Cyberattack pattern analysis on mobile device data forensic investigations

Lists

Ghimire, Yogesh, Davishi, Iman, Yeboah-Ofori, Abel ORCID: https://orcid.org/0000-0001-8055-9274, Asif, Waqar, Oguntoyinbo, Oluwale and Hawsh, Aden (2025) Cyberattack pattern analysis on mobile device data forensic investigations. In: 2024 International Conference on Electrical and Computer Engineering Researches (ICECER), 04-06 December 2024, Gaborone, Botswana.

Preview

PDF (PDF/A)
Cyberattack Pattern Analysis on Mobile Device Data Forensic Investigations_accessible.pdf - Published Version
Available under License Creative Commons Attribution.
Download (1MB) | Preview

Official URL: https://ieeexplore.ieee.org/document/10920355

Abstract

Mobile device data forensics investigations using open-source tools for cyberattack pattern analysis have become inevitable due to the changing attack surface and the
changing threat landscape. As mobile device usage increases, so do the vulnerabilities and security threats leading to attacks such as mobile app attacks, MITM attacks, bluejacking, malware, and social engineering attacks. The paper aims to explore a hypothetical scenario of mobile device compromise using a social engineering attack. The study focuses on forensic analysis techniques to investigate these compromises, including network traffic examination, malicious app analysis, and disk image inspection using open-source tools. The contribution of this paper is threefold. First, we explore the attack surface by implementing an existing attack pattern on Android devices and having a secure and controlled connection to the mobile device. The attack scenarios are simulated on an Android device. Further, we extract data on the forensic disk image using a digital forensics investigation process and an Autopsy tool in a virtual environment for cyberattack analysis on the mobile device to determine attribution. Furthermore, we implement the multifunctional digital forensic tool Autopsy to retrieve and analyze several types of digital evidence from mobile devices in standardized formats. This work underscores the importance of using cost-effective, reliable, advanced open forensic tools compliant with NIST SP 800-101 r1 for accurate forensic disk image analysis. We also highlight the risks associated with unverified app downloads and the exploitation of mobile vulnerabilities.

Item Type:	Conference or Workshop Item (Paper)
ISBN:	9798331539733
Identifier:	10.1109/ICECER62944.2024.10920355
Identifier:	10.1109/ICECER62944.2024.10920355
Keywords:	Forensics, Digital forensics, Autopsy, Virtual environments, Telecommunication traffic, Mobile handsets, Data mining, Pattern analysis, Cyberattack, Surface treatment
Subjects:	Computing
Depositing User:	Abel Yeboah-Ofori
Date Deposited:	24 Mar 2025 08:40
Last Modified:	22 Apr 2025 09:00
URI:	https://repository.uwl.ac.uk/id/eprint/13357
Sustainable Development Goals:	Goal 9: Industry, Innovation, and Infrastructure

Downloads

Downloads per month over past year

Actions (login required)

View Item

References

J. T. Becker, S. J. Egan, and L. C. Wang, "Evolving Threats to Mobile Security: An Analysis of Social Engineering and Malware Trends," IEEE Transactions on Information Forensics and Security, vol. 15, pp. 3057-3070, 2020.

A. Yeboah-Ofori, and A. K. Brown, (2020) Digital forensics investigation jurisprudence: issues of admissibility of digital evidence. Journal of Forensic, Legal & Investigative Sciences, 6 (1). pp. 1-8. doi:10.24966/FLIS-733X/100045.

E. Barmpatsalou, D. Damopoulos, G. Kambourakis, and V. Katos, "A critical review of 7 years of Mobile Device Forensics," Digital Investigation, vol. 22, pp. 3-16, Mar. 2018.

G. Jones and A. Winster, "Mobile Device Forensics: Techniques and Tools for Accessing Data," Journal of Digital Forensics, vol. 10, no. 2, pp. 23-35, Apr. 2022.

National Institute of Standards and Technology (NIST), "Guidelines on Mobile Device Forensics," Special Publication 800-101 Revision 1, May 2014.

R. Ayers, S. Brothers, and W. Jansen, "Guidelines on Mobile Device Forensics," NIST Special Publication 800-101 Revision 1, National Institute of Standards and Technology, 2014.

J. Reedy, "Autopsy: A Comprehensive Guide to Digital Forensics," Journal of Digital Forensics, vol. 20, no. 4, pp. 45-58, 2023.
J. Fernando, "The Importance of Data in Cyber Forensics," International Journal of Cybersecurity, vol. 3, no. 2, pp. 123-135, 2021.

