Multimedia Tools and Applications

, Volume 76, Issue 3, pp 3313–3341 | Cite as

Forensic taxonomy of android productivity apps



Android productivity apps have provided the facility of having a constantly accessible and productive workforce to the information and work capabilities needed by the users. With hundreds of productivity apps available in the Android app market, it is necessary to develop a taxonomy for the forensic investigators and the end users to allow them to know what personal data remnants are available from the productivity apps. In this paper, 30 popular Android productivity apps were examined. A logical extraction of the Android phone was collected by using a well-known mobile forensic tool- XRY to extract various information of forensic interest such as user email ID and list of tasks. Based on the findings, a two-dimensional taxonomy of the forensic artefacts of the productivity apps is proposed with the app categories in one dimension and the classes of artefacts in the other dimension. The artefacts identified in the study of the apps are summarised using the taxonomy. In addition, a comparison with the existing forensic taxonomies of different categories of Android apps is provided to facilitate timely collection and analysis of evidentiary materials from mobile devices.


Forensic science Digital forensics Forensic taxonomy Mobile app forensics Mobile forensics Productivity app taxonomy 


  1. 1.
    Al Mutawa N, Baggili I, Marrington A (2012) Forensic analysis of social networking applications on mobile devices. Digit Invest 9((Supplement)):S24–S33. doi:10.1016/j.diin.2012.05.007 CrossRefGoogle Scholar
  2. 2.
    AppAnnie (2016) CamCard Free - Business Card R. Accessed 12 January 2016
  3. 3.
    Azfar A, Choo K-KR, Liu L (2015) Forensic taxonomy of popular android mHealth apps. Paper presented at the Proceedings of the 21st Americas Conference on Information Systems (AMCIS), Puerto Rico, August 13–15Google Scholar
  4. 4.
    Azfar A, Choo K-KR, Liu L (2016) An android communication app forensic taxonomy. J Forensic Sci [In press, accepted 5 October 2015]Google Scholar
  5. 5.
    Bancora M, Ripamonti D, Vaccarella A, Brambilla M Model-driven development and business process modeling applied to personal productivity in the consumer mobile app market. In: Proceedings of the Second ACM International Conference on Mobile Software Engineering and Systems, Florence, Italy, 2015. IEEE Press, 2825092, 174–175Google Scholar
  6. 6.
    Barmpatsalou K, Damopoulos D, Kambourakis G, Katos V (2013) A critical review of 7 years of mobile device forensics. Digit Invest 10(4):323–349. doi:10.1016/j.diin.2013.10.003 CrossRefGoogle Scholar
  7. 7.
    Casey E, Ferraro M, Nguyen L (2009) Investigation delayed is justice denied: proposals for expediting forensic examinations of digital evidence. J Forensic Sci 54(6):1353–1364. doi:10.1111/j.1556-4029.2009.01150.x CrossRefGoogle Scholar
  8. 8.
    Chu HC, Lo CH, Chao HC (2013) The disclosure of an android smartphone’s digital footprint respecting the instant messaging utilizing skype and MSN. Electron Commer Res 13(3):399–410. doi:10.1007/s10660-013-9116-1 CrossRefGoogle Scholar
  9. 9.
    Chu HC, Yang SW, Wang SJ, Park JH (2012) The partial digital evidence disclosure in respect to the instant messaging embedded in viber application regarding an android smart phone. In: Park JH, Kim J, Zou D, Lee YS (eds) Information technology convergence, secure and trust computing, and data management, vol 180. lecture notes in electrical engineering. Springer, Netherlands, pp 171–178. doi:10.1007/978-94-007-5083-8_22 CrossRefGoogle Scholar
  10. 10.
    E-mail AP (2014) Emerging developer opportunities in enterprise & productivity apps. Accessed 28 December 2015
  11. 11.
    Cirkel - Family Organizer, Shared Calendar & To-Do List (2015). Accessed 21 January 2016
  12. 12.
    Furini M, Tamanini V (2014) Location privacy and public metadata in social media platforms: attitudes, behaviors and opinions. Multimed Tools Appl:1–31. doi:10.1007/s11042-014-2151-7
  13. 13.
    Gao F, Zhang Y (2013) Analysis of WeChat on IPhone. Paper presented at the Proceedings of the 2nd International Symposium on Computer, Communication, Control and Automation, Singapore, 1–2 DecemberGoogle Scholar
  14. 14.
    Geyer F, Reiterer H (2012) Experiences from employing evernote as a tool for documenting collaborative design processes In: Conference on Designing Interactive Systems DIS 2012, Workshop: Supporting Reflection in and on Design ProcessesGoogle Scholar
  15. 15.
    Google (2015) Google Play. Accessed 2 February 2015
  16. 16.
    Hu C, Xu Z, Liu Y, Mei L, Chen L, Luo X (2014) Semantic link network-based model for organizing multimedia big data. Emerging Topics Comput, IEEE Trans 2(3):376–387CrossRefGoogle Scholar
  17. 17.
