Mobil adli bilişim yazılımı geliştirilerek elde edilen veriler ile kullanıcılar arası ilişkilerin derecelendirilmesi

Year 2020, Volume: 26 Issue: 2, 359 - 370, 07.04.2020

Faruk Süleyman Berber , Ecir Küçüksille

Abstract

Adli bilişim sürecinde çok çeşitli yazılımlar ve donanımlar kullanılmaktadır. Teknolojinin hızlı gelişimine paralel olarak dijital delillerin toplandığı cihazlar da hızla çeşitlenmektedir. Android mobil telefonlardan toplanan dijital deliller yardımı ile bu telefona sahip kişinin arkadaşlarının ve bu arkadaşları ile ilişkilerinin derecelendirilerek tespit edilmesi, literatürde çalışılmış ve üzerinde çalışılmaya devam eden konulardan biridir. Bu çalışmada geliştirilen yazılım, Android işletim sistemine sahip mobil cihazlardan fiziksel ve mantıksal imaj alma, imajın incelenmek üzere açılması, imaj içinde farklı dosya türlerinin incelenmesi, veri tabanı incelemeleri gibi dijital delil niteliği taşıyan birçok veriye erişilmesini sağlamaktadır. Delil elde etme, delilleri inceleme ve raporlama işlemlerini yapabilen bu yazılım aynı zamanda geliştirilen analiz modeliyle mobil cihazlardan elde edilen sosyal medya uygulama verileri, telefon rehberi ve görüşme kayıtları arasındaki ilişkileri inceleyerek suçlunun veya hesapları incelenen kişilerin, ilişkili olma ihtimali yüksek kişileri tespit edebilmektedir. Birçok işlemi tek bir ara yüzden yapabilmesi ve veri analiz yöntemi bakımından, özgün bir çalışma olarak gerçekleştirilen yazılımla incelenen deliller ve elde edilen bulgular bu çalışmada sunulmuştur.

Keywords

Adli bilimler, Adli bilişim, Mobil adli bilişim, Sayısal delil inceleme, Bulanık model

Rating of the relationship between users using the data from the implemented mobile forensic software

Abstract

During the digital forensic process, different software and hardware tools are used. The devices from which the digital evidences are collected have been varied in parallel with the developments in technology. The issue of identifying the mobile phone owner’s friends and assessing his relationship with them with the help of digital evidences collected from the Android mobile phones has been studied in the literature and it is still under investigation. The software developed in this work enables accessing a variety of data that have evidential value in the court proceedings; these include physical and logical acquisition of images from mobile phones with Android operating system, extracting images for investigations, examining different file types in images, and databases. This software can collect and examine the evidences and then produce reports. At the same time, it can identify criminals or people with potentially have connections to those people whose accounts are under investigations by using developed analysis model which examines the relationships between social media applications` data, phone contacts and calling histories collected from the mobile devices. In this work, the evidences examined by using a novel software developed by the authors which performs multiple tasks using a single interface and the corresponding results are presented.

Keywords

Forensic science, Digital forensics, Mobile forensics, Digital evidence analysis, Fuzzy model

