ResearchSpace
Reference architecture for android applications to support the detection of manipulated evidence
JavaScript is disabled for your browser. Some features of this site may not work without it.
- ResearchSpace
- →
- Research Publications/Outputs
- →
- Journal Articles
- →
- View Item
| dc.contributor.author |
Pieterse, Heloise
|
|
| dc.contributor.author |
Olivier, MS
|
|
| dc.contributor.author |
Van Heerden, Renier P
|
|
| dc.date.accessioned | 2017-01-16T09:39:50Z | |
| dc.date.available | 2017-01-16T09:39:50Z | |
| dc.date.issued | 2016-06 | |
| dc.identifier.citation | Pieterse, H., Olivier, M.S and Van Heerden, R. P. 2016. Reference architecture for android applications to support the detection of manipulated evidence. SAIEE Africa Research Journal (Transactions of the South African Institute of Electrical Engineers) 107, pp 92-103. | en_US |
| dc.identifier.issn | 1991-1696 | |
| dc.identifier.issn | 1991-1696 | |
| dc.identifier.uri | http://www.saiee.org.za/displaycustomlink.aspx?name=ARJ107June2016Part2 | |
| dc.identifier.uri | http://hdl.handle.net/10204/8901 | |
| dc.identifier.uri | https://ieeexplore.ieee.org/document/8531545 | |
| dc.identifier.uri | DOI: 10.23919/SAIEE.2016.8531545 | |
| dc.description | Copyright: 2016 South African Institute of Electrical Engineers.For access to the full text item, please consult the publisher's website. The definitive version of the work is published in the SAIEE Africa Research Journal (Transactions of the South African Institute of Electrical Engineers)107, pp92–103 | en_US |
| dc.description.abstract | Traces found on Android smartphones form a significant part of digital investigations. A key component of these traces is the date and time, often formed as timestamps. These timestamps allow the examiner to relate the traces found on Android smartphones to some real event that took place. This paper performs exploratory experiments that involve the manipulation of timestamps found in SQLite databases on Android smartphones. Based on observations, specific heuristics are identified that may allow for the identification of manipulated timestamps. To overcome the limitations of these heuristics, a new reference architecture for Android applications is also introduced. The reference architecture provides examiners with a better understanding of Android applications as well as the associated digital evidence. The results presented in the paper show that the suggested techniques to establish the authenticity and accuracy of digital evidence are feasible. | en_US |
| dc.language.iso | en | en_US |
| dc.publisher | South African Institute of Electrical Engineers | en_US |
| dc.relation.ispartofseries | Workflow;17639 | |
| dc.subject | Android smartphones | en_US |
| dc.subject | Digital investigations | en_US |
| dc.subject | Timestamps | en_US |
| dc.title | Reference architecture for android applications to support the detection of manipulated evidence | en_US |
| dc.type | Article | en_US |
| dc.identifier.apacitation | Pieterse, H., Olivier, M., & Van Heerden, R. P. (2016). Reference architecture for android applications to support the detection of manipulated evidence. http://hdl.handle.net/10204/8901 | en_ZA |
| dc.identifier.chicagocitation | Pieterse, Heloise, MS Olivier, and Renier P Van Heerden "Reference architecture for android applications to support the detection of manipulated evidence." (2016) http://hdl.handle.net/10204/8901 | en_ZA |
| dc.identifier.vancouvercitation | Pieterse H, Olivier M, Van Heerden RP. Reference architecture for android applications to support the detection of manipulated evidence. 2016; http://hdl.handle.net/10204/8901. | en_ZA |
| dc.identifier.ris | TY - Article AU - Pieterse, Heloise AU - Olivier, MS AU - Van Heerden, Renier P AB - Traces found on Android smartphones form a significant part of digital investigations. A key component of these traces is the date and time, often formed as timestamps. These timestamps allow the examiner to relate the traces found on Android smartphones to some real event that took place. This paper performs exploratory experiments that involve the manipulation of timestamps found in SQLite databases on Android smartphones. Based on observations, specific heuristics are identified that may allow for the identification of manipulated timestamps. To overcome the limitations of these heuristics, a new reference architecture for Android applications is also introduced. The reference architecture provides examiners with a better understanding of Android applications as well as the associated digital evidence. The results presented in the paper show that the suggested techniques to establish the authenticity and accuracy of digital evidence are feasible. DA - 2016-06 DB - ResearchSpace DP - CSIR KW - Android smartphones KW - Digital investigations KW - Timestamps LK - https://researchspace.csir.co.za PY - 2016 SM - 1991-1696 SM - 1991-1696 T1 - Reference architecture for android applications to support the detection of manipulated evidence TI - Reference architecture for android applications to support the detection of manipulated evidence UR - http://hdl.handle.net/10204/8901 ER - | en_ZA |
