Abstract:
Advancement in technology allows people to access the data through smart phones regardless of the time and place. Because of widespread applications of users’ interest, the dependency on the mobile devices has increased. Cloud storage applications are attracting user’s attention rapidly and will continue enjoying this ever-increasing popularity in the near future as well. This makes them an important potential container of evidence during the investigation. Therefore, it is important for forensic practitioners to match their pace with technological advancements.
This paper has addressed the above-mentioned problem as per NIST methodology; bit-by-bit image(s) of android phone is analyzed for exploring the containers for retrieving important artifacts of user activities. The study aims to possibly help the investigative process by scrutinizing five cloud storage applications namely: Cubby, IDrive, pCloud, Yandex Disk and Degoo, in detail. For this purpose, we used six cases for examining the mobile device. As a result, interesting locations were identified from where security vulnerabilities and other shortcomings were exposed.
The study is a three-fold read including users, vendors and forensic examiners as audience. Overall, the study concludes that security of Degoo is far better than other applications, on contrary IDrive is not a good option if you want to upload some personal data. All other three applications lie within this range.
