Network Forensic Tool -- Concept and Architecture

WhatsApp is a giant mobile instant message IM application with over 1billion users. The huge usage of IM like WhatsApp through giant smart phone “Android” makes the digital forensic researchers to study deeply. The artefacts left behind in the smartphone play very important role in any electronic crime, or any terror attack. “WhatsApp” as a biggest IM in the globe is considered to be very important resource for information gathering about any digital crime. Recently, end-to-end encryption and many other important features were added and no device forensic analysis or network forensic analysis studies have been performed to the time of writing this paper. This paper explains how can we able to extract the Crypt Key of “WhatsApp” to decrypt the databases and extract precious artefacts resides in the android system without rooting the device. Artefacts that extracted from the last version of WhatsApp have been analysed and correlate to give new valuable evidentiary traces that help in investigating. Many hardware and software tools for mobile and forensics are used to collect as much digital evidence as possible from persistent storage on android device. Some of these tools are commercial like UFED Cellebrite and Andriller, and other are open source tools such as autopsy, adb, WhatCrypt. All of these tools that forensically sound accompanied this research to discover a lot of artefacts resides in android internal storage in WhatsApp application.

Download Full-text

Network Forensic Investigation in OpenContrail Environments

Proceedings of the Third Central European Cybersecurity Conference on - CECC 2019 ◽

10.1145/3360664.3360676 ◽

2019 ◽

Author(s):

Alexander Heckel ◽

Daniel Spiekermann

Keyword(s):

Forensic Investigation ◽

Network Forensic

Download Full-text

Network Forensic Analysis for Lawful Enforcement on Steroids, Distributed and Scalable

Proceedings of the 6th Conference on the Engineering of Computer Based Systems - ECBS '19 ◽

10.1145/3352700.3352720 ◽

2019 ◽

Author(s):

Viliam Letavay ◽

Jan Pluskal ◽

Ondřej Ryšavý

Keyword(s):

Forensic Analysis ◽

Network Forensic

Download Full-text

Challenges of Network Forensic Investigation in Virtual Networks

Journal of Cyber Security and Mobility ◽

10.13052/jcsm2245-1439.522 ◽

2017 ◽

Vol 5 (2) ◽

pp. 15-46 ◽

Cited By ~ 6

Author(s):

Daniel Spiekermann ◽

Tobias Eggendorfer ◽

◽

Keyword(s):

Virtual Networks ◽

Forensic Investigation ◽

Network Forensic

Download Full-text

Network Forensic Analysis via Vulnerability Evidence Reasoning

Proceedings of the 2016 International Conference on Computer Engineering and Information Systems ◽

10.2991/ceis-16.2016.48 ◽

2016 ◽

Author(s):

Cheng-Yue Chang ◽

Jing-Sha He

Keyword(s):

Forensic Analysis ◽

Network Forensic

Download Full-text

Development of Intellectual Network Forensic System LIFT against Targeted Attacks

2015 Fourth International Conference on Cyber Security, Cyber Warfare, and Digital Forensic (CyberSec) ◽

10.1109/cybersec.2015.13 ◽

2015 ◽

Author(s):

Kazuki Hashimoto ◽

Hiroyuki Hiruma ◽

Takashi Matsumoto ◽

Kosetus Kayama ◽

Yoshio Kaikizaki ◽

...

Keyword(s):

Targeted Attacks ◽

Network Forensic

Download Full-text

A LOGIC-BASED NETWORK FORENSIC MODEL FOR EVIDENCE ANALYSIS

IFIP Advances in Information and Communication Technology - Advances in Digital Forensics XI ◽

10.1007/978-3-319-24123-4_8 ◽

2015 ◽

pp. 129-145 ◽

Cited By ~ 10

Author(s):

Changwei Liu ◽

Anoop Singhal ◽

Duminda Wijesekera

Keyword(s):

Evidence Analysis ◽

Network Forensic

Download Full-text

Hash Tree-Based Device Fingerprinting Technique for Network Forensic Investigation

Lecture Notes in Electrical Engineering - Advances in Electrical and Computer Technologies ◽

10.1007/978-981-15-5558-9_20 ◽

2020 ◽

pp. 201-209

Author(s):

Rachana Yogesh Patil ◽

Satish R. Devane

Keyword(s):

Forensic Investigation ◽

Fingerprinting Technique ◽

Network Forensic

Download Full-text

Network Forensic Analysis Using Growing Hierarchical SOM

2013 IEEE 13th International Conference on Data Mining Workshops ◽

10.1109/icdmw.2013.66 ◽

2013 ◽

Cited By ~ 1

Author(s):

Shin-Ying Huang ◽

Yennun Huang

Keyword(s):

Forensic Analysis ◽

Network Forensic ◽

Hierarchical Som

Download Full-text

A Comprehensive Review on Adaptability of Network Forensics Frameworks for Mobile Cloud Computing

The Scientific World JOURNAL ◽

10.1155/2014/547062 ◽

2014 ◽

Vol 2014 ◽

pp. 1-27 ◽

Cited By ~ 18

Author(s):

Suleman Khan ◽

Muhammad Shiraz ◽

Ainuddin Wahid Abdul Wahab ◽

Abdullah Gani ◽

Qi Han ◽

...

Keyword(s):

Cloud Computing ◽

Mobile Cloud Computing ◽

Cost Effective ◽

Data Access ◽

Digital Content ◽

Mobile Cloud ◽

Network Attacks ◽

Network Forensics ◽

Network Forensic ◽

The Cost

Network forensics enables investigation and identification of network attacks through the retrieved digital content. The proliferation of smartphones and the cost-effective universal data access through cloud has made Mobile Cloud Computing (MCC) a congenital target for network attacks. However, confines in carrying out forensics in MCC is interrelated with the autonomous cloud hosting companies and their policies for restricted access to the digital content in the back-end cloud platforms. It implies that existing Network Forensic Frameworks (NFFs) have limited impact in the MCC paradigm. To this end, we qualitatively analyze the adaptability of existing NFFs when applied to the MCC. Explicitly, the fundamental mechanisms of NFFs are highlighted and then analyzed using the most relevant parameters. A classification is proposed to help understand the anatomy of existing NFFs. Subsequently, a comparison is given that explores the functional similarities and deviations among NFFs. The paper concludes by discussing research challenges for progressive network forensics in MCC.

Download Full-text