Title: Acquisition of Browser Artifacts from Android Devices

Issue Number: Vol. 7, No. 2
Year of Publication: Jun - 2018
Page Numbers: 175-182
Authors: Emrah Sariboz , Cihan Varol
Journal Name: International Journal of Cyber-Security and Digital Forensics (IJCSDF)
- Hong Kong
DOI:  http://dx.doi.org/10.17781/P002392

Abstract:


, Internet Explorer, Mozilla Firefox, Opera, and Apple’s Safari. Due to increased usage of the web storage, it has become a research topic of interest to forensic investigators. In 2015, Mendoza et al worked on the desktop implementation of the web storage feature and investigated the extraction and mining of web browser artifacts for forensic purpose. This study will go beyond Mendoza’s work and reveal the usage of web storage feature in mobile devices, specifically on Android platform. The five major mobile browsers (Google Chrome, Samsung, Firefox, Opera, and Web Explorer) are investigated in a forensic manner for web storage. Specifically, mostly visited 15 websites are investigated for local storage implementation on Android platform. Obtained results show that there are extensive similarities on the implementation of web storage on desktop platforms and mobile devices, such as stored information differences among the visited website and used web browser. Overall, this research will help an investigator to acquire web storage data that can potentially hold forensically important evidence for a crime in which the mobile device can be an instrument to commit a crime or even when a computer and its data is the target of a crime.