Summary:
Present-day smartphones act as mobile offices, entertainment hubs, and social tools, all packed into one compact device. A smartphone’s processing and data storage capability are comparable to a typical personal computer or laptop of the last decade. Important information commonly found in most smart phones include call logs, contacts lists, text messages, emails, photos, videos, web-history, application data, eBooks, and maps. With a large amount of personal data to manage, people prefer to carry their device (often called Bring Your Device, BYOD) to their workplace instead of having another phone provided by their employer. Although BYOD is catching up in workplaces worldwide, securing personal and professional data on the device is the biggest challenge for employees and employers. People with malicious intent can either try to access this valuable data or tamper with it. To the best of our knowledge, this work is the first attempt that preserves accurate data and time stamps on Android smartphones to detect malicious attempts. In this work, we propose both reactive and proactive approaches. In the reactive system, we store the time stamps in a secure location outside the device, which can help the offline digital forensic investigation in case of a security incident. In the proactive approach, we detect real-time deviations in date and time stamps for such attempts.
Publication Type: Conference
Publication Date: January 8th, 2014
Publisher: Advances in Digital Forensics X – 10th IFIP WG 11.9 International Conference on Digital Forensics
Author(s): Dr. Jayaprakash G., Dr. Guarav Gupta, Dr. Robin Verma
Links:
Preserving Dates and Timestamps for Incident Handling in Android Smartphones | SpringerLink