Digital Evidence Identification on Google Drive in Android Device Using NIST Mobile Forensic Method

Anton Yudhana, Rusydi Umar, Ahwan Ahmadi


The use of cloud storage media is very popular nowadays, especially with the Google Drive cloud storage media on smartphones. The increasing number of users of google drive storage media does not rule out the possibility of being used as a medium for storing illegal data, such as places to store negative content and so on. On a smartphone with an Android operating system that has a Google Drive application installed, digital evidence can be extracted by acquiring and analyzing the system files. This study implemented a mobile forensic method based on guidelines issued by the National Institute of Standards of Technology (NIST). The results of this study are presented in the form of data recovery in the deleted Google Drive storage media, which results in the form of headers of the data type in the form of deleting account names, deleted file types, and timestamp of deleted files. Digital evidence obtained with 59 Axiom Magnet software found in the Entry227 file, with 46 files, if the percentage is a success rate of 77%.

Full Text:



Anwar, nuril, & Riadi, I. (2017). Analisis Investigasi Forensik WhatsApp Messanger Smartphone Terhadap WhatsApp Berbasis Web. Jurnal Ilmiah Teknik Elektro Komputer Dan Informatika, 3(1), 1–10. Retrieved from

Armbrust, M., Fox, A., Griffith, R., Joseph, A., & RH. (2009). Above the clouds: A Berkeley view of cloud computing. University of California, Berkeley, Tech. Rep. UCB, 07–013.

Easwaramoorthy, S., Thamburasa, S., Samy, G., Bhushan, S. B., & Aravind, K. (2016). Digital Forensic Evidence Collection of Cloud Storage Data for Investigation.

EMC. (2014). The Current Trend in Cybercrime 2014 - An Inside Look at the Changing Threat Landscape (pp. 1–9). Retrieved from

Fadlil, A., Riadi, I., Aji, S., & Dahlan, U. A. (2017). Pengembangan sistem pengaman jaringan komputer berdasarkan analisis forensik jaringan. Jurnal Ilmu Teknik Elektro Komputer Dan Informatika (JITEKI), 3(1), 11.

Faheem, M., Le-Khac, N. A., & Kechadi, T. (2017). Toward a new mobile cloud forensic framework. 2016 6th International Conference on Innovative Computing Technology, INTECH 2016, (November), 736–742.

Faiz, M. N., Prabowo, W. A., & Sidiq, M. F. (2018). Studi Komparasi Investigasi Digital Forensik pada Tindak Kriminal. Journal of Informatics, Information System, Software Engineering and Applications (INISTA), 1(1), 63–70.

Forensics, D. (2009). Hashing and Data Fingerprinting in Digital Forensics, (April), 49–55.

Juliandi, A. (2014). Personal Storage, 0–14.

Kent, K., Chevalier, S., Grance, T., & Dang, H. (2006). Guide to integrating forensic techniques into incident response.

Mager, T., Biersack, E., & Michiardi, P. (2012). A measurement study of the Wuala on-line storage service. 2012 IEEE 12th International Conference on Peer-to-Peer Computing, P2P 2012, 237–248.

Martini, B., & Choo, K. K. R. (2013). Cloud storage forensics: OwnCloud as a case study. Digital Investigation, 10(4), 287–299.

Mulazzani, M., Schrittwieser, S., Weippl, E., Leithner, M., & Huber, M. (2011). Dark Clouds on the Horizon : Using Cloud Storage as Attack Vector and Online Slack Space. USENIX Security, 8, 11. Retrieved from

Putra, R. A., Fadlil, A., & Riadi, I. (2017). Forensik Mobile Pada Smartwach Berbasis Android. Jurti.

Riadi, I., & Umar, R. (n.d.). Analisis Forensik Serangan Sql Injection Menggunakan Metode Statis Forensik. In Prosiding Interdisciplinary Postgraduate Student Conference 1st Program Pascasarjana Universitas Muhammadiyah Yogyakarta (PPs UMY) (pp. 102–103).

Riadi, I., & Umar, R. (2017). Identification Of Digital Evidence On Android ’ s. International Journal of Computer Science and Information Security, 15(5), 3–8.

Riadi, I., Umar, R., & Firdonsyah, A. (2018). Forensic Tools Performance Analysis on Android-based Blackberry Messenger using NIST Measurements. International Journal of Electrical and Computer Engineering (IJECE), 8(5), 3991–4003.

Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, 34(1), 1–11.

Umar, R., Yudhana, A., & Faiz, M. N. (2016). Analisis Kinerja Metode Live Forensics Untuk Investigasi Random Access Memory pada Sistem Proprietary. In Prosiding Konferensi Nasional Ke- 4 Asosiasi Program Pascasarjana Perguruan Tinggi Muhammadiyah (APPPTM) (pp. 207–211).

Yudhana, A., Riadi, I., & Anshori, I. (2018). Analisis Bukti Digital Facebook Messenger Menggunakan Metode Nist. IT JOURNAL RESEARCH AND DEVELOPMENT, 3(1), 13–21.



  • There are currently no refbacks.

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.