Systems And Methods For Detecting Call Provenance From Call Audio

Various embodiments of the invention are detection systems and methods for detecting call provenance based on call audio. An exemplary embodiment of the detection system can comprise a characterization unit, a labeling unit, and an identification unit. The characterization unit can extract various characteristics of networks through which a call traversed, based on call audio. The labeling unit can be trained on prior call data and can identify one or more codecs used to encode the call, based on the call audio. The identification unit can utilize the characteristics of traversed networks and the identified codecs, and based on this information, the identification unit can provide a provenance fingerprint for the call. Based on the call provenance fingerprint, the detection system can identify, verify, or provide forensic information about a call audio source.Georgia Tech Research Corporatio

A Forensic Analysis of Video Streaming Activities on Android Applications

Mobile applications of video streaming platforms store a lot of information on mobile devices which can have both positive and negative impacts. Positive, in the sense that it could assist law enforcement agencies in solving crime, and the negative impact is that it could be accessed by malicious actors. In this study, we forensically investigate the Netflix, Amazon Prime Video, and iFlix android applications. The major focus is on identifying stored artifacts on the mobile devices left behind by the android video streaming applications. It will give law enforcement agencies and forensic investigators a clear direction when it comes to extracting evidence to solve a crime. On the other hand, it will notify the mobile application developers on how to further improve the security of their mobile applications.

I Know What You Did Last Summer: Your Smart Home Internet of Things and Your iPhone Forensically Ratting You Out

The adoption of smart home Internet of Things (IoT) devices continues to grow. What if your devices can snitch on you and let us know where you are at any given point in time? In this work we examined the forensic artifacts produced by Nest devices, and in specific, we examined the logical backup structure of an iPhone used to control a Nest thermostat, Nest Indoor Camera and a Nest Outdoor Camera. We also integrated the Google Home Mini as another method of controlling the studied Smart Home devices. Our work is the primary account for the examination of Nest artifacts produced by an iPhone, and is also the first open source research to produce a usable forensics tool we name the Forensic Evidence Acquisition and Analysis System (FEAAS). FEAAS consolidates evidentiary data into a readable report that can infer user events (like entering or leaving a home) and what triggered an event (whether it was the Google Assistant through a voice command, or the use of an iPhone application). Our results are important for the advancement of digital forensics, as there are cases starting to emerge in which smart home IoT devices have already been used as culpatory evidence

Map My Murder: A Digital Forensic Study of Mobile Health and Fitness Applications

The ongoing popularity of health and fitness applications catalyzes the need for exploring forensic artifacts produced by them. Sensitive Personal Identifiable Information (PII) is requested by the applications during account creation. Augmenting that with ongoing user activities, such as the user’s walking paths, could potentially create exculpatory or inculpatory digital evidence. We conducted extensive manual analysis and explored forensic artifacts produced by (n = 13) popular Android mobile health and fitness applications. We also developed and implemented a tool that aided in the timely acquisition and identification of artifacts from the examined applications. Additionally, our work explored the type of data that may be collected from health and fitness web platforms, and Web Scraping mechanisms for data aggregation. The results clearly show that numerous artifacts may be recoverable, and that the tested web platforms pose serious privacy threats

Forensic Analysis of the Bumble Dating App for Android

Mobile applications that facilitate interaction between people have grown in popularity and, as a result, the number of e-dating applications have expanded. In these types of applications, there is usually a trade-off between user privacy and safety. On one hand, users want to keep their data as private as possible, on the other hand, user identification forces accountability, which, hopefully, will foster the development of responsible behaviors and minimize abuses. The Bumble e-dating app has been growing in popularity and differs from other apps by giving women the power to make the first contact after a match. Their main goal is to prevent women’s harassment. In this work, we study the digital artifacts that can be found after the use of the Bumble app on Android devices. Despite applying many measures to ensure data protection, it was possible to obtain information that identifies users and exchanged messages. The data structure stored on the device is described, as well as the artifacts with forensic value for an investigation. Moreover, a script was created to parse and visualize the main forensic artifacts of the Bumble app.info:eu-repo/semantics/publishedVersio

Internet of Things Software and Hardware Architectures and Their Impacts on Forensic Investigations: Current Approaches and Challenges

The never-before-seen proliferation of interconnected low-power computing devices, patently dubbed the Internet of Things (IoT), is revolutionizing how people, organizations, and malicious actors interact with one another and the Internet. Many of these devices collect data in different forms, be it audio, location data, or user commands. In civil or criminal nature investigations, the data collected can act as evidence for the prosecution or the defense. This data can also be used as a component of cybersecurity efforts. When data is extracted from these devices, investigators are expected to do so using proven methods. Still, unfortunately, given the heterogeneity in the types of devices that need to be examined, few widely agreed-upon standards exist. In this paper, we look at some of the architectures, current frameworks, and methods available to perform forensic analysis of IoT devices to provide a roadmap for investigators and researchers to form the basis of an investigation

Digital Forensic Analysis of Telegram Messenger App in Android Virtual Environment

The paper provides an in-depth analysis of the artifacts generated by the Telegram Messenger application on Android OS which provides secure communications between individuals, groups, and channels. Since the past few years, the application went through major changes and updates and the latest version’s artifacts varied from the previous ones. Our methodology is based on the set of experiments designed to generate the artifacts from various use cases on the virtualized environment. The acquired artifacts such as messages, their location, and data structure how they relate to one another were studied and were then compared to the older versions. By correlating the artifacts of newer version with the older ones, it shows how the application have been upgraded behind the scenes and by incorporating those results can provide investigators better understanding and insight for the certain evidence in a potential cybercrime case