Research on Note-Taking Apps with Security Features

Myungseo Park
1, Soram Kim1, and Jongsung Kim1,2+
 

1Dept. of Financial Information Security, Kookmin University, 77 Jeongneung-Ro

Seongbuk-Gu, Seoul, 02707, South Korea

{pms91, kimsr2040, jskim}@kookmin.ac.kr

 

2Dept. of Information Security, Cryptology and Mathematics, Kookmin University, 77 Jeongneung-Ro Seongbuk-Gu, Seoul, 02707, South Korea

jskim.kookmin.ac.kr

 

Abstract

Smartphone applications (apps) provide users with features to maximize the usefulness of smartphones in various categories, such as finance, education, health, life, and entertainment. For these features, apps store within themselves user data, which are closely related to their user. Such data can be thus used as key digital forensics clues. However, some apps use their own security features to protect data against external threats. Security features, which can effectively protect sensitive data, impose considerable digital forensics challenges that require data decryption to be used as evidence. Therefore, it is essential to conduct a preliminary study of apps with security features so that forensic investigators can perform their work efficiently. In this paper, we propose a forensic analysis of the note-taking apps ClevNote and Samsung Notes. Note-taking apps are valuable as evidence in forensic investigations because notes written by users are stored as app data, but forensic analysis is difficult as several security features protect app data. We conducted a study on a method to collect the protected app data in a form usable as evidence. To achieve this purpose, we identified the security features for target apps and obtained app data by revealing the operation process of security functions using reverse engineering.

Keywords: Smartphone application, Note-taking application, Access control, Data encryption/decryption

 

+: Corresponding author: Jongsung Kim
Department of Information Security, Cryptology and Mathematics and Dept. of Financial Information Security,
Kookmin University, 77 Jeongneung-Ro, Seongbuk-Gu, Seoul, 02707, Korea, Tel: +82-2910-4750

 

Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), Vol. 11, No. 4, pp. 63-76, December 2020 [pdf]

Received: October 7, 2020; Accepted: December 21, 2020; Published: December 31, 2020

DOI: 10.22667/JOWUA.2020.12.31.063