Nowadays, many applications tend to collect user profile, such as location, usage trace and so on, even if it is not malicious. This information can be important clues in the criminal investigation. So, the technique is needed which extract artifacts from applications using decompilation. We describe a method for selecting and analyzing forensic artifacts from the Android application with a share of over 80% of mobile devices. Based on the static analysis method, we propose a method for automatically collecting forensic artifact. The effectiveness of the proposed idea is proved by simulation.
This research was supported by the MSIT(Ministry of Science and ICT), Korea, under the ITRC(Information Technology Research Center) support program (IITP-2018-2016-0-00304) supervised by the IITP(Institute for Information & communications Technology Promotion) and was supported by the ICT R&D program of MSIT/IITP (No. 2018-0-00336, Advanced Manufacturing Process Anomaly Detection to prevent the Smart Factory Operation Failure by Cyber Attacks) and was supported by BK21 Plus project of the National Research Foundation of Korea Grant..ACKNOWLEDGMENT This research was supported by the MSIT(Ministry of Science and ICT), Korea, under the ITRC(Information Technology Research Center) support program (IITP-2018-2016-0-00304) supervised by the IITP(Institute for Information & communications Technology Promotion) and was supported by the ICT R&D program of MSIT/IITP (No. 2018-0-00336, Advanced Manufacturing Process Anomaly Detection to prevent the Smart Factory Operation Failure by Cyber Attacks) and was supported by BK21 Plus project of the National Research Foundation of Korea Grant.
