Analyzing TikTok from a Digital Forensics Perspective

Detalhes bibliográficos
Autor(a) principal: Domingues, Patricio
Data de Publicação: 2021
Outros Autores: Nogueira, Ruben, Francisco, José Carlos, Frade, Miguel
Tipo de documento: Artigo
Idioma: eng
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: http://hdl.handle.net/10400.8/6263
Resumo: TikTok is a major hit in the digital mobile world, quickly reaching the top 10 installed applications for the two main mobile OS, iOS and Android. This paper studies Android's TikTok application from a digital forensic perspective, analyzing the digital forensic artifacts that can be retrieved on a post mortem analysis and their associations with operations performed by the user. The paper also presents FAMA (Forensic Analysis for Mobile Apps), an extensible framework for the forensic software Autopsy, and FAMA's TikTok module that collects, analyzes, and reports on the main digital forensic artifacts of TikTok's Android application. The most relevant digital artifacts of TikTok include messages exchanged between TikTok so-called ``friends'', parts of the email/phone number of registered users, data about devices, and transactions with TikTok's virtual currency. One of the results of this research is the set of forensic traces left by users' transactions with TikTok's in-app virtual currency. Another result is the detection of patterns that exist in TikTok's integer IDs, allowing to quickly link any 64-bit TikTok's integer ID to the type of resources -- user, device, video, etc. -- that it represents.
id RCAP_9e0e12f037eb502e3287e7f6e2bc67fb
oai_identifier_str oai:iconline.ipleiria.pt:10400.8/6263
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling Analyzing TikTok from a Digital Forensics PerspectiveTikTokAndroidDigital ForensicsIn-app Virtual CurrencyTikTok is a major hit in the digital mobile world, quickly reaching the top 10 installed applications for the two main mobile OS, iOS and Android. This paper studies Android's TikTok application from a digital forensic perspective, analyzing the digital forensic artifacts that can be retrieved on a post mortem analysis and their associations with operations performed by the user. The paper also presents FAMA (Forensic Analysis for Mobile Apps), an extensible framework for the forensic software Autopsy, and FAMA's TikTok module that collects, analyzes, and reports on the main digital forensic artifacts of TikTok's Android application. The most relevant digital artifacts of TikTok include messages exchanged between TikTok so-called ``friends'', parts of the email/phone number of registered users, data about devices, and transactions with TikTok's virtual currency. One of the results of this research is the set of forensic traces left by users' transactions with TikTok's in-app virtual currency. Another result is the detection of patterns that exist in TikTok's integer IDs, allowing to quickly link any 64-bit TikTok's integer ID to the type of resources -- user, device, video, etc. -- that it represents.IC-OnlineDomingues, PatricioNogueira, RubenFrancisco, José CarlosFrade, Miguel2021-10-13T09:46:24Z2021-09-302021-09-30T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttp://hdl.handle.net/10400.8/6263engPatricio Domingues, Ruben Nogueira, José Carlos Francisco, and Miguel Frade, Analyzing TikTok from a Digital Forensics Perspective, Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), 12(3):87-115, Sept. 20212093-538210.22667/JOWUA.2021.09.30.087info:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2024-01-17T15:52:45Zoai:iconline.ipleiria.pt:10400.8/6263Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-20T01:49:32.975318Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv Analyzing TikTok from a Digital Forensics Perspective
title Analyzing TikTok from a Digital Forensics Perspective
spellingShingle Analyzing TikTok from a Digital Forensics Perspective
Domingues, Patricio
TikTok
Android
Digital Forensics
In-app Virtual Currency
title_short Analyzing TikTok from a Digital Forensics Perspective
title_full Analyzing TikTok from a Digital Forensics Perspective
title_fullStr Analyzing TikTok from a Digital Forensics Perspective
title_full_unstemmed Analyzing TikTok from a Digital Forensics Perspective
title_sort Analyzing TikTok from a Digital Forensics Perspective
author Domingues, Patricio
author_facet Domingues, Patricio
Nogueira, Ruben
Francisco, José Carlos
Frade, Miguel
author_role author
author2 Nogueira, Ruben
Francisco, José Carlos
Frade, Miguel
author2_role author
author
author
dc.contributor.none.fl_str_mv IC-Online
dc.contributor.author.fl_str_mv Domingues, Patricio
Nogueira, Ruben
Francisco, José Carlos
Frade, Miguel
dc.subject.por.fl_str_mv TikTok
Android
Digital Forensics
In-app Virtual Currency
topic TikTok
Android
Digital Forensics
In-app Virtual Currency
description TikTok is a major hit in the digital mobile world, quickly reaching the top 10 installed applications for the two main mobile OS, iOS and Android. This paper studies Android's TikTok application from a digital forensic perspective, analyzing the digital forensic artifacts that can be retrieved on a post mortem analysis and their associations with operations performed by the user. The paper also presents FAMA (Forensic Analysis for Mobile Apps), an extensible framework for the forensic software Autopsy, and FAMA's TikTok module that collects, analyzes, and reports on the main digital forensic artifacts of TikTok's Android application. The most relevant digital artifacts of TikTok include messages exchanged between TikTok so-called ``friends'', parts of the email/phone number of registered users, data about devices, and transactions with TikTok's virtual currency. One of the results of this research is the set of forensic traces left by users' transactions with TikTok's in-app virtual currency. Another result is the detection of patterns that exist in TikTok's integer IDs, allowing to quickly link any 64-bit TikTok's integer ID to the type of resources -- user, device, video, etc. -- that it represents.
publishDate 2021
dc.date.none.fl_str_mv 2021-10-13T09:46:24Z
2021-09-30
2021-09-30T00:00:00Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/article
format article
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/10400.8/6263
url http://hdl.handle.net/10400.8/6263
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv Patricio Domingues, Ruben Nogueira, José Carlos Francisco, and Miguel Frade, Analyzing TikTok from a Digital Forensics Perspective, Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), 12(3):87-115, Sept. 2021
2093-5382
10.22667/JOWUA.2021.09.30.087
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv
_version_ 1799136987413741568

Registros relacionados