Reference architecture for android applications to support the detection of manipulated evidence

dc.contributor.authorPieterse, H.
dc.contributor.authorOlivier, Martin S.
dc.contributor.authorVan Heerden, R.P.
dc.contributor.emailmolivier@cs.up.ac.zaen_ZA
dc.date.accessioned2017-06-01T08:17:48Z
dc.date.available2017-06-01T08:17:48Z
dc.date.issued2016-06
dc.description.abstractTraces found on Android smartphones form a significant part of digital investigations. A key component of these traces is the date and time, often formed as timestamps. These timestamps allow the examiner to relate the traces found on Android smartphones to some real event that took place. This paper performs exploratory experiments that involve the manipulation of timestamps found in SQLite databases on Android smartphones. Based on observations, specific heuristics are identified that may allow for the identification of manipulated timestamps. To overcome the limitations of these heuristics, a new reference architecture for Android applications is also introduced. The reference architecture provides examiners with a better understanding of Android applications as well as the associated digital evidence. The results presented in the paper show that the suggested techniques to establish the authenticity and accuracy of digital evidence are feasible.en_ZA
dc.description.departmentComputer Scienceen_ZA
dc.description.librarianam2017en_ZA
dc.description.urihttp://www.saiee.org.za/DirectoryDisplay/DirectoryCMSPages.aspx?name=Publications#id=1588&dirname=ARJ&dirid=337en_ZA
dc.identifier.citationPieterse, H, Olivier, MS & Van Heerden, RP 2016, 'Reference architecture for android applications to support the detection of manipulated evidence', SAIEE Africa Research Journal, vol. 107, no. 2, pp. 92-103.en_ZA
dc.identifier.issn1991-1696
dc.identifier.urihttp://hdl.handle.net/2263/60747
dc.language.isoenen_ZA
dc.publisherSouth African Institute of Electrical Engineersen_ZA
dc.rights© 2016 South African Institute of Electrical Engineersen_ZA
dc.subjectDigital forensicsen_ZA
dc.subjectMobile forensicsen_ZA
dc.subjectSmartphonesen_ZA
dc.subjectAndroiden_ZA
dc.subjectTimestampsen_ZA
dc.subjectReference architectureen_ZA
dc.titleReference architecture for android applications to support the detection of manipulated evidenceen_ZA
dc.typeArticleen_ZA

Files

Original bundle

Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Pieterse_Reference_2016.pdf
Size:
701.49 KB
Format:
Adobe Portable Document Format
Description:
Article

License bundle

Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
license.txt
Size:
1.75 KB
Format:
Item-specific license agreed upon to submission
Description: