Skip to main content
SpringerLink
Log in

Forensic Analysis of LinkedIn’s Desktop Application on Windows 10 OS

  • Conference paper
  • First Online:
16th International Conference on Information Technology-New Generations (ITNG 2019)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 800))

Abstract

The convenient and cheap access to mobile phones and laptops have significantly increased the use of interactive applications over the past couple of years. However, this has posed various threats to legitimate users in terms of sensitive data disclosure, if their device gets lost, compromised or stolen. This study focuses on the forensic analysis of Windows AppStore applications with special focus on LinkedIn’s Desktop application; since it is one of the most downloaded applications from Windows AppStore. The paper first provides a systematic literature review of the existing digital forensic analysis techniques and highlights their weaknesses. A comprehensive novel methodology for manual forensic analysis of Windows App Store application on Windows 10 Operating System (OS) has also been proposed. For experimentation purpose, LinkedIn’s desktop application has been targeted. The research considers all kinds of scenarios such as logged in users, logged out users and intentional data deletion etc. It is finally concluded that from the viewpoint of application forensic analysis, the live, storage and registry analysis, all hold equal importance.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.00
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Adeyemi, I.R., Razak, S.A., Azhan, N.A.N.: A review of current research in network forensic analysis. Int. J. Digit. Crime Forensics. 5(1), 1–26 (2013)

    Article  Google Scholar 

  2. Carrier, B.: Defining digital forensic examination and analysis tools using abstraction layers. Int. J. Digit. Evid. 1(4), 1–12 (2003)

    Google Scholar 

  3. Lancaster, D.T.: Windows 10 is now on more than 14 million devices just 24 hours after launch [online]. Available: http://www.windowscentral.com/windows-10-now-14-million-devices-just-24-hours-after-launch (July 2015). Accessed: 13 Sept 2015

  4. W3schools.com: Web statistics: OS platform statistics. http://www.w3schools.com/browsers/browsersos.asp (2016)

  5. Majeed, A., Saleem, S.: Forensic analysis of social media apps in windows 10. NUST J Eng Sci. 10(1), 37–45 (2017)

    Google Scholar 

  6. Domingues, F.: Digital forensic artifacts of the Cortana device search cache on Windows10 desktop. In: 11th International Conference on Availability, Reliability and Security, ARES.2016.44 Salzburg, Austria, IEEE (2016)

    Google Scholar 

  7. Singh, B., Singh, U.: A forensic insight into windows 10 jump lists. Digit. Investig. 17, 1–13 (2016)

    Article  Google Scholar 

  8. Khatri, Y.: Forensic implications of system resource usage monitor (SRUM) data in windows 8. Digit. Investig. 12, 53–65 (2015)

    Article  Google Scholar 

  9. Boyd, J.: 35 Insightful and Valuable LinkedIn Statistics. Retrieved July 2, 2018., from https://www.brandwatch.com/blog/linkedin-statistics/

  10. De Paula, A.M.G.: Security aspects and future trends of social networks. In Proceedings of the Fourth International Conference of Forensic Computer Science, Brazil (2009)

    Google Scholar 

  11. Iqbal, A., Alobaidli, H., Almarzooqi, A., Jones, A.: LINE IM app forensic analysis. In: 12th International Conference on High-Capacity Optical Networks and Enabling/Emerging Technologies (HONET-ICT 2015)

    Google Scholar 

  12. Fontein, D.: The ultimate list of LinkedIn statistics that matter to your business. Retrieved February 7, 2017., from https://www.linkedin.com/pulse/ultimate-list-linkedin-statistics-matter-your-business-dara-fontein

  13. Poh, M.: 10 Most Bizarre crimes linked to Facebook. Retrieved June 21, 2015, from http://www.hongkiat.com/blog/bizarre-facebookcrimes/ (n.d.)

  14. Weise, E.: Banker used LinkedIn to send photo to prospective hire. Retrieved June 15, 2017, from https://www.usatoday.com/story/tech/news/2017/06/15/recruiter-used-linkedin-send-sex-photo-prospective-hire/102882292/

  15. Amber, U., Nanda, P., He, X.: Online social network information forensics. A survey on use of various tools and determining how cautious Facebook users are? In: IEEE Trustcom/BigDataSE/ICESS.2017.364 (2017)

    Google Scholar 

  16. Hay, B., Nance, K., Bishop, M.: Live analysis: progress and challenges. IEEE Secur. Priv. 7(2), 30–37 (2009)

    Article  Google Scholar 

  17. Hausknecht, K., Foit, D., Burić, J.: RAM data significance in digital forensics. In: 38th International Convention on Information and Communication Technology, Electronics and Microelectronics, MIPRO 2015 – Proceedings (May), pp. 1372–1375 (2015)

    Google Scholar 

  18. Thantilage, R., Jeyamohan, N.: A volatile memory analysis tool for retrieval of social media evidence in windows 10 OS based workstations. In: National Information Technology Conference (NITC), Sri Lanka (2017)

    Google Scholar 

  19. Ahmed, W., Aslam, B.: A comparison of windows physical memory acquisition tools. In: Milcom 2015 track 3 – cyber security and trusted computing, IEEE, FL, USA (2015)

