Post-mortem digital forensic artifacts of TikTok Android App

Detalhes bibliográficos
Autor(a) principal: Domingues, Patrício
Data de Publicação: 2020
Outros Autores: Nogueira, Ruben, Francisco, José Carlos, Frade, Miguel
Idioma: eng
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: http://hdl.handle.net/10400.8/6060
Resumo: TikTok is a social network known mostly for the creation and shar ing of short videos and for its popularity for those under 30 years old. Although it has only appeared as Android and iOS apps in 2017, it has gathered a large user base, being one of the most downloaded and used app. In this paper, we study the digital forensic artifacts of TikTok’s app that can be recovered with a post mortem analysis of an Android phone, detailing the databases and XML with data that might be relevant for a digital forensic practitioner. We also provide the module tiktok.py to extract several forensic artifacts of TikTok in a digital forensic analysis of an Android phone. The module runs under Autopsy’s Android Analyzer environment. Although TikTok offers a rich set of features, it is very internet-dependent, with a large amount of its inner data kept on the cloud, and thus not easily accessible in a post mortem analysis. Nonetheless, we were able to recover messages exchanged through the app commu nications channels, the list of TikTok users that have interacted with the TikTok account used at the smartphone, photos linked to the app and in some circumstances, TikTok’s videos watched by the smartphone’s user.
id RCAP_ac7978124e6b19e5370b873b9e0fb261
oai_identifier_str oai:iconline.ipleiria.pt:10400.8/6060
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling Post-mortem digital forensic artifacts of TikTok Android AppTikTokAndroid appsDigital forensicsTikTok is a social network known mostly for the creation and shar ing of short videos and for its popularity for those under 30 years old. Although it has only appeared as Android and iOS apps in 2017, it has gathered a large user base, being one of the most downloaded and used app. In this paper, we study the digital forensic artifacts of TikTok’s app that can be recovered with a post mortem analysis of an Android phone, detailing the databases and XML with data that might be relevant for a digital forensic practitioner. We also provide the module tiktok.py to extract several forensic artifacts of TikTok in a digital forensic analysis of an Android phone. The module runs under Autopsy’s Android Analyzer environment. Although TikTok offers a rich set of features, it is very internet-dependent, with a large amount of its inner data kept on the cloud, and thus not easily accessible in a post mortem analysis. Nonetheless, we were able to recover messages exchanged through the app commu nications channels, the list of TikTok users that have interacted with the TikTok account used at the smartphone, photos linked to the app and in some circumstances, TikTok’s videos watched by the smartphone’s user.IC-OnlineDomingues, PatrícioNogueira, RubenFrancisco, José CarlosFrade, Miguel2021-08-10T12:51:12Z20202020-01-01T00:00:00Zconference objectinfo:eu-repo/semantics/publishedVersionapplication/pdfhttp://hdl.handle.net/10400.8/6060engPatricio Domingues, Ruben Nogueira, José Carlos Francisco, and Miguel Frade. 2020. Post-mortem digital forensic artifacts of TikTok Android App. In Proceedings of the 15th International Conference on Availability, Reliability and Security (ARES '20). Association for Computing Machinery, New York, NY, USA, Article 42, 1–8. DOI: https://doi.org/10.1145/3407023.340920310.1145/3407023.3409203info:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2024-09-26T18:20:10Zoai:iconline.ipleiria.pt:10400.8/6060Portal AgregadorONGhttps://www.rcaap.pt/oai/openairemluisa.alvim@gmail.comopendoar:71602024-09-26T18:20:10Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv Post-mortem digital forensic artifacts of TikTok Android App
title Post-mortem digital forensic artifacts of TikTok Android App
spellingShingle Post-mortem digital forensic artifacts of TikTok Android App
Domingues, Patrício
TikTok
Android apps
Digital forensics
title_short Post-mortem digital forensic artifacts of TikTok Android App
title_full Post-mortem digital forensic artifacts of TikTok Android App
title_fullStr Post-mortem digital forensic artifacts of TikTok Android App
title_full_unstemmed Post-mortem digital forensic artifacts of TikTok Android App
title_sort Post-mortem digital forensic artifacts of TikTok Android App
author Domingues, Patrício
author_facet Domingues, Patrício
Nogueira, Ruben
Francisco, José Carlos
Frade, Miguel
author_role author
author2 Nogueira, Ruben
Francisco, José Carlos
Frade, Miguel
author2_role author
author
author
dc.contributor.none.fl_str_mv IC-Online
dc.contributor.author.fl_str_mv Domingues, Patrício
Nogueira, Ruben
Francisco, José Carlos
Frade, Miguel
dc.subject.por.fl_str_mv TikTok
Android apps
Digital forensics
topic TikTok
Android apps
Digital forensics
description TikTok is a social network known mostly for the creation and shar ing of short videos and for its popularity for those under 30 years old. Although it has only appeared as Android and iOS apps in 2017, it has gathered a large user base, being one of the most downloaded and used app. In this paper, we study the digital forensic artifacts of TikTok’s app that can be recovered with a post mortem analysis of an Android phone, detailing the databases and XML with data that might be relevant for a digital forensic practitioner. We also provide the module tiktok.py to extract several forensic artifacts of TikTok in a digital forensic analysis of an Android phone. The module runs under Autopsy’s Android Analyzer environment. Although TikTok offers a rich set of features, it is very internet-dependent, with a large amount of its inner data kept on the cloud, and thus not easily accessible in a post mortem analysis. Nonetheless, we were able to recover messages exchanged through the app commu nications channels, the list of TikTok users that have interacted with the TikTok account used at the smartphone, photos linked to the app and in some circumstances, TikTok’s videos watched by the smartphone’s user.
publishDate 2020
dc.date.none.fl_str_mv 2020
2020-01-01T00:00:00Z
2021-08-10T12:51:12Z
dc.type.driver.fl_str_mv conference object
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/10400.8/6060
url http://hdl.handle.net/10400.8/6060
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv Patricio Domingues, Ruben Nogueira, José Carlos Francisco, and Miguel Frade. 2020. Post-mortem digital forensic artifacts of TikTok Android App. In Proceedings of the 15th International Conference on Availability, Reliability and Security (ARES '20). Association for Computing Machinery, New York, NY, USA, Article 42, 1–8. DOI: https://doi.org/10.1145/3407023.3409203
10.1145/3407023.3409203
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv mluisa.alvim@gmail.com
_version_ 1817547269291900928

Registros relacionados