References

• Reith M, Carr C, Gunsch G. “An examination of digital forensic models”. International Journal of Digital Evidence, 1(3), 1-12, 2002.
• Yusoff Y, Ismail R, Hassan Z. “Common phases of computer forensics investigation models”. International Journal of Computer Science & Information Technology, 3(3), 17-31, 2011.
• Scrivens N, Lin X. “Android digital forensics: data, extraction and analysis”. The ACM Turing 50th Celebration Conference, Shanghai, China, 12-14 May 2017.
• Grover J. “Android forensics: Automated data collection and reporting from a mobile device”. Digital Investigation, 10, 12-20, 2013.
• Anglano C. “Forensic analysis of WhatsApp Messenger on Android smartphones”. Digital Investigation, 11(3), 201-213, 2014.
• Thakur NS. Forensic Analysis of WhatsApp on Android Smartphones. MSc Thesis, University of New Orleans, New Orleans, USA, 2013.
• Rathi K, Karabiyik U, Aderibigbe T, Chi H. “Forensic analysis of encrypted instant messaging applications on Android”. 6th International Symposium on Digital Forensic and Security (ISDFS 2018), Antalya, Turkey, 22-25 March 2018.
• Anglano C, Canonico M, Guazzone M. “Forensic analysis of Telegram Messenger on Android smartphones”. Digital Investigation, 23, 31-49, 2017.
• Satrya GB, Daely PT, Nugroho MA. “Digital forensic analysis of Telegram Messenger on Android devices”. International Conference on Information & Communication Technology and Systems (ICTS 2016), IEEE, Surabaya, Indonesia, 12 October 2016.
• Al Mutawa N, Baggili I, Marrington A. “Forensic analysis of social networking applications on mobile devices”. Digital Investigation, 9, 24-33, 2012.
• Norouzizadeh Dezfouli F, Dehghantanha A, Eterovic-Soric B, Choo KKR. “Investigating Social Networking applications on smartphones detecting Facebook, Twitter, LinkedIn and Google+ artefacts on Android and iOS platforms”. Australian Journal of Forensic Sciences, 48(4), 469-488, 2016.
• Azfar A, Choo KKR, Liu L. “Forensic taxonomy of android social apps”. Journal of Forensic Sciences, 62(2), 435-456, 2017.
• Azhar MHB, Barton TEA. “Forensic analysis of secure ephemeral messaging applications on Android platforms”. International Conference on Global Security, Safety, and Sustainability, London, United Kingdom, 18-20 January 2017.
• Choi J, Lee S. “A study of user relationships in smartphone forensics”. Multimedia Tools and Applications, 75(22), 14971-14983, 2016.
• Anwar T, Abulaish M. “A social graph based text mining framework for chat log investigation”. Digital Investigation, 11(4), 349-362, 2014.
• Akbas MI, Avula RN, Bassiouni MA, Turgut D. “Social network generation and friend ranking based on mobile phone data”. IEEE International Conference on Communications (ICC 2013), Budapest, Hungary, 9-13 June 2013.
• Alzaabi M, Taha K, Martin TA. “Cisri: A crime investigation system using the relative importance of information spreaders in networks depicting criminals communications”. IEEE Transactions on Information Forensics and Security, 10(10), 2196-2211, 2015.
• Reinhardt D, Engelmann F, Moerov A, Hollick M. “Show me your phone, I will tell you who your friends are: analyzing smartphone data to identify social relationships”. 14th International Conference on Mobile and Ubiquitous Multimedia (MUM 2015), Linz, Austria, 30 November-2 December 2015.
• Barmpatsalou K, Cruz T, Monteiro E, Simoes P. “Fuzzy System-Based Suspicious Pattern Detection in Mobile Forensic Evidence”. 9th International Conference on Digital Forensics and Cyber Crime, Prague, Czech Republic, 9-11 October 2017.
• Stoffel K, Cotofrei P, Han D. “Fuzzy methods for forensic data analysis”. International Conference on Soft Computing and Pattern Recognition (SoCPaR 2010), Paris, France, 7-10 December 2010.
• Rostamipour M, Sadeghiyan B. “Network attack origin forensics with fuzzy logic”. 5th International Conference on Computer and Knowledge Engineering (ICCKE 2015), Mashhad, Iran, 29-30 October 2015.
• Liao N, Tian S, Wang T. “Network forensics based on fuzzy logic and expert system”. Computer Communications, 32(17), 1881-1892, 2009.
• Chen SY. Engineering Fuzzy Set Theory and Application. Beijing, State Security Industry Press, 1998.
• Chen LY, Wang TC. “Optimizing partners’ choice in IS/IT outsourcing projects: The strategic decision of fuzzy VIKOR”. International Journal of Production Economics, 120(1), 233-242, 2009.