    Google Scholar 

  20. Aljaedi, A., Lindskog, D., Zavarsky, P., Ruhl, R., Almari, F.: Comparative analysis of volatile memory forensics: live response Vs. memory imaging. In: Proceedings of 3rd IEEE International Conference on Privacy, Security, Risk and Trust, pp. 1253–1258 (2011)

    Google Scholar 

  21. Prem, T., Paul Selwin, V., Mohan, A.K.: Disk memory forensics analysis of memory forensics frameworks flow. In: International Conference on Innovations in Power and Advanced Computing Technologies [I-PACT2017]

    Google Scholar 

  22. Alazab, M., Venkatraman, S., Watters, P.: Effective digital forensic analysis of the NTFS disk image. Ubiquit. Comput. Commun. J. 4(3), 1–8 (2009)

    Google Scholar 

  23. John, J.L.: Digital forensics and preservation. Digital Preservation Coalition. Digital preservation handbook, Denmark (2012)

    Google Scholar 

  24. Zhang, S., Wang, L., Zhang, L.: Extracting Windows Registry Info from Physical Memory. IEEE (2011)

    Google Scholar 

  25. Arshad, A., Iqbal, W., Abbas, H.: USB storage device forensics for windows 10. J. Forensic Sci. 63(3), 856–867 (2017). https://doi.org/10.1111/1556-4029.13596

  26. Al Mutawa, N., Al Awadhi, I., Baggili, I., Marrington, A.: Forensic artifacts of Facebook’s instant messaging service. In: International Conference for Internet Technology & Secured Transactions (ICITST), IEEE (2011)

    Google Scholar 

  27. Zhang, S., Wang, L., Zhang, L.: Extracting windows registry information from physical memory. In: 3rd International Conference on Computer Research and Development (2011)

    Google Scholar 

  28. Saidi, R.M., Ahmad, S.A., Noor, N.M., Younas, R.: Window registry analysis for forensic investigation. In: Proceedings of the 2013 International Conference on Technological Advances in Electrical, Electronics and Computer Engineering (TAEECE), IEEE (2013)

    Google Scholar 

  29. Kumar, H., Majeed, P.G., Pundir, S.: Forensic analysis of windows server 2008 physical memory. IJSRD-Int. J. Sci. Res. Dev. 2(01), 1–4 (2014)

    Google Scholar 

  30. Majeed, A., Zia, H., Saleem, S.: Forensics analysis of three social media apps in Window 10. In: 12th International Conference on High-capacity Optical Networks & Enabling/Emerging Technologies, IEEE (2015)

    Google Scholar 

  31. Lee, C., Chung, M.: Digital forensic analysis on Window8 style UI instant messenger applications. In: Park, J.J. (ed.) Computer Science & its Applications. Springer, Berlin (2015)

    Google Scholar 

  32. Dija, S., Suma, G.S., Gonsalvez, D.D., Pillai, A.T.: Forensic reconstruction of executables win 7 physical memory. In: International Conference on Computational Intelligence & Computing Research, IEEE (2016)

    Google Scholar 

  33. Yang, T.Y., Dehghantanha, A., Choo, K.-K.R., Muda, Z.: Windows messaging app forensics: Facebook and Skype as case studies. PLoS One. 11(3), e0150300 (2016)

    Article  Google Scholar 

  34. Choudhary, P., Singh, U., Bharadwaj, N.K., Singh, B.: Facebook forensics for Win 10. In: 11th Annual Symposium on Information Assurance, USA (2016)

    Google Scholar 

  35. Ababneh, A., Abu Awwad, M., Al-Saleh, M.I.: IMO forensics in android and windows systems. In: 8th International Conference on Information, Intelligence, Systems & Applications (2017)

    Google Scholar 

  36. Meyers, C., Ikuesan, A.R., Venter, H.S.: Automated RAM analysis mechanism for windows OS for digital investigation. In: IEEE Conference on Application, Information and Network Security (AINS) (2017)

    Google Scholar 

  37. Gaur, S., Chhikara, R.: Memory forensics: tools and techniques. Indian J. Sci. Technol. 9(48), 1–12 (2016). https://doi.org/10.17485/ijst/2016/v9i48/105851

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information Security, National University of Sciences and Technology, Islamabad, Pakistan

    Saman Bashir, Haider Abbas, Narmeen Shafqat & Waseem Iqbal

  2. Center of Excellence in Information Assurance (CoEIA), King Saud University, Riyadh, Kingdom of Saudi Arabia

    Kashif Saleem

Authors
  1. Saman Bashir
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Haider Abbas
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Narmeen Shafqat
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Waseem Iqbal
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Kashif Saleem
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Haider Abbas .

Editor information

Editors and Affiliations

  1. Department of Electrical and Computer Engineering, University of Nevada, Las Vegas, NV, USA

    Shahram Latifi

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bashir, S., Abbas, H., Shafqat, N., Iqbal, W., Saleem, K. (2019). Forensic Analysis of LinkedIn’s Desktop Application on Windows 10 OS. In: Latifi, S. (eds) 16th International Conference on Information Technology-New Generations (ITNG 2019). Advances in Intelligent Systems and Computing, vol 800. Springer, Cham. https://doi.org/10.1007/978-3-030-14070-0_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-14070-0_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-14069-4

  • Online ISBN: 978-3-030-14070-0

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation