Skip to main content
Book cover

16th International Conference on Information Technology-New Generations (ITNG 2019) pp 57–62Cite as

Forensic Analysis of LinkedIn’s Desktop Application on Windows 10 OS

Part of the Advances in Intelligent Systems and Computing book series (AISC,volume 800)

Abstract

The convenient and cheap access to mobile phones and laptops have significantly increased the use of interactive applications over the past couple of years. However, this has posed various threats to legitimate users in terms of sensitive data disclosure, if their device gets lost, compromised or stolen. This study focuses on the forensic analysis of Windows AppStore applications with special focus on LinkedIn’s Desktop application; since it is one of the most downloaded applications from Windows AppStore. The paper first provides a systematic literature review of the existing digital forensic analysis techniques and highlights their weaknesses. A comprehensive novel methodology for manual forensic analysis of Windows App Store application on Windows 10 Operating System (OS) has also been proposed. For experimentation purpose, LinkedIn’s desktop application has been targeted. The research considers all kinds of scenarios such as logged in users, logged out users and intentional data deletion etc. It is finally concluded that from the viewpoint of application forensic analysis, the live, storage and registry analysis, all hold equal importance.

Keywords

  • Digital forensics
  • Windows 10 forensics
  • Social media forensics
  • Windows AppStore
  • LinkedIn

This is a preview of subscription content, access via your institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-14070-0_9
  • Chapter length: 6 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   129.00
Price excludes VAT (USA)
  • ISBN: 978-3-030-14070-0
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   169.99
Price excludes VAT (USA)
Hardcover Book
USD   249.99
Price excludes VAT (USA)
Learn about institutional subscriptions
Fig. 9.1
Fig. 9.2
Fig. 9.3

References

  1. Adeyemi, I.R., Razak, S.A., Azhan, N.A.N.: A review of current research in network forensic analysis. Int. J. Digit. Crime Forensics. 5(1), 1–26 (2013)

    CrossRef  Google Scholar 

  2. Carrier, B.: Defining digital forensic examination and analysis tools using abstraction layers. Int. J. Digit. Evid. 1(4), 1–12 (2003)

    Google Scholar 

  3. Lancaster, D.T.: Windows 10 is now on more than 14 million devices just 24 hours after launch [online]. Available: http://www.windowscentral.com/windows-10-now-14-million-devices-just-24-hours-after-launch (July 2015). Accessed: 13 Sept 2015

  4. W3schools.com: Web statistics: OS platform statistics. http://www.w3schools.com/browsers/browsersos.asp (2016)

  5. Majeed, A., Saleem, S.: Forensic analysis of social media apps in windows 10. NUST J Eng Sci. 10(1), 37–45 (2017)

    Google Scholar 

  6. Domingues, F.: Digital forensic artifacts of the Cortana device search cache on Windows10 desktop. In: 11th International Conference on Availability, Reliability and Security, ARES.2016.44 Salzburg, Austria, IEEE (2016)

    Google Scholar 

  7. Singh, B., Singh, U.: A forensic insight into windows 10 jump lists. Digit. Investig. 17, 1–13 (2016)

    CrossRef  Google Scholar 

  8. Khatri, Y.: Forensic implications of system resource usage monitor (SRUM) data in windows 8. Digit. Investig. 12, 53–65 (2015)

    CrossRef  Google Scholar 

  9. Boyd, J.: 35 Insightful and Valuable LinkedIn Statistics. Retrieved July 2, 2018., from https://www.brandwatch.com/blog/linkedin-statistics/

  10. De Paula, A.M.G.: Security aspects and future trends of social networks. In Proceedings of the Fourth International Conference of Forensic Computer Science, Brazil (2009)

    Google Scholar 

  11. Iqbal, A., Alobaidli, H., Almarzooqi, A., Jones, A.: LINE IM app forensic analysis. In: 12th International Conference on High-Capacity Optical Networks and Enabling/Emerging Technologies (HONET-ICT 2015)

    Google Scholar 

  12. Fontein, D.: The ultimate list of LinkedIn statistics that matter to your business. Retrieved February 7, 2017., from https://www.linkedin.com/pulse/ultimate-list-linkedin-statistics-matter-your-business-dara-fontein

  13. Poh, M.: 10 Most Bizarre crimes linked to Facebook. Retrieved June 21, 2015, from http://www.hongkiat.com/blog/bizarre-facebookcrimes/ (n.d.)

  14. Weise, E.: Banker used LinkedIn to send photo to prospective hire. Retrieved June 15, 2017, from https://www.usatoday.com/story/tech/news/2017/06/15/recruiter-used-linkedin-send-sex-photo-prospective-hire/102882292/

  15. Amber, U., Nanda, P., He, X.: Online social network information forensics. A survey on use of various tools and determining how cautious Facebook users are? In: IEEE Trustcom/BigDataSE/ICESS.2017.364 (2017)

    Google Scholar 

  16. Hay, B., Nance, K., Bishop, M.: Live analysis: progress and challenges. IEEE Secur. Priv. 7(2), 30–37 (2009)

    CrossRef  Google Scholar 

  17. Hausknecht, K., Foit, D., Burić, J.: RAM data significance in digital forensics. In: 38th International Convention on Information and Communication Technology, Electronics and Microelectronics, MIPRO 2015 – Proceedings (May), pp. 1372–1375 (2015)

    Google Scholar 

  18. Thantilage, R., Jeyamohan, N.: A volatile memory analysis tool for retrieval of social media evidence in windows 10 OS based workstations. In: National Information Technology Conference (NITC), Sri Lanka (2017)

