P. Andriotis, T. Tryfonas, G. Oikonomou, I. King

Abstract:
Contemporary mobile devices allow almost unrestricted sharing of multimedia and other types of files. But as smartphones and tablets can easily access the Internet or exchange files wirelessly, they've also transformed to useful tools for criminals, aiming at performing illegal activities such as sharing contraband or distributing child abuse images. Thus, the need to investigate the source and destination of a multimedia file that resides in the internal memory of a smartphone becomes apparent. In this paper we present a framework that illustrates and visualizes the flow of digital images as evidence obtained from the artefacts retrieved from Android smartphones during a forensic investigation. Our approach uses `big data' concepts to facilitate the processing of diverse (semi-structured) evidence derived from mobile devices and extends the idea of Digital Evidence Bags (DEB). We obtained our data after running an experiment that included image exchanging through numerous channels such as Bluetooth, Internet and cloud services. Our study presents information about the locations where evidence resides and uses graph databases to store metadata and therefore, visualize the relationships that connect images with apps and events.
Reference:
P. Andriotis, T. Tryfonas, G. Oikonomou, I. King, "A framework to describe multimedia circulation in the smartphone ecosystem", in Advances in Digital Forensics XI, ser. IFIP Advances in Information and Communication Technology, 462, pp. 251-267, 2015
Bibtex Entry:
@INPROCEEDINGS{Andriotis-2015-aict,
  title = {A framework to describe multimedia circulation in the smartphone ecosystem},
  author = {Panagiotis Andriotis and Theo Tryfonas and George Oikonomou and Irwin King},
  year = {2015},
  editor = {Gilbert Peterson and Sujeet Shenoi},
  series = {IFIP Advances in Information and Communication Technology},
  volume = {462},
  publisher = {Springer},
  booktitle = {Advances in Digital Forensics XI},
  pages = {251--267},
  url = {http://link.springer.com/chapter/10.1007%2F978-3-319-24123-4_15},
  doi = {10.1007/978-3-319-24123-4_15},
  gsid = {16098972184217302989},
  abstract = {Contemporary mobile devices allow almost unrestricted sharing of multimedia and other types of files. But as smartphones and tablets can easily access the Internet or exchange files wirelessly, they've also transformed to useful tools for criminals, aiming at performing illegal activities such as sharing contraband or distributing child abuse images. Thus, the need to investigate the source and destination of a multimedia file that resides in the internal memory of a smartphone becomes apparent. In this paper we present a framework that illustrates and visualizes the flow of digital images as evidence obtained from the artefacts retrieved from Android smartphones during a forensic investigation. Our approach uses `big data' concepts to facilitate the processing of diverse (semi-structured) evidence derived from mobile devices and extends the idea of Digital Evidence Bags (DEB). We obtained our data after running an experiment that included image exchanging through numerous channels such as Bluetooth, Internet and cloud services. Our study presents information about the locations where evidence resides and uses graph databases to store metadata and therefore, visualize the relationships that connect images with apps and events.},
}

A framework to describe multimedia circulation in the smartphone ecosystem