Browse > Article
http://dx.doi.org/10.13089/JKIISC.2018.28.1.111

Study on Remote Data Acquisition Methods Using OAuth Protocol of Android Operating System  

Nam, Gi-hoon (Department of Computer Science and Engineering, Seoul National University of Science and Technology)
Gong, Seong-hyeon (Department of Computer Science and Engineering, Seoul National University of Science and Technology)
Seok, Byoung-jin (Department of Computer Science and Engineering, Seoul National University of Science and Technology)
Lee, Changhoon (Department of Computer Science and Engineering, Seoul National University of Science and Technology)
Abstract
Using OAuth protocol, third-party applications on the Android operating system use user's credentials or access tokens that have access authority on user's resources to gain user's account and personal information from account information providers. These credentials and token information are stored in the device by the OAuth data management method provided by the Android operating system. If this information is leaked, the attacker can use the leaked credential and token data to get user's personal data without login. This feature enables the digital forensic investigator to collect data directly from the remote server of the services used by the target of investigation in terms of collecting evidence data. Evidence data collected at a remote location can be a basis for secondary warranties and provide evidence which can be very important evidence when an attacker attempts to destroy evidence, such as the removal of an application from an Android device. In this paper, we analyze the management status of OAuth tokens in various Android operating system and device environment, and show how to collect data of various third party applications using it. This paper introduces a method of expanding the scope of data acquisition by collecting remote data of the services used by the subject of investigation from the viewpoint of digital forensics.
Keywords
Credential; Data Acquisition; Digital Forensics; Login Bypass; OAuth Protocol;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Enck, W., Ongtang, M., & McDaniel, P. "Understanding android security." IEEE security & privacy, 7(1), pp. 50-57. Feb. 2009.   DOI
2 Login Authorization Documentation, Available on: http://www.oauthlogin.com
3 D. Hardt, Ed., "OAuth 2.0 Autorization Framework", Internet Engineering Task Force (IEFT) RFC 6749, Oct 2012.
4 Trend Spectrum, "2017 Mobile Trend Prospect", DigiEco, Jan 2017.
5 Choi Yoonjung, "Legal Study of the Warrant in Principle and the Exception about Seizure and Search of Electronically Stored Information", Justice (154), pp. 110-144, Apr 2016.
6 Kim Jinouk, Jungsoo Park, Long Nguyen-Vu, Souhwan Jung, "A Study on Vulnerability Prevention Mechanism Due to Logout Problem Using OAuth", Jounal of The Korea Institute of Information Security & Cryptography, 27(1), pp. 5-14, Feb 2017.   DOI
7 Android emulator for PC, better than Bluestacks, Available on: http://www.memuplay.com
8 Naver Developers Documents, Available on: https://developers.naver.com/docs/login/api
9 DB Browser for SQLite, Available on: http://sqlitebrowser.org
10 Choi Jongwon, Yi Jeonghyun, "Analysis on Personal Information Leakage of Google Account App on Android", Journal of Digital Forensics, 8(2), pp. 65-81, Dec 2014.
11 Product & Service of Tencent company, Tencent, Available on: https://www.tencent.com/en-us/system.html
12 QQ International Application for Android, Tencent, Available on: https://play.google.com/store/apps/details?id=com.tencent.mobileqqi
13 Growth Story, Tmon, Available on: http://corp.ticketmonster.co.kr
14 OAuth 2.0 Introduction, Tencent, Available on: http://wiki.open.qq.com/wiki/mobile/OAuth2.0%E7%AE%80%E4%BB%8B