A Digital Forensics Analysis for Detection of The Modified COVID-19 Mobile Application

A Digital Forensics Analysis for Detection of The Modified COVID-19 Mobile Application

연구 분야: Strategies

학회: 2020 5th International Conference on Computer Science and Engineering (UBMK)

Thanks to the flexible and developable structure of the Android operating system, application packages (APK files) can be easily installed on mobile devices. This situation paved the way for many different applications to be developed and used without supervision. In addition to well-developed applications, this structure of the Android operating system has enabled the use of pirated applications targeting user data and anti-forensic applications developed for different purposes. Therefore, the detection and analysis processes of pirated applications targeting user data and applications displaying anti forensic computing behaviors are quite difficult and complex. In this study, the detection and analysis methods of such applications are mentioned, and then the proposed methods are tested with sample application analysis. In the sample case analysis, an analysis of the suspicious application, which does not match the package name and application name, was carried out. As a result of the analysis, it has been determined that the harmful application uses the icon and name of a known application, and the package name was randomly generated irrelevantly to reduce detectability. The study is thought to be useful for the detection of such suspicious applications. In the case study, an analysis of the application in which one of the popular mobile applications was imitated due to the covid-19 pandemic was performed.