Forensic Web Analysis on The Latest Version of Whatsapp Browser
DOI:
10.47709/cnahpc.v5i1.2286Keywords:
Artifact Investigation, WhatsApp web messenger, Digital forensics, Autopsy, FTK Imager, NISTDimension Badge Record
Abstract
With the rapid growth of technology and the increasing number of smartphone users, social media applications have proliferated. Among them, WhatsApp has emerged as the most widely used application, with over a quarter of the world's population using it since 2009. To meet the increasing customer demands, WhatsApp has introduced a browser version, which has undergone continuous updates and improvements. The latest version of WhatsApp exhibits significant differences in features and settings compared to its predecessors, particularly in conversations, images, video recordings, and other aspects. Consequently, this research focuses on analyzing artifacts that can aid in forensic investigations. The study aims to extract artifacts related to conversation sessions, as well as media data such as audio files, contact numbers, photos, videos, and more. To achieve these objectives, various forensic tools will be employed to assist in the artifact search within the WhatsApp browser. The research adopts the NIST framework and utilizes forensic techniques like Autopsy and FTK Imager to read encrypted backup database files. These files contain valuable information such as deleted conversations, phone logs, photos, videos, and other data of interest. Analyzing the artifacts from the WhatsApp browser version contributes to forensic activities, providing valuable insights into the evidence that can be obtained from conversations and media files. By leveraging forensic tools and techniques, forensic practitioners can effectively retrieve and analyze data from the encrypted backup database files. In summary, this research explores the artifacts within the WhatsApp browser version, sheds light on its distinct features, and presents a forensic approach utilizing the NIST framework and forensic tools like Autopsy and FTK Imager to examine encrypted backup database files containing crucial deleted data, conversations, and media files.
Downloads
Abstract viewed = 341 times
References
Iqbal, M., & Riadi, I. (2019). Forensic WhatsApp based Android using National Institute of Standard Technology (NIST) Method. International Journal of Computer Applications, 177(8). https://doi.org/10.5120/ijca2019919443
Jafri, M. S., Raharjo, S., & Arief, M. R. (2022). Implementation of ACPO Framework for Digital Evidence Acquisition in Smartphones. CCIT Journal, 15(1). https://doi.org/10.33050/ccit.v15i1.1586
Khweiled, R., & Jazzar, M. (2021). An Improved Framework For cyberbullying Investigation Process on WhatsApp application. Journal of Xi’an University of Architecture & Technology, XIII(9).
Lakshmi, M. S. P., & Rajeshrajesh, P. (2019). A forensic approach to perform android device analysis. International Journal of Recent Technology and Engineering, 7(6).
Martínez-Comeche, J. A., & Ruthven, I. (2023). Informational features of WhatsApp in everyday life in Madrid: An exploratory study. Journal of Information Science, 49(1). https://doi.org/10.1177/0165551521990612
Montasari, R., Hill, R., Carpenter, V., & Montaseri, F. (2018). Digital Forensic Investigation of Social Media, Acquisition and Analysis of Digital Evidence. International Journal of Strategic Engineering, 2(1). https://doi.org/10.4018/ijose.2019010105
Paligu, F., Kumar, A., Cho, H., & Varol, C. (2019). BrowStExPlus: A Tool to Aggregate IndexedDB Artifacts for Forensic Analysis. Journal of Forensic Sciences, 64(5). https://doi.org/10.1111/1556-4029.14043
Qureshi, M. A., & El-Alfy, E. S. M. (2019). Bibliography of digital image anti-forensics and anti-anti-forensics techniques. In IET Image Processing (Vol. 13, Issue 11). https://doi.org/10.1049/iet-ipr.2018.6587
Riadi, I., & Firdonsyah, A. (2018). Forensic analysis of android-based instant messaging application. Proceeding of 2018 12th International Conference on Telecommunication Systems, Services, and Applications, TSSA 2018. https://doi.org/10.1109/TSSA.2018.8708798
Rosselina, L., Suryanto, Y., Hermawan, T., & Alief, F. (2020). Framework design for the retrieval of instant messaging in social media as electronic evidence. International Conference on Electrical Engineering, Computer Science and Informatics (EECSI), 2020-October. https://doi.org/10.23919/EECSI50503.2020.9251888
Shah, Z., Kyaw, A., Truong, H. P., Ullah, I., & Levula, A. (2022). Forensic Investigation of Remnant Data on USB Storage Devices Sold in New Zealand. Applied Sciences (Switzerland), 12(12). https://doi.org/10.3390/app12125928
Simanjuntak, M. S., & Panjaitan, J. (2021). Analisa Recovery Data Menggunakan Software. Jurnal Teknik Informatika Komputer Universal, 1(1).
Vukadinovic, N. V. (2019). WhatsApp Forensics: Locating Artifacts in Web and Desktop Clients. Master’s Thesis, Purdue University Graduate School, May.
Wijnberg, D., & Le-Khac, N. A. (2021). Identifying interception possibilities for WhatsApp communication. Forensic Science International: Digital Investigation, 38. https://doi.org/10.1016/j.fsidi.2021.301132
Zuhriyanto, I., Anton Yudhana, & Imam Riadi. (2020). Comparative analysis of Forensic Tools on Twitter applications using the DFRWS method. Jurnal RESTI (Rekayasa Sistem Dan Teknologi Informasi), 4(5). https://doi.org/10.29207/resti.v4i5.2152
Downloads
ARTICLE Published HISTORY
Accepted Date: 2023-05-02
Published Date: 2023-05-24
How to Cite
Issue
Section
License
Copyright (c) 2022 Dicky Satrio Ikhsan Utomo, Yudi Prayudi , Erika Ramadhani
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