    Husain M, Sridhar R (2010) iForensics: forensic analysis of instant messaging on smart phones. In: Goel S (ed) Digital forensics and cyber crime, vol 31. lecture notes of the institute for computer sciences. Social Informatics and Telecommunications Engineering. Springer, Berlin Heidelberg, pp 9–18. doi:10.1007/978-3-642-11534-9_2 CrossRefGoogle Scholar
  18. 18.
    Immanuel F, Martini B, Choo KKR (2015) Android cache taxonomy and forensic process. Paper presented at the Proceedings of 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2015), Helsinki, Finland, August 20–22Google Scholar
  19. 19.
    Keith MJ, Babb J, Lowry PB (2014) A longitudinal study of information privacy on mobile devices. Paper presented at the Proceedings of the 47th Hawaii International Conference on Systems Sciences (HICSS), Hawaii, USA, January 6-9Google Scholar
  20. 20.
    La Polla M, Martinelli F, Sgandurra D (2013) A survey on security for mobile devices. IEEE Commun Surv Tutorials 15(1):446–471. doi:10.1109/SURV.2012.013012.00028 CrossRefGoogle Scholar
  21. 21.
    Leung S (2014) How mobile CRM has changed the face of sales. Accessed 28 December 2015
  22. 22.
    Levinson A, Stackpole B, Johnson D (2011) Third party application forensics on apple mobile devices. Paper presented at the Proceedings of the 44th Hawaii International Conference on System Sciences (HICSS), Hawaii, USA, 4–7 Jan. 2011Google Scholar
  23. 23.
    Luo X, Xu Z, Yu J, Chen X (2011) Building association link network for semantic link on web resources. IEEE Trans Autom Sci Eng 8(3):482–494. doi:10.1109/TASE.2010.2094608 CrossRefGoogle Scholar
  24. 24.
    Martini B, Choo K-KR (2013) Cloud storage forensics: ownCloud as a case study. Digit Invest 10(4):287–299. doi:10.1016/j.diin.2013.08.005 CrossRefGoogle Scholar
  25. 25.
    Martini B, Choo K-KR (2014) Remote programmatic vCloud forensics: A six-step collection process and a proof of concept. Paper presented at the Proceedings of the 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Beijing, China, 24–26 SeptemberGoogle Scholar
  26. 26.
    Patrick Leahy Center for Digital Investigation (LCDI) (2015) Retrieving data from android OS devices using XRY. Accessed September 04 2015
  27. 27.
    Plachkinova M, Andrés S, Chatterjee S (2015) A taxonomy of mHealth apps–security and privacy concerns. Paper presented at the Proceedings of the 48th Hawaii International Conference on System Sciences (HICSS), Hawaii, USA, January 5–8Google Scholar
  28. 28.
    Quick D, Choo K-KR (2013) Dropbox analysis: data remnants on user machines. Digit Invest 10(1):3–18. doi:10.1016/j.diin.2013.02.003 CrossRefGoogle Scholar
  29. 29.
    Quick D, Choo K-KR (2013) Digital droplets: Microsoft SkyDrive forensic data remnants. Futur Gener Comput Syst 29(6):1378–1394. doi:10.1016/j.future.2013.02.001 CrossRefGoogle Scholar
  30. 30.
    Quick D, Choo K-KR (2014) Google drive: forensic analysis of data remnants. J Netw Comput Appl 40:179–193. doi:10.1016/j.jnca.2013.09.016 CrossRefGoogle Scholar
  31. 31.
    Reber C (2015) Our future: Wunderlist joins Microsoft. Accessed 20 January 2016
  32. 32.
    Research I (2015) Smartphone OS market share, 2015 Q2. Accessed 29 December 2015
  33. 33.
    Song C-W, Chung K-Y, Lee J-H (2013) Catching up faster data in digital crime using mobile devices. Multimed Tools Appl:1–10. doi:10.1007/s11042-013-1725-0
  34. 34.
    Strauss K (2014)’s Life-Planner Adds Another 4 Million Users. Accessed 12 January 2016
  35. 35.
    Strietelmeier J (2015) Google keep note and list taking app review. Accessed 18 January 2016
  36. 36.
    Wang Z, Zhang Z, Chang Y, Xu M (2014) An approach to mobile multimedia digital rights management based on android. In: Pan J-S, Krömer P, Snášel V (eds) Genetic and evolutionary computing: Proceedings of the Seventh International Conference on Genetic and Evolutionary Computing, ICGEC 2013, August 25–27, 2013 - Prague, Czech Republic. Springer International Publishing, Cham, pp 239–246. doi:10.1007/978-3-319-01796-9_25 CrossRefGoogle Scholar
  37. 37.
    Xu Z, Liu Y, Yen N, Mei L, Luo X, Wei X, Hu C (2016) Crowdsourcing based description of urban emergency events using social media big data. IEEE Trans Cloud Comput PP 99:1–1. doi:10.1109/TCC.2016.2517638 Google Scholar
  38. 38.
    Zhang Z, Wang Z, Niu D (2014) A novel approach to rights sharing-enabling digital rights management for mobile multimedia. Multimed Tools Appl 74(16):6255–6271. doi:10.1007/s11042-014-2135-7 CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media New York 2016

Authors and Affiliations

  1. 1.Information Assurance Research GroupUniversity of South AustraliaAdelaideAustralia
  2. 2.Department of Information Systems and Cyber SecurityUniversity of Texas at San AntonioSan AntonioUSA
  3. 3.School of Computer ScienceChina University of GeosciencesWuhanChina
  4. 4.School of Information Technology and Mathematical SciencesUniversity of South AustraliaAdelaideAustralia

Personalised recommendations