A comparative study of WhatsApp forensics tools

Autor: Lamyaa Sami Alsaleem, Nazar Abbas Saqib, Deema Abdullah Alotaibi, Sarah Alqhtani, Samiha Brahimi, Mubarak Alshahrani, Khalid Alissa, Norah Ahmed Almubairik, Malak Fahad Aldakheel
Rok vydání: 2019
Předmět:
Zdroj: SN Applied Sciences. 1
ISSN: 2523-3971
2523-3963
Popis: With the increasing number of mobile phones and mobile applications, there is a noticeable rise in cybercrimes. Hence, an urgent need for mobile forensics. Before starting investigation, the investigator should choose one of the acquisition types; physical acquisition, logical acquisition or manual acquisition. The current mobile acquisition tools use these methods to produce an image of the entire mobile content, files of specific datatypes, or data of a certain application. Unfortunately, the resultant output does not facilitate investigating cases related to specific mobile application, since the tool might acquire more than what is needed which requires investigators to filter data manually, or acquire all the application’s data without sufficient analysis. Both cases are effort and time consuming. This study analyzes and compares currently available forensics tools that are designed to extract WhatsApp data only. The comparative study is based on two aspects; National Institute of Standards and Technology (NIST) Mobile Device Tool Test Assertions and researchers’ requirements. The results of the comparative study showed a shortage in the current WhatsApp forensics tools as they do not satisfy all NIST Test Assertions. Additionally, several researchers’ requirements such as: creating projects, comprehensive analysis, applying filters and validating the extracted files, were not met in the studied tools.
Databáze: OpenAIRE
Externí odkaz: