Abstract
Smart phones with Internet capability are growing in popularity, due to many of their useful capabilities. Among other handy features of smart phones, Instant Messaging (IM) is very popular due to the level of convenience it provides in interpersonal communications. As the usage of IM on smart phone is increasing rapidly, it is important to take measures in advance from forensic standpoint forecasting the potential use of it in cyber crimes such as the cyber stalking and cyber bullying. Although, current IM applications for smart phones are in most cases a downsized version of the one used on traditional computers, diverse structure of file systems and storage device on different smart phones pose unique challenges to forensic examiners for recovering digital evidences of a conversation under investigation. In this work, we study and report the forensic analysis of three different IMs: AIM, Yahoo! Messenger and Google Talk, (both client based and web based version) on Apple iPhone. Our results show that the forensic analysis of IMs on smart phones has significant value and needs further attention.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Apple-iPhone-Mobile phone, iPod and Internet device, http://www.apple.com/iphone/
Vaughn, S.C.: MobileSyncBrowser, http://homepage.mac.com/vaughn/msync/
Yahoo! Messenger for the iPhone, http://messenger.yahoo.com/platform/iphone/
AIM on iPhone - Discover AOL, http://daol.aol.com/software/mac/iphone/aim
Google Mobile | Talk for your iPhone, http://www.google.com/mobile/apple/talk.html
Mac OS X Forensics, http://www.macosxforensics.com/index.html
Richardson, W.: How To Mount Your iPhone Filesystem On Your Desktop In Ubuntu (2007), http://www.fsckin.com/2007/09/23/how-to-mount-your-iphonefilesystem-on-your-desktop-in-ubuntu/
Singh, A.: MacFuse, http://code.google.com/p/macfuse/
Colyer, M.: iFuse and libiphone (2009), http://matt.colyer.name/projects/iphone-linux/index.php?title=Main_Page
How to Jailbreak Your iPhone in Under a Minute, http://www.appleiphonereview.com/iphone-tutorials/iphone-jailbreak/
Web IM-AIM Express, http://www.aim.com/aimexpress.adp
Yahoo Messenger for the Web, http://webmessenger.yahoo.com
Telephia Mobile Internet Report, http://www.telephia.com/documents/InternetandDeviceReleaseJune2006v68.14.06FINAL.pdf
Zdziarski, J.: iPhone Forensics. O’reilly Media, California (2008)
Punja, S.G., Mislan, R.P.: Mobile Device Analysis. Small Scale Digital Device Forensics Journal 2(1), 1–16 (2008)
Hurbanek, T.B.: Messaging: A forensic view, http://www.cscic.state.ny.us/security/conferences/security/2006/presentations/hurbanek.cfm
Reust, J.: AOL Instant Messenger Trace Evidence. Digital Investigation 3(4), 238–243 (2006)
Parsonage, H.: The Forensic Recovery of Instant Messages from MSN Messenger and Windows Live Messenger (2008), http://computerforensics.parsonage.co.uk/downloads/MSNandLiveMessengerArtefactsOfConversations.pdf
Dickson, M.: An examination into Yahoo Messenger 7.0. Digital Investigation 3(3), 159–165 (2006)
Kiley, M., Dankner, S., Rogers, M.: Forensic Analysis of Volatile Instant Messaging. Advances in Digital Forensics 4, 129–138 (2008)
Computer Investigation, Electronic Evidence - ACPO Guideline (2009), http://www.dataclinic.co.uk/computer-ACPO.htm
Aesco, Radio Tactics Limited, http://www.radio-tactics.com/?pageid=phonedatabasehandle&man=Apple
Device Seizure, Paraben Forensic Tools, http://www.paraben-forensics.com/cell_models.html
Wolf, Sixth Legion, http://www.sixthlegion.com/
Cyber stalking and online libel, http://www.abc.net.au/rn/lawreport/stories/2009/2584563.htm
Berka, J.: iPhone Safari isn’t Safari 3.0, http://arstechnica.com/apple/news/2007/07/iphone-safari-isnt-safari-3-0-and-other-development-surprises.ars
Apple App Store, http://www.apple.com/iphone/apps-for-iphone/
PLIST, http://developer.apple.com/documentation/Darwin/Reference/ManPages/man5/plist.5.html
SQLite Database Browser, http://sqlitebrowser.sourceforge.net/
plist Editor for Windows, http://www.iPodRobot.com/download.htm
Flash installer for iPhone, http://www.geek.com/articles/apple/developer-creates-flash-for-iphone-but-will-it-make-it-to-the-app-store-20090428/
Google Talk, Off the record, http://www.google.com/talk/chathistory.html#offrecord
Mac OS X, http://www.apple.com/macosx/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Husain, M.I., Sridhar, R. (2010). iForensics: Forensic Analysis of Instant Messaging on Smart Phones. In: Goel, S. (eds) Digital Forensics and Cyber Crime. ICDF2C 2009. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 31. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-11534-9_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-11534-9_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-11533-2
Online ISBN: 978-3-642-11534-9
eBook Packages: Computer ScienceComputer Science (R0)