Abstract
The convenient and cheap access to mobile phones and laptops have significantly increased the use of interactive applications over the past couple of years. However, this has posed various threats to legitimate users in terms of sensitive data disclosure, if their device gets lost, compromised or stolen. This study focuses on the forensic analysis of Windows AppStore applications with special focus on LinkedIn’s Desktop application; since it is one of the most downloaded applications from Windows AppStore. The paper first provides a systematic literature review of the existing digital forensic analysis techniques and highlights their weaknesses. A comprehensive novel methodology for manual forensic analysis of Windows App Store application on Windows 10 Operating System (OS) has also been proposed. For experimentation purpose, LinkedIn’s desktop application has been targeted. The research considers all kinds of scenarios such as logged in users, logged out users and intentional data deletion etc. It is finally concluded that from the viewpoint of application forensic analysis, the live, storage and registry analysis, all hold equal importance.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Adeyemi, I.R., Razak, S.A., Azhan, N.A.N.: A review of current research in network forensic analysis. Int. J. Digit. Crime Forensics. 5(1), 1–26 (2013)
Carrier, B.: Defining digital forensic examination and analysis tools using abstraction layers. Int. J. Digit. Evid. 1(4), 1–12 (2003)
Lancaster, D.T.: Windows 10 is now on more than 14 million devices just 24 hours after launch [online]. Available: http://www.windowscentral.com/windows-10-now-14-million-devices-just-24-hours-after-launch (July 2015). Accessed: 13 Sept 2015
W3schools.com: Web statistics: OS platform statistics. http://www.w3schools.com/browsers/browsersos.asp (2016)
Majeed, A., Saleem, S.: Forensic analysis of social media apps in windows 10. NUST J Eng Sci. 10(1), 37–45 (2017)
Domingues, F.: Digital forensic artifacts of the Cortana device search cache on Windows10 desktop. In: 11th International Conference on Availability, Reliability and Security, ARES.2016.44 Salzburg, Austria, IEEE (2016)
Singh, B., Singh, U.: A forensic insight into windows 10 jump lists. Digit. Investig. 17, 1–13 (2016)
Khatri, Y.: Forensic implications of system resource usage monitor (SRUM) data in windows 8. Digit. Investig. 12, 53–65 (2015)
Boyd, J.: 35 Insightful and Valuable LinkedIn Statistics. Retrieved July 2, 2018., from https://www.brandwatch.com/blog/linkedin-statistics/
De Paula, A.M.G.: Security aspects and future trends of social networks. In Proceedings of the Fourth International Conference of Forensic Computer Science, Brazil (2009)
Iqbal, A., Alobaidli, H., Almarzooqi, A., Jones, A.: LINE IM app forensic analysis. In: 12th International Conference on High-Capacity Optical Networks and Enabling/Emerging Technologies (HONET-ICT 2015)
Fontein, D.: The ultimate list of LinkedIn statistics that matter to your business. Retrieved February 7, 2017., from https://www.linkedin.com/pulse/ultimate-list-linkedin-statistics-matter-your-business-dara-fontein
Poh, M.: 10 Most Bizarre crimes linked to Facebook. Retrieved June 21, 2015, from http://www.hongkiat.com/blog/bizarre-facebookcrimes/ (n.d.)
