Research on Note-Taking Apps with
Security Features 1Dept.
of Financial Information Security, Kookmin University, 77 Jeongneung-Ro Seongbuk-Gu,
Seoul, 02707, South Korea {pms91,
kimsr2040, jskim}@kookmin.ac.kr 2Dept.
of Information Security,
Cryptology and Mathematics, Kookmin
University, 77 Jeongneung-Ro Seongbuk-Gu, Seoul, 02707, South Korea jskim.kookmin.ac.kr Abstract Smartphone applications (apps) provide users with
features to maximize the usefulness of smartphones in various categories,
such as finance, education, health, life, and entertainment. For these
features, apps store within themselves user data, which are closely related
to their user. Such data can be thus used as key digital forensics clues.
However, some apps use their own security features to protect data against
external threats. Security features, which can effectively protect sensitive
data, impose considerable digital forensics challenges that require data
decryption to be used as evidence. Therefore, it is essential to conduct a
preliminary study of apps with security features so that forensic
investigators can perform their work efficiently. In this paper, we propose a
forensic analysis of the note-taking apps ClevNote
and Samsung Notes. Note-taking apps are valuable as evidence in forensic
investigations because notes written by users are stored as app data, but
forensic analysis is difficult as several security features protect app data.
We conducted a study on a method to collect the protected app data in a form
usable as evidence. To achieve this purpose, we identified the security
features for target apps and obtained app data by revealing the operation
process of security functions using reverse engineering. Keywords: Smartphone application, Note-taking
application, Access control, Data encryption/decryption +: Corresponding author: Jongsung Kim Journal of Wireless Mobile Networks, Ubiquitous
Computing, and Dependable Applications (JoWUA),
Vol. 11, No. 4, pp. 63-76, December 2020 [pdf] DOI: 10.22667/JOWUA.2020.12.31.063 |