Towards a unified fraud management and digital forensic framework for mobile applications

Bopape, Rudy Katlego

06 1900

Historically, progress in technology development has continually created new opportunities for criminal activities which, in turn, have triggered the need for the development of new security-sensitive systems. Organisations are now adopting mobile technologies for numerous applications to capitalise on the mobile revolution. They are now able to increase their operational efficiency as well as responsiveness and competitiveness and, most importantly, can now meet new, growing customers’ demands. However, although mobile technologies and applications present many new opportunities, they also present challenges. Threats to mobile phone applications are always on the rise and, therefore, compel organisations to invest money and time, among other technical controls, in an attempt to protect them from incurring losses. The computerisation of core activities (such as mobile banking in the banking industry, for example) has effectively exposed organisations to a host of complex fraud challenges that they have to deal with in addition to their core business of providing services to their end consumers. Fraudsters are able to use mobile devices to remotely access enterprise applications and subsequently perform fraudulent transactions. When this occurs, it is important to effectively investigate and manage the cause and findings, as well as to prevent any future similar attacks. Unfortunately, clients and consumers of these organisations are often ignorant of the risks to their assets and the consequences of the compromises that might occur. Organisations are therefore obliged, at least, to put in place measures that will not only minimise fraud but also be capable of detecting and preventing further similar incidents. The goal of this research was to develop a unified fraud management and digital forensic framework to improve the security of Information Technology (IT) processes and operations in organisations that make available mobile phone applications to their clients for business purposes. The research was motivated not only by the increasing reliance of organisations on mobile applications to service their customers but also by the fact that digital forensics and fraud management are often considered to be separate entities at an organisational level. This study proposes a unified approach to fraud management and digital forensic analysis to simultaneously manage and investigate fraud that occurs through the use of mobile phone applications. The unified Fraud Management and Digital Forensic (FMDF) framework is designed to (a) determine the suspicious degree of fraudulent transactions and (b) at the same time, to feed into a process that facilitates the investigation of incidents. A survey was conducted with subject matter experts in the banking environment. Data was generated through a participatory self-administered online questionnaire. Collected data was then presented, analysed and interpreted quantitatively and qualitatively. The study found that there was a general understanding of the common fraud management methodologies and approaches throughout the banking industry and the use thereof. However, while many of the respondents indicated that fraud detection was an integral part of their processes, they take a rather reactive approach when it comes to fraud management and digital forensics. Part of the reason for the reactive approach is that many investigations are conducted in silos, with no central knowledge repository where previous cases can be retrieved for comparative purposes. Therefore, confidentiality, integrity and availability of data are critical for continued business operations. To mitigate the pending risks, the study proposed a new way of thinking that combines both components of fraud management and digital forensics for an optimised approach to managing security in mobile applications. The research concluded that the unified FMDF approach was considered to be helpful and valuable to professionals who participated in the survey. Although the case study focused on the banking industry, the study appears to be instrumental in informing other types of organisations that make available the use of mobile applications for their clients in fraud risk awareness and risk management in general. / Computing / M. Sc. (Computing)

Fraud management

Digital forensics

Mobile applications

Mobile devices

Threats

Frameworks

Process models

Paradigms

005.35

Mobile apps

Mobile device forensics

Fraud -- Management

Cell phone systems -- Security measures

Providing Context to the Clues: Recovery and Reliability of Location Data from Android Devices

Bell, Connie

01 January 2015

Mobile device data continues to increase in significance in both civil and criminal investigations. Location data is often of particular interest. To date, research has established that the devices are location aware, incorporate a variety of resources to obtain location information, and cache the information in various ways. However, a review of the existing research suggests varying degrees of reliability of any such recovered location data. In an effort to clarify the issue, this project offers case studies of multiple Android mobile devices utilized in controlled conditions with known settings and applications in documented locations. The study uses data recovered from test devices to corroborate previously identified accuracy trends noted in research involving live-tracked devices, and it further offers detailed analysis strategies for the recovery of location data from devices themselves. A methodology for reviewing device data for possible artifacts that may allow an examiner to evaluate location data reliability is also presented. This paper also addresses emerging trends in device security and cloud storage, which may have significant implications for future mobile device location data recovery and analysis. Discussion of recovered cloud data introduces a distinct and potentially significant resource for investigators, and the paper addresses the cloud resources' advantages and limitations.

Android forensics

location forensics

android location data

mobile device forensics

mobile device investigations

android investigations

google location history

cloud analyzer

Computer Sciences

Engineering

Forensic Science and Technology