P. Wilson and T. Chi, "A Validation Framework for Mobile Digital Evidence," Digital Investigation Journal, vol. 22, no. 1, pp. 67-82, 2020.

A. Moreb, H. Salah, and A. Amro, "The Mobile Forensics Investigation Process Framework (MFIPF): A Comprehensive Approach," Journal of Digital Forensics, vol. 8, no. 4, pp. 215-230, 2019.

K. Barmpatsalou, A. Mylonas, T. Mavropoulos, and G. Kambourakis, "The Evolution of Mobile Device Forensics," Future Internet Journal, vol. 11, no. 3, pp. 67-85, 2020.

A. Yeboah-Ofori, E. Yeboah-Boateng and H. Gustav Yankson, "Relativism Digital Forensics Investigations Model: A Case for the Emerging Economies," 2019 International Conference on Cyber Security and Internet of Things (ICSIoT), 2019, pp. 93-100, doi: 10.1109/ICSIoT47925.2019.00023.

A. Wiley and R. Davis, "Leveraging Autopsy for Mobile Device Forensics," International Journal of Digital Crime and Forensics, vol. 14, no. 2, pp. 30-44, 2022.

A. Khan and F. Chaudhry, "Analyzing Android File Systems Using Open Source Tools," Digital Forensic Review, vol. 19, no. 3, pp. 120-134, 2021.

S. Martinez and P. Lopez, "Integrating Autopsy with Other Tools for Enhanced Mobile Forensics," in Proc. Int. Conf. Digital Forensics, 2020, pp. 78-85.

M. K. Khan, M. Shafiq, and K.-K. R. Choo, "A Survey on Android Security: Issues, Vulnerabilities and Countermeasures," Future Generation Computer Systems, vol. 97, pp. 687-696, 2019. DOI: 10.1016/j.future.2019.03.017.

R. Padmanabhan, S. Narayan, D. Patel, and N. Shah, "A Comparative Analysis of Commercial and Open-Source Mobile Forensic Tools," IEEE Access, vol. 7, pp. 137459-137472, 2019.

T. Wu, F. Breitinger, and S. O'Shaughnessy, "Digital forensic tools: Recent advances and enhancing the status quo," Forensic Science International: Digital Investigation, vol. 34, p. 300999, 2020.

T. Wu, F. Breitinger, and S. O'Shaughnessy, "Digital forensic tools: Comparison of Autopsy TSK and Forensic Explorer," Forensic Science International: Digital Investigation, vol. 34, p. 300999, 2020.

"GNU General Public License, version 2 (GPLv2)," GNU Project, 2023. [Online]. Available: https://www.gnu.org/licenses/old-licenses/gpl-2.0.html

R. Reddy, S. Gouri Aruna Sri, P. Sai, and J. B, "Backdoor Implementation in Android using Open-Source Tools," International Journal of Innovative Technology and Exploring Engineering, vol. 9, no. 3, pp. 2870–2872, 2020, doi: 10.35940/ijitee.C8920.019320.

S. Janarthanan, M. Bagheri, and S. Zargari, "Challenges in Mobile Forensics: Operating Systems and Security Mechanisms," Journal of Digital Forensics, Security and Law, vol. 15, no. 2, pp. 45-56, 2020.

V. Ndatinya, Z. Xiao, V. R. Manepalli, K. Meng, and Y. Xiao, "Network forensics analysis using Wireshark," International Journal of Security and Networks, vol. 10, no. 2, p. 91, 2015, doi: 10.1504/IJSN.2015.070421.

A. Hamdi, “Mobile Application Reverse Engineering with Easy APK Tool,” Journal of Mobile Computing and Application Development, vol. 7, no. 1, pp. 45-50, Mar. 2019.

M. K. Roberts and R. Jayabalan, “An area efficient and high throughput multi-rate quasi-cyclic LDPC decoder for IEEE 802.11n applications,” Microelectronics Journal, vol. 45, no. 11, pp. 1489–1498, Nov. 2014, doi: 10.1016/j.mejo.2014.07.003.

M. K. Roberts, P. Ramasamy, and F. Dahan, "An innovative approach for cluster head selection and energy optimization in wireless sensor networks using zebra fish and sea horse optimization techniques," J. Ind. Inf. Integr., vol. 41, p. 100642, Sep. 2024, doi: 10.1016/j.jii.2024.100642

Tools

CORE (COnnecting REpositories)

The University of West London

Cyberattack pattern analysis on mobile device data forensic investigations

Abstract

Downloads

Actions (login required)

Menu