Digital forensic artifacts of the your phone application in Windows 10

Detalhes bibliográficos
Autor(a) principal: Domingues, Patricio Rodrigues
Data de Publicação: 2019
Outros Autores: Frade, Miguel, Andrade, Luis Miguel, Silva, João Victor
Tipo de documento: Artigo
Idioma: eng
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: http://hdl.handle.net/10400.8/4179
Resumo: YPA software is available at: https://github.com/labcif
id RCAP_2a03b1c614aac6873a460eea4cdbab15
oai_identifier_str oai:iconline.ipleiria.pt:10400.8/4179
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling Digital forensic artifacts of the your phone application in Windows 10Digital forensicWindows 10SmartphonePhone contactsSMSPhotosYPA software is available at: https://github.com/labcifYour Phone is a Microsoft system that comprises two applications: a smartphone app for Android 7+ smartphones and a desktop application for Windows 10/18.03+. It allows users to access their most recent smartphonestored photos/screenshots and send/receive short message service (SMS) and multimedia messaging service (MMS) within their Your Phone-linked Windows 10 personal computers. In this paper, we analyze the digital forensic artifacts created at Windows 10 personal computers whose users have the Your Phone system installed and activated. Our results show that besides the most recent 25 photos/screenshots and the content of the last 30-day of sent/received SMS/MMS, the contact database of the linked smartphone(s) is available in a accessible SQLite3 database kept at the Windows 10 system. This way, when the linked smartphone cannot be forensically analyzed, data gathered through the Your Phone artifacts may constitute a valuable digital forensic asset. Furthermore, to explore and export the main data of the Your Phone database as well as recoverable deleted data, a set of python scripts – Your Phone Analyzer (YPA) – is presented. YPA is available wrapped within an Autopsy module to assist digital practitioners to extract the main artifacts from the Your Phone system.ElsevierIC-OnlineDomingues, Patricio RodriguesFrade, MiguelAndrade, Luis MiguelSilva, João Victor2019-10-07T14:40:16Z20192019-01-01T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttp://hdl.handle.net/10400.8/4179engDomingues, Patrício & Frade, Miguel & Andrade, Luis & Silva, João (2019). Digital forensic artifacts of the Your Phone application in Windows 10. Digital Investigation. 30. 10.1016/j.diin.2019.06.003.1742-2876https://doi.org/10.1016/j.diin.2019.06.003info:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2024-09-26T18:16:30Zoai:iconline.ipleiria.pt:10400.8/4179Portal AgregadorONGhttps://www.rcaap.pt/oai/openairemluisa.alvim@gmail.comopendoar:71602024-09-26T18:16:30Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv Digital forensic artifacts of the your phone application in Windows 10
title Digital forensic artifacts of the your phone application in Windows 10
spellingShingle Digital forensic artifacts of the your phone application in Windows 10
Domingues, Patricio Rodrigues
Digital forensic
Windows 10
Smartphone
Phone contacts
SMS
Photos
title_short Digital forensic artifacts of the your phone application in Windows 10
title_full Digital forensic artifacts of the your phone application in Windows 10
title_fullStr Digital forensic artifacts of the your phone application in Windows 10
title_full_unstemmed Digital forensic artifacts of the your phone application in Windows 10
title_sort Digital forensic artifacts of the your phone application in Windows 10
author Domingues, Patricio Rodrigues
author_facet Domingues, Patricio Rodrigues
Frade, Miguel
Andrade, Luis Miguel
Silva, João Victor
author_role author
author2 Frade, Miguel
Andrade, Luis Miguel
Silva, João Victor
author2_role author
author
author
dc.contributor.none.fl_str_mv IC-Online
dc.contributor.author.fl_str_mv Domingues, Patricio Rodrigues
Frade, Miguel
Andrade, Luis Miguel
Silva, João Victor
dc.subject.por.fl_str_mv Digital forensic
Windows 10
Smartphone
Phone contacts
SMS
Photos
topic Digital forensic
Windows 10
Smartphone
Phone contacts
SMS
Photos
description YPA software is available at: https://github.com/labcif
publishDate 2019
dc.date.none.fl_str_mv 2019-10-07T14:40:16Z
2019
2019-01-01T00:00:00Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/article
format article
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/10400.8/4179
url http://hdl.handle.net/10400.8/4179
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv Domingues, Patrício & Frade, Miguel & Andrade, Luis & Silva, João (2019). Digital forensic artifacts of the Your Phone application in Windows 10. Digital Investigation. 30. 10.1016/j.diin.2019.06.003.
1742-2876
https://doi.org/10.1016/j.diin.2019.06.003
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv Elsevier
publisher.none.fl_str_mv Elsevier
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv mluisa.alvim@gmail.com
_version_ 1817547252674068480

Registros relacionados