    Google Scholar 

  19. Ahmed, W., Aslam, B.: A comparison of windows physical memory acquisition tools. In: Milcom 2015 track 3 – cyber security and trusted computing, IEEE, FL, USA (2015)

    Google Scholar 

  20. Aljaedi, A., Lindskog, D., Zavarsky, P., Ruhl, R., Almari, F.: Comparative analysis of volatile memory forensics: live response Vs. memory imaging. In: Proceedings of 3rd IEEE International Conference on Privacy, Security, Risk and Trust, pp. 1253–1258 (2011)

    Google Scholar 

  21. Prem, T., Paul Selwin, V., Mohan, A.K.: Disk memory forensics analysis of memory forensics frameworks flow. In: International Conference on Innovations in Power and Advanced Computing Technologies [I-PACT2017]

    Google Scholar 

  22. Alazab, M., Venkatraman, S., Watters, P.: Effective digital forensic analysis of the NTFS disk image. Ubiquit. Comput. Commun. J. 4(3), 1–8 (2009)

    Google Scholar 

  23. John, J.L.: Digital forensics and preservation. Digital Preservation Coalition. Digital preservation handbook, Denmark (2012)

    Google Scholar 

  24. Zhang, S., Wang, L., Zhang, L.: Extracting Windows Registry Info from Physical Memory. IEEE (2011)

    Google Scholar 

  25. Arshad, A., Iqbal, W., Abbas, H.: USB storage device forensics for windows 10. J. Forensic Sci. 63(3), 856–867 (2017). https://doi.org/10.1111/1556-4029.13596

  26. Al Mutawa, N., Al Awadhi, I., Baggili, I., Marrington, A.: Forensic artifacts of Facebook’s instant messaging service. In: International Conference for Internet Technology & Secured Transactions (ICITST), IEEE (2011)

    Google Scholar 

  27. Zhang, S., Wang, L., Zhang, L.: Extracting windows registry information from physical memory. In: 3rd International Conference on Computer Research and Development (2011)

    Google Scholar 

  28. Saidi, R.M., Ahmad, S.A., Noor, N.M., Younas, R.: Window registry analysis for forensic investigation. In: Proceedings of the 2013 International Conference on Technological Advances in Electrical, Electronics and Computer Engineering (TAEECE), IEEE (2013)

    Google Scholar 

  29. Kumar, H., Majeed, P.G., Pundir, S.: Forensic analysis of windows server 2008 physical memory. IJSRD-Int. J. Sci. Res. Dev. 2(01), 1–4 (2014)

    Google Scholar 

  30. Majeed, A., Zia, H., Saleem, S.: Forensics analysis of three social media apps in Window 10. In: 12th International Conference on High-capacity Optical Networks & Enabling/Emerging Technologies, IEEE (2015)

    Google Scholar 

  31. Lee, C., Chung, M.: Digital forensic analysis on Window8 style UI instant messenger applications. In: Park, J.J. (ed.) Computer Science & its Applications. Springer, Berlin (2015)

    Google Scholar 

  32. Dija, S., Suma, G.S., Gonsalvez, D.D., Pillai, A.T.: Forensic reconstruction of executables win 7 physical memory. In: International Conference on Computational Intelligence & Computing Research, IEEE (2016)

    Google Scholar 

  33. Yang, T.Y., Dehghantanha, A., Choo, K.-K.R., Muda, Z.: Windows messaging app forensics: Facebook and Skype as case studies. PLoS One. 11(3), e0150300 (2016)

    CrossRef  Google Scholar 

  34. Choudhary, P., Singh, U., Bharadwaj, N.K., Singh, B.: Facebook forensics for Win 10. In: 11th Annual Symposium on Information Assurance, USA (2016)

    Google Scholar 

  35. Ababneh, A., Abu Awwad, M., Al-Saleh, M.I.: IMO forensics in android and windows systems. In: 8th International Conference on Information, Intelligence, Systems & Applications (2017)

    Google Scholar 

  36. Meyers, C., Ikuesan, A.R., Venter, H.S.: Automated RAM analysis mechanism for windows OS for digital investigation. In: IEEE Conference on Application, Information and Network Security (AINS) (2017)

    Google Scholar 

  37. Gaur, S., Chhikara, R.: Memory forensics: tools and techniques. Indian J. Sci. Technol. 9(48), 1–12 (2016). https://doi.org/10.17485/ijst/2016/v9i48/105851

    CrossRef  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information Security, National University of Sciences and Technology, Islamabad, Pakistan

    Saman Bashir, Haider Abbas, Narmeen Shafqat & Waseem Iqbal

  2. Center of Excellence in Information Assurance (CoEIA), King Saud University, Riyadh, Kingdom of Saudi Arabia

    Kashif Saleem

Authors
  1. Saman Bashir
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Haider Abbas
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Narmeen Shafqat
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Waseem Iqbal
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Kashif Saleem
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Haider Abbas .

Editor information

Editors and Affiliations

  1. Department of Electrical and Computer Engineering, University of Nevada, Las Vegas, NV, USA

    Dr. Shahram Latifi

Rights and permissions

Reprints and Permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Bashir, S., Abbas, H., Shafqat, N., Iqbal, W., Saleem, K. (2019). Forensic Analysis of LinkedIn’s Desktop Application on Windows 10 OS. In: Latifi, S. (eds) 16th International Conference on Information Technology-New Generations (ITNG 2019). Advances in Intelligent Systems and Computing, vol 800. Springer, Cham. https://doi.org/10.1007/978-3-030-14070-0_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-14070-0_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-14069-4

  • Online ISBN: 978-3-030-14070-0

  • eBook Packages: EngineeringEngineering (R0)