Digital Evidence Identification on Google Drive in Android Device Using NIST Mobile Forensic Method

Anton Yudhana, Rusydi Umar, Ahwan Ahmadi

Abstract


The use of cloud storage media is very popular nowadays, especially with the Google Drive cloud storage media on smartphones. The increasing number of users of google drive storage media does not rule out the possibility of being used as a medium for storing illegal data, such as places to store negative content and so on. On a smartphone with an Android operating system that has a Google Drive application installed, digital evidence can be extracted by acquiring and analyzing the system files. This study implemented a mobile forensic method based on guidelines issued by the National Institute of Standards of Technology (NIST). The results of this study are presented in the form of data recovery in the deleted Google Drive storage media, which results in the form of headers of the data type in the form of deleting account names, deleted file types, and timestamp of deleted files. Digital evidence obtained with 59 Axiom Magnet software found in the Entry227 file, with 46 files, if the percentage is a success rate of 77%.


Full Text:

PDF

References


Anwar, nuril, & Riadi, I. (2017). Analisis Investigasi Forensik WhatsApp Messanger Smartphone Terhadap WhatsApp Berbasis Web. Jurnal Ilmiah Teknik Elektro Komputer Dan Informatika, 3(1), 1–10. Retrieved from http://journal.uad.ac.id/index.php/JITEKI/article/view/6643/3530

Armbrust, M., Fox, A., Griffith, R., Joseph, A., & RH. (2009). Above the clouds: A Berkeley view of cloud computing. University of California, Berkeley, Tech. Rep. UCB, 07–013. https://doi.org/10.1145/1721654.1721672

Easwaramoorthy, S., Thamburasa, S., Samy, G., Bhushan, S. B., & Aravind, K. (2016). Digital Forensic Evidence Collection of Cloud Storage Data for Investigation.

EMC. (2014). The Current Trend in Cybercrime 2014 - An Inside Look at the Changing Threat Landscape (pp. 1–9). Retrieved from http://www.emc.com/collateral/white-paper/rsa-cyber-crime-report-0414.pdf

Fadlil, A., Riadi, I., Aji, S., & Dahlan, U. A. (2017). Pengembangan sistem pengaman jaringan komputer berdasarkan analisis forensik jaringan. Jurnal Ilmu Teknik Elektro Komputer Dan Informatika (JITEKI), 3(1), 11.

Faheem, M., Le-Khac, N. A., & Kechadi, T. (2017). Toward a new mobile cloud forensic framework. 2016 6th International Conference on Innovative Computing Technology, INTECH 2016, (November), 736–742. https://doi.org/10.1109/INTECH.2016.7845142

Faiz, M. N., Prabowo, W. A., & Sidiq, M. F. (2018). Studi Komparasi Investigasi Digital Forensik pada Tindak Kriminal. Journal of Informatics, Information System, Software Engineering and Applications (INISTA), 1(1), 63–70. https://doi.org/10.20895/INISTA.V1I1

Forensics, D. (2009). Hashing and Data Fingerprinting in Digital Forensics, (April), 49–55.

Juliandi, A. (2014). Personal Storage, 0–14. https://doi.org/10.5281/zenodo.1067932

Kent, K., Chevalier, S., Grance, T., & Dang, H. (2006). Guide to integrating forensic techniques into incident response. https://doi.org/10.6028/NIST.SP.800-86

Mager, T., Biersack, E., & Michiardi, P. (2012). A measurement study of the Wuala on-line storage service. 2012 IEEE 12th International Conference on Peer-to-Peer Computing, P2P 2012, 237–248. https://doi.org/10.1109/P2P.2012.6335804

Martini, B., & Choo, K. K. R. (2013). Cloud storage forensics: OwnCloud as a case study. Digital Investigation, 10(4), 287–299. https://doi.org/10.1016/j.diin.2013.08.005

Mulazzani, M., Schrittwieser, S., Weippl, E., Leithner, M., & Huber, M. (2011). Dark Clouds on the Horizon : Using Cloud Storage as Attack Vector and Online Slack Space. USENIX Security, 8, 11. Retrieved from http://research.securityresearch.at/wp-content/uploads/publications/dropboxUSENIX2011.pdf

Putra, R. A., Fadlil, A., & Riadi, I. (2017). Forensik Mobile Pada Smartwach Berbasis Android. Jurti.

Riadi, I., & Umar, R. (n.d.). Analisis Forensik Serangan Sql Injection Menggunakan Metode Statis Forensik. In Prosiding Interdisciplinary Postgraduate Student Conference 1st Program Pascasarjana Universitas Muhammadiyah Yogyakarta (PPs UMY) (pp. 102–103).

Riadi, I., & Umar, R. (2017). Identification Of Digital Evidence On Android ’ s. International Journal of Computer Science and Information Security, 15(5), 3–8.

Riadi, I., Umar, R., & Firdonsyah, A. (2018). Forensic Tools Performance Analysis on Android-based Blackberry Messenger using NIST Measurements. International Journal of Electrical and Computer Engineering (IJECE), 8(5), 3991–4003. https://doi.org/10.11591/ijece.v8i5.pp3991-4003

Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, 34(1), 1–11. https://doi.org/10.1016/j.jnca.2010.07.006

Umar, R., Yudhana, A., & Faiz, M. N. (2016). Analisis Kinerja Metode Live Forensics Untuk Investigasi Random Access Memory pada Sistem Proprietary. In Prosiding Konferensi Nasional Ke- 4 Asosiasi Program Pascasarjana Perguruan Tinggi Muhammadiyah (APPPTM) (pp. 207–211).

Yudhana, A., Riadi, I., & Anshori, I. (2018). Analisis Bukti Digital Facebook Messenger Menggunakan Metode Nist. IT JOURNAL RESEARCH AND DEVELOPMENT, 3(1), 13–21.




DOI: https://doi.org/10.15294/sji.v6i1.17767

Refbacks

  • There are currently no refbacks.




Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.