Our developed societies have experienced lately the invasion of mobile devices in people's lives. Smartphones, tablets and wearables are embedded in our personal and professional routines. The various smartphone applications take advantage of these devices' increased capabilities and assist users to communicate with other people, entertain themselves and complete several other tasks. These applications store a significant amount of information in the device's internal memory. These data can be used as evidence in court. Hence, the need for their extraction, analysis, presentation and preservation has established the Digital Forensics Community. The findings of this thesis can be helpful to Law Enforcement Agencies (LEA) and forensic analysts during triage and analysis assisting them to efficiently extract and visualise underlying patterns of the data. This thesis proposes concepts towards the direction of automating specific tasks related to forensic analyses on mobile devices. The basic theme of this thesis is the analysis of high level non-volatile data that exist in the internal memory of mobile devices. Thus, it studies three major categories of data (text, multimedia and social network relationships) proposing concepts towards content analysis automation. Therefore, it proposes a framework to assist forensic analysts to extract data from devices running the Android OS in a forensically sound fashion. Furthermore, it analyses human factors that dictate biased behaviour when users form graphical passwords in order to investigate if lightweight methodologies can bypass user authentication schemes such as the Android pattern lock screen. In addition, it investigates if text-mining tasks can be performed on short texts with a special focus on SMS sentiment analysis. Moreover, social network analysis tools are implemented aiming to depict relationships among the people that interact with the user of the device. Finally, the performance of a steganalysis tool is evaluated and a framework to describe and visualise data sharing and distribution among applications is proposed.
| Identifer | oai:union.ndltd.org:bl.uk/oai:ethos.bl.uk:690380 |
| Date | January 2015 |
| Creators | Andriotis, Panagiotis |
| Publisher | University of Bristol |
| Source Sets | Ethos UK |
| Detected Language | English |
| Type | Electronic Thesis or Dissertation |
Page generated in 0.009 seconds