Cyberattack Pattern Analysis on Mobile Device Data Forensic Investigations

Ghimire, Yogesh, Davishi, Iman, Yeboah-Ofori, Abel ORCID: https://orcid.org/0000-0001-8055-9274, Asif, Waqar, Oguntoyinbo, Oluwale and Hawsh, Aden (2025) Cyberattack Pattern Analysis on Mobile Device Data Forensic Investigations. In: 2024 International Conference on Electrical and Computer Engineering Researches (ICECER), 04-06 December 2024, Gaborone, Botswana.

Full text not available from this repository.

Abstract

Mobile device data forensics investigations using open-source tools for cyberattack pattern analysis have become inevitable due to the changing attack surface and the
changing threat landscape. As mobile device usage increases, so do the vulnerabilities and security threats leading to attacks such as mobile app attacks, MITM attacks, bluejacking, malware, and social engineering attacks. The paper aims to explore a hypothetical scenario of mobile device compromise using a social engineering attack. The study focuses on forensic analysis techniques to investigate these compromises, including network traffic examination, malicious app analysis, and disk image inspection using open-source tools. The contribution of this paper is threefold. First, we explore the attack surface by implementing an existing attack pattern on Android devices and having a secure and controlled connection to the mobile device. The attack scenarios are simulated on an Android device. Further, we extract data on the forensic disk image using a digital forensics investigation process and an Autopsy tool in a virtual environment for cyberattack analysis on the mobile device to determine attribution. Furthermore, we implement the multifunctional digital forensic tool Autopsy to retrieve and analyze several types of digital evidence from mobile devices in standardized formats. This work underscores the importance of using cost-effective, reliable, advanced open forensic tools compliant with NIST SP 800-101 r1 for accurate forensic disk image analysis. We also highlight the risks associated with unverified app downloads and the exploitation of mobile vulnerabilities.

Item Type: Conference or Workshop Item (Paper)
ISBN: 9798331539733
Identifier: 10.1109/ICECER62944.2024.10920355
Identifier: 10.1109/ICECER62944.2024.10920355
Subjects: Computing
Depositing User: Abel Yeboah-Ofori
Date Deposited: 24 Mar 2025 08:40
Last Modified: 24 Mar 2025 08:40
URI: https://repository.uwl.ac.uk/id/eprint/13357
Sustainable Development Goals: Goal 9: Industry, Innovation, and Infrastructure

Actions (login required)

View Item View Item

Menu