Weise, E.: Banker used LinkedIn to send photo to prospective hire. Retrieved June 15, 2017, from https://www.usatoday.com/story/tech/news/2017/06/15/recruiter-used-linkedin-send-sex-photo-prospective-hire/102882292/
Amber, U., Nanda, P., He, X.: Online social network information forensics. A survey on use of various tools and determining how cautious Facebook users are? In: IEEE Trustcom/BigDataSE/ICESS.2017.364 (2017)
Hay, B., Nance, K., Bishop, M.: Live analysis: progress and challenges. IEEE Secur. Priv. 7(2), 30–37 (2009)
Hausknecht, K., Foit, D., Burić, J.: RAM data significance in digital forensics. In: 38th International Convention on Information and Communication Technology, Electronics and Microelectronics, MIPRO 2015 – Proceedings (May), pp. 1372–1375 (2015)
Thantilage, R., Jeyamohan, N.: A volatile memory analysis tool for retrieval of social media evidence in windows 10 OS based workstations. In: National Information Technology Conference (NITC), Sri Lanka (2017)
Ahmed, W., Aslam, B.: A comparison of windows physical memory acquisition tools. In: Milcom 2015 track 3 – cyber security and trusted computing, IEEE, FL, USA (2015)
Aljaedi, A., Lindskog, D., Zavarsky, P., Ruhl, R., Almari, F.: Comparative analysis of volatile memory forensics: live response Vs. memory imaging. In: Proceedings of 3rd IEEE International Conference on Privacy, Security, Risk and Trust, pp. 1253–1258 (2011)
Prem, T., Paul Selwin, V., Mohan, A.K.: Disk memory forensics analysis of memory forensics frameworks flow. In: International Conference on Innovations in Power and Advanced Computing Technologies [I-PACT2017]
Alazab, M., Venkatraman, S., Watters, P.: Effective digital forensic analysis of the NTFS disk image. Ubiquit. Comput. Commun. J. 4(3), 1–8 (2009)
John, J.L.: Digital forensics and preservation. Digital Preservation Coalition. Digital preservation handbook, Denmark (2012)
Zhang, S., Wang, L., Zhang, L.: Extracting Windows Registry Info from Physical Memory. IEEE (2011)
Arshad, A., Iqbal, W., Abbas, H.: USB storage device forensics for windows 10. J. Forensic Sci. 63(3), 856–867 (2017). https://doi.org/10.1111/1556-4029.13596
Al Mutawa, N., Al Awadhi, I., Baggili, I., Marrington, A.: Forensic artifacts of Facebook’s instant messaging service. In: International Conference for Internet Technology & Secured Transactions (ICITST), IEEE (2011)
Zhang, S., Wang, L., Zhang, L.: Extracting windows registry information from physical memory. In: 3rd International Conference on Computer Research and Development (2011)
Saidi, R.M., Ahmad, S.A., Noor, N.M., Younas, R.: Window registry analysis for forensic investigation. In: Proceedings of the 2013 International Conference on Technological Advances in Electrical, Electronics and Computer Engineering (TAEECE), IEEE (2013)
Kumar, H., Majeed, P.G., Pundir, S.: Forensic analysis of windows server 2008 physical memory. IJSRD-Int. J. Sci. Res. Dev. 2(01), 1–4 (2014)
Majeed, A., Zia, H., Saleem, S.: Forensics analysis of three social media apps in Window 10. In: 12th International Conference on High-capacity Optical Networks & Enabling/Emerging Technologies, IEEE (2015)
Lee, C., Chung, M.: Digital forensic analysis on Window8 style UI instant messenger applications. In: Park, J.J. (ed.) Computer Science & its Applications. Springer, Berlin (2015)
Dija, S., Suma, G.S., Gonsalvez, D.D., Pillai, A.T.: Forensic reconstruction of executables win 7 physical memory. In: International Conference on Computational Intelligence & Computing Research, IEEE (2016)
Yang, T.Y., Dehghantanha, A., Choo, K.-K.R., Muda, Z.: Windows messaging app forensics: Facebook and Skype as case studies. PLoS One. 11(3), e0150300 (2016)
Choudhary, P., Singh, U., Bharadwaj, N.K., Singh, B.: Facebook forensics for Win 10. In: 11th Annual Symposium on Information Assurance, USA (2016)
Ababneh, A., Abu Awwad, M., Al-Saleh, M.I.: IMO forensics in android and windows systems. In: 8th International Conference on Information, Intelligence, Systems & Applications (2017)
Meyers, C., Ikuesan, A.R., Venter, H.S.: Automated RAM analysis mechanism for windows OS for digital investigation. In: IEEE Conference on Application, Information and Network Security (AINS) (2017)
Gaur, S., Chhikara, R.: Memory forensics: tools and techniques. Indian J. Sci. Technol. 9(48), 1–12 (2016). https://doi.org/10.17485/ijst/2016/v9i48/105851
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Bashir, S., Abbas, H., Shafqat, N., Iqbal, W., Saleem, K. (2019). Forensic Analysis of LinkedIn’s Desktop Application on Windows 10 OS. In: Latifi, S. (eds) 16th International Conference on Information Technology-New Generations (ITNG 2019). Advances in Intelligent Systems and Computing, vol 800. Springer, Cham. https://doi.org/10.1007/978-3-030-14070-0_9
Download citation
DOI: https://doi.org/10.1007/978-3-030-14070-0_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-14069-4
Online ISBN: 978-3-030-14070-0
eBook Packages: EngineeringEngineering (R0)