Ghannam, Hussein Abed and Galinium, Maulahikmah and Lim, Charles (2018) Forensic Analysis of Artefacts of Giant Instant Messaging “WhatsApp” in Android Smartphone. Masters thesis, Swiss German University.
|
Text
Hussein Ghannam 22014126 TOC.pdf Download (562kB) | Preview |
|
![[img]](http://repository.sgu.ac.id/style/images/fileicons/text.png) |
Text
Hussein Ghannam 22014126 1.pdf Restricted to Registered users only Download (300kB) |
|
|
Text
Hussein Ghannam 22014126 2.pdf Restricted to Registered users only Download (436kB) |
|
|
Text
Hussein Ghannam 22014126 3.pdf Restricted to Registered users only Download (395kB) |
|
|
Text
Hussein Ghannam 22014126 4.pdf Restricted to Registered users only Download (1MB) |
|
|
Text
Hussein Ghannam 22014126 5.pdf Restricted to Registered users only Download (339kB) |
|
|
Text
Hussein Ghannam 22014126 Ref.pdf Download (223kB) | Preview |
Abstract
WhatsApp is a giant mobile instant message IM application with over 1billion users. The huge usage of IM applications like WhatsApp through giant smart phone “Android” makes the digital forensic researchers to study it deeply. The artefacts left behind in the smartphone play very important role in any electronic crime, or any terror attack investigation. “WhatsApp” as a biggest IM in the globe is considered to be very important resource for information gathering about any digital crime. Recently, end-to-end encryption and many other important features were released from WhatsApp Inc. and no device forensic analysis or network forensic analysis studies have been performed to the time of writing this thesis. This thesis explains a reference model that reconstructed the artefacts of WhatsApp IM and how can we able to a) extract the Crypt Key of “WhatsApp” to decrypt the databases and extract precious artefacts resides in the android system without rooting the device. b) artefacts that extracted from the last version of WhatsApp have been analysed and correlate to give new valuable evidentiary traces that help in investigating, c) perform network forensic analysis for the network traffic of WhatsApp packets sent or received between two parties, d) retrieve deleted artefacts from RAM of android system that contains a wealth of information, e) automate the process of artefacts analysis by creating new tool “WhatsApp Explorer” to make forensic investigation with high efficiency. Many hardware and software tools for mobile and network forensic are used to collect as much digital evidence as possible. Some of these tools are commercial like UFED Cellebrite, and other are open source tools such as adb, Wireshark, LIME and many others. All of these tools that forensically sound accompanied this research to reconstruct most of artefacts resides in android internal storage, lurks in RAM or in transit between client and server in WhatsApp application.
| Item Type: | Thesis (Masters) |
|---|---|
| Uncontrolled Keywords: | WhatsApp; Android; Android Forensic Analysis; Network Forensic Analysis; Artefacts |
| Subjects: | Q Science > QA Mathematics > QA76 Computer software Q Science > QA Mathematics > QA76 Computer software > T Technology > TK Electrical engineering. Electronics Nuclear engineering > TK5103 Mobile computing > TK5103.4837 Mobile device forensics |
| Divisions: | Faculty of Engineering and Information Technology > Department of Information Technology |
| Depositing User: | Astuti Kusumaningrum |
| Date Deposited: | 18 Jun 2020 02:15 |
| Last Modified: | 18 Jun 2020 02:15 |
| URI: | http://repository.sgu.ac.id/id/eprint/783 |
Actions (login required)
 |
View Item |