, such as the WhatsApp database encryption using crypt14. With crypt14 encryption on the WhatsApp database, investigations of WhatsApp digital evidence against Electronic Evidence (BBE) require an acquisition and extraction method to identify artefacts relevant to digital evidence needs. The National Institute Standard Technology (NIST) reference methodology, from the collection, examination, and analysis to reporting stages, has become a widely used framework for digital forensics against BBE. The Android Backup Application Package Kit (APK) Downgrade method can decrypt the WhatsApp database crypt14 to become a solution that can be used in the framework of mobile forensics to answer the needs of investigations into certain criminal cases, including data that users have deleted. With the Cellebrite tools, the Android Backup Application Package Kit (APK) Downgrade method can identify approximately 651% more artefacts than the Android Backup and logical acquisition methods using the FinalData and MobilEdit tools.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
