ARTIFACTS RETRIEVAL USING NETWORK FORENSIC APPROACH FOR SAAS CLOUD STORAGE ON ANDROID

Abstract

The widespread implementation of cloud storage solutions has fundamentally transformed data governance; however, it has concurrently introduced intricate security dilemmas, particularly within entities that adopt Bring Your Own Device (BYOD) policies. While cloud storage facilitates scalability and economic efficiency, it concurrently offers pathways for cyber intrusions and data compromises, thereby necessitating the establishment of rigorous digital forensic (DF) methodologies. This investigation addresses the imperative requirement for DF professionals to proficiently recover and scrutinize data remnants from Android cloud storage applications, particularly in light of the continuously evolving security milieu of the Android ecosystem. The objective is to propose a digital forensic protocol for the recovery of data remnants from five distinct Android cloud storage applications—BigMind, Degoo, FEX NET, File.fm, and Koofr—utilizing network packet analysis as the primary methodology. NET, File.fm, and Koofr—utilizing network packet analysis as the primary method. By simulating a variety of user interactions, including login, uploading, downloading, and deletion, the study contrasts the data remnants obtained from both Android applications and mobile web browsers to elucidate significant forensic variances. The results indicate the feasibility of extracting sensitive information such as user credentials, file metadata, and access tokens, thereby equipping DF professionals with vital intelligence for cyberattack inquiries and security oversight. Moreover, the study emphasizes the difficulties posed by sophisticated security protocols in certain applications, which hinder the processes of network packet acquisition and decryption. Ultimately, the findings contribute to the formulation of enhanced BYOD security frameworks, empowering organizations to more effectively manage cloud utilization, identify unauthorized data access, and alleviate security vulnerabilities associated with the extensive adoption of cloud storage within the Android domain. This study enriches the expanding corpus of knowledge that is essential for securing cloud services and strengthening digital forensic methodologies in response to the dynamic landscape of cyber threats.