Date of Award
Doctor of Philosophy
Electrical and Computer Engineering
Computer Engineering( Secureand Reliable Computing)
Along with the popularity of smartphones, more and more mobile apps are released and updated yearly.In contrast, the digital forensic analysis on Android apps moves slowly due to the existing outdated solutions. The reason is the primary involvement of the manual work when forensic practitioners are identifying and extracting the digital evidence from the suspect's devices. Because the different app has distinct patterns to archive user's or device's information, existing studies can provide limited support due to the massive number of real-world apps in the market. Additionally, the situation becomes more complicated when there are thousands of new apps published and versions updated quarterly.
We, therefore, aim to build a database that provides an automated solution to identify and extract the digital evidence from the mobile device.This dissertation, as the first step exploring the aforementioned automated solution, elaborates our ideas and implementations under two important storage mediums: Android file system and logging system. To analyze the large-scale real-world apps, we extend the static program analysis techniques to tackle down the challenge. The evaluation results demonstrate that our proposed approach can improve the experience of forensic practitioners by proving useful locations and types of digital evidence. Furthermore, we study the stability and reliability of a prior automated solution's dependency, the Android app fuzzing tools. Our evaluation shows that the existing Android app fuzzing tools have explicit programming patterns in the runtime and can result in incomplete outputs when being integrated with the prior automated solution.
Cheng, Chao-Chun, "EviHunter: Identifying digital forensic artifacts in android devices via static and dynamic program analysis" (2020). Graduate Theses and Dissertations. 18290.
Available for download on Saturday, January 07, 2023