Browse > Article
http://dx.doi.org/10.13089/JKIISC.2020.30.4.583

Study on SNS Application Data Decryption and Artifact  

Shin, Sumin (Kookmin University)
Kang, Soojin (Kookmin University)
Kim, Giyoon (Kookmin University)
Kim, Jongsung (Kookmin University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.30, no.4, 2020 , pp. 583-592 More about this Journal
Abstract
With the popularization of smartphones, Social Networking Service (SNS) has become the means of communication for modern people. Due to the nature of the means of communication, SNS generates a variety of archive and preservation evidence. Therefore, it is a major analysis target in terms of digital forensic investigation. An application that provides SNS stores data in a central server or database in a smartphone inside for user convenience. Some applications provide encryption for privacy, which can be anti-forensic in terms of digital forensic investigation. Therefore, the study of the encryption method should be continuously preceded. In this paper, we analyzed two applications that provide SQLite-based database encryption through SQLCipher module. Each database was decrypted and key data was identified.
Keywords
SNS; Database; Digital Forensic Investigation; SQLCipher Module;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Korea Information Society Development Institute, "KISDI STAT Report," http://www.kisdi.re.kr/kisdi/fp/kr/publication/selectResearch.do?cmd=fpSelectResearch&sMenuType=2&curPage=1&searchKey=TITLE&searchValue=&sSDate=&sEDate=&controlNo=14669&langdiv=1
2 "Illegal trading of drugs and babies through SNS," KBS News, https://news.kbs.co.kr/news/view.do?ncd=4384756, Feb. 2020
3 "Nth room: A digital prison of sexual slavery," Korea JoongAng Daily, https://koreajoongangdaily.joins.com/2020/03/29/features/DEBRIEFING-Nth-room-A-digital-prison-of-sexual-slavery/3075441.html, Mar. 2020
4 Cosimo Anglano, Massimo Canonico, and Marco Guazzone, "Forensic analysis of the ChatSecure instant messaging application on android smartphones," Digital Investigation, vol. 19, pp. 44-59, Dec. 2016.   DOI
5 Jusop Choi, Jaegwan Yu. Sangwon Hyun, and Hyoungshick Kim, "Digital forensic analysis of encrypted database files in instant messaging applications on Windows operating systems: Case study with KakaoTalk, NateOn and QQ messenger," Digital Investigation, vol. 28, pp. 550-559, Apr. 2019.
6 Giyoon Kim, Uk Hur, Sehoon Lee, and Jongsung Kim, "Forensic Analysis of the Secure Instant Messenger Surespot," Journal of Digital Forensics, 13(3), pp. 175-188, Sep. 2019.   DOI
7 Zetetic, "SQLCipher," https://www.zetetic.net/sqlcipher/
8 NIST Computer Security Resource Center, "Draft NIST SP 800-118," https://csrc.nist.gov/csrc/media/publications/sp/800-118/archive/2009-04-21/documents/draft-sp800-118.pdf
9 Songyang Wu, Yong Zhang, Xupeng Wang, Xiong Xiong, and Lin Du, "Forensic analysis of WeChat on Android smartphones," Digital Investigation, vol. 25, pp. 5-23, Dec. 2018.   DOI