Advanced search
Publication Cover
Australian Journal of Forensic Sciences Volume 50, 2018 - Issue 1
Submit an article Journal homepage
866
Views
24
CrossRef citations to date
0
Altmetric
Original Articles

Forensic analysis and security assessment of Android m-banking apps

Rajchada ChanajittFaculty of Information Communication and Technology, Mahidol University, Bangkok, ThailandCorrespondence[email protected]
,
Wantanee ViriyasitavatFaculty of Information Communication and Technology, Mahidol University, Bangkok, Thailand
&
Kim-Kwang Raymond ChooSchool of Information Technology and Mathematical Sciences, University of South Australia, Adelaide, Australia
Pages 3-19 | Received 29 Jan 2016, Accepted 11 Apr 2016, Published online: 22 May 2016

References

  • 82% of mobile media time is via Apps [Internet]. Bosomworth D: Flurry Analytics [cited May 2012]. Available from: http://www.smartinsights.com/mobile-marketing/app-marketing/82-of-mobile-media-time-is-via-apps/
  • Do Q, Martini B, Choo K-KR, editor. Enhancing user privacy on android mobile devices via permissions removal. Proceedings of the 2014 47th Hawaii International Conference on System Sciences (HICSS); 2014 Jan 6–9; Hawaii, USA.
  • Do Q, Martini B, Choo K-KR, editor. Enforcing file system permissions on android external storage: Android File System Permissions (AFP) prototype and ownCloud. 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom); 2014 Sep 24-26; Beijing, China.
  • Immanuel F, Martini B, Choo K-KR, editor. Android cache taxonomy and forensic process. Proceedings of 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom); 2015 Aug 20–22; Helsinki, Finland.
  • Mobile Banking From Innovative Trend to Staple Service? [Internet]. Sugarloaf Parkway (GA): Georgia Credit Union Affiliates [cited 2013]. Available from: http://www.gcua.org/publications/considerthis/2013/jul/jul13.html
  • Consumers and Mobile Financial Services 2015 [Internet]. Office of Inspector General (WA): Board of Governors of The Federal Reserve System [cited 2015 March]. Available from: http://www.federalreserve.gov/econresdata/consumers-and-mobile-financial-services-report-201503.pdf
  • D’Orazio C, Choo K-K R, editor. A generic process to identify vulnerabilities and design weaknesses in iOS healthcare apps. Proceedings of the 2015 48th Hawaii International Conference on System Sciences (HICSS); 2015 Jan 5–8; Hawaii, USA.
  • Daryabar D, Dehghantanha A, Eterovic-Soric B, et al. Forensic investigation of OneDrive, Box, GoogleDrive and Dropbox applications on android and iOS devices. Australian Journal of Forensic Sciences. [In press, DOI: http://dx.doi.org/10.1080/00450618.2015.1110620].
  • Norouzi F, Dehghantanha A, Eterovic-Soric B, et al. Investigating social networking applications on smartphones: detecting Facebook, Twitter, LinkedIn, and Google+ Artifacts on android and iOS platforms. Australian Journal of Forensic Sciences. [In press, DOI: http://dx.doi.org/10.1080/00450618.2015.1066854].
  • Shariati M, Dehghantanha A, Choo K-KR. SugarSync forensic analysis. Australian Journal of Forensic Sciences. 2015;48(1):95–117.
  • Martini B, Do Q, Choo K-K R. Chapter 15 – Mobile cloud forensics: an analysis of seven popular Android apps. In Ko R and Choo K-K R, editors. Waltham, MA: Syngress, an Imprint of Elsevier; 2015. Cloud security ecosystem; pp. 309–345.
  • Do Q, Martini B, Choo K-KR. A forensically sound adversary model for mobile devices. PLOS ONE. 2015;10(9):e0138449.10.1371/journal.pone.0138449
  • Azfar A, Choo K-KR, Liu L. Android mobile VoIP apps: a survey and examination of their security and privacy. Electronic Commerce Research. 2016;16(1):73–111.10.1007/s10660-015-9208-1
  • Barmpatsalou K, Damopoulos D, Kambourakis G, et al. A critical review of 7 years of mobile device forensics. Digital Investigation. The International Journal of Digital Forensics & Incident Response. 2013;10(4):323–349.
  • Sufatrio, Darell JJ Tan, Tong-Wei Chua, et al. Thing: securing android: a survey, taxonomy, and challenges. ACM Computing Surveys (CSUR). 2015;47(4):58.
  • Polla LM, Martinelli F, Sgandurra D. A survey on security for mobile devices. IEEE Communications Surveys and Tutorials. 2013;15(1):446–471.10.1109/SURV.2012.013012.00028
  • Azfar A, Choo K-K R, Liu L, editor. Forensic taxonomy of popular android mHealth apps. Proceedings of 21st Americas Conference on Information Systems (ACMIS); 2015 Aug 13–15; Puerto Rico, USA.
  • Azfar A, Choo K-K R, Liu L. An android communication app forensic taxonomy. Journal of Forensic Sciences [In press, accepted 5 October 2015].
  • Leom MD, D’Orazio C, Deegan G, et al., editor. Forensic collection and analysis of thumbnails in android. Proceedings of 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom); 2015Aug 20–22; Helsinki, Finland.
  • Mutawa AN, Baggili I, Marrington A. Forensic analysis of social networking applications on mobile devices. Digital Investigation. 2012;9: S24–S33.10.1016/j.diin.2012.05.007
  • Anglano C. Forensic analysis of WhatsApp Messenger on android smartphones. Digital Investigation: The International Journal of Digital Forensics & Incident Response. 2014;11(3):201–213.
  • Yang TY, Dehghantanha A, Choo K-KR, et al. Windows instant messaging app forensics: Facebook and Skype as case studies. PLOS ONE. 2016;11(3):e0150300.10.1371/journal.pone.0150300
  • Jung J, Kim JY, Lee HC, et al. Repackaging attack on android banking applications and its countermeasures. Wireless Personal Communications. December 2013;73(4):1421–1437.10.1007/s11277-013-1258-x
  • SWGDE Best Practices for Examining Mobile Phones Using JTAG Version: 1.0. Scientific working group on digital evidence [cited 2015 September 29]. Available from: https://www.swgde.org/documents/Current%20Documents/2015-09-29%20SWGDE%20Best%20Practices%20for%20Examining%20Mobile%20Phones%20Using%20JTAG
  • Do Q, Martini B, Choo K-KR. Exfiltrating data from android devices. Computers & Security. 2015;48:74–91.
  • D’Orazio C, Choo K-KR. An adversary model to evaluate DRM protection of video contents on iOS devices. Computers & Security. 2016;56(C):94–110.
  • Imgraben J, Engelbrecht A, Choo K-KR. Always connected, but are smart mobile users getting more security savvy? A survey of smart mobile device users. Behaviour & Information Technology. 2014;33(12):1347–1360.
  • Application Security Guide For CISOs Version 1.0 [Internet]. Open Web Application Security Project (OWASP) [cited 2013 November]. Available from: https://www.owasp.org/images/d/d6/Owasp-ciso-guide.pdf
  • 2015 State of Application Security: Closing the Gap [Internet]. Bird J, Johnson E, Kim F: SANS Institute InfoSec Reading Room [cited 2015 May]. Available from: https://www.sans.org/reading-room/whitepapers/analyst/2015-state-application-security-closing-gap-35942

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.