Keyword Indexing And Searching Tool (KIST): A Tool to Assist the Forensics Analysis of WhatsApp Chat

Authors

  • Syafiqah Hanisah Shahrol Nizam Faculty of Computer Science and Information Technology, Universiti Tun Hussein Onn Malaysia Batu Pahat, Johor, Malaysia
  • Nurul Hidayah Ab Rahman Faculty of Computer Science and Information Technology, Universiti Tun Hussein Onn Malaysia Batu Pahat, Johor, Malaysia
  • Niken Dwi Wahyu Cahyani School of Informatics Telkom University, Bandung, Indonesia

DOI:

https://doi.org/10.21108/IJOICT.2020.61.481

Abstract

Digital forensics is a field that concerned with finding and presenting evidence sourced from digital devices, such as computers and mobile phones. Most of the forensic analysis software is proprietary, and eventually, specialized analysis software is developed in both the private and public sectors. This paper presents an alternative of forensic analysis tools for digital forensics, which specifically to analyze evidence through keyword indexing and searching. Keyword Indexing and Searching Tool (KIST) is proposed to analyze evidence of interest from WhatsApp chat text files using keyword searching techniques and based on incident types. The tool was developed by adopting the Prototyping model as its methodology. KIST includes modules such as add, edit, remove, display the indexed files, and to add WhatsApp chat text files. Subsequently, the tool is tested using functionality testing and user testing. Functionality testing shows all key functions are working as intended, while users testing indicates the majority of respondents are agree that the tool is able to index and search keyword and display forensic analysis results.

Downloads

Download data is not yet available.

References

Ab Rahman, N. H., Cahyani, N. D. W., & Choo, K. K. R. (2017). Cloud incident handling and forensic-by-design: cloud storage as a case study. Concurrency Computation , 29(14), 1–16. https://doi.org/10.1002/cpe.3868

Ademu, I. O., & Imafidon, D. C. O. (2013). The Importance and Need for Digital Forensic Investigative Framework. In International Conference on Artificial Intelligence (ICAI’13). Las Vegas,Nevada, USA. Retrieved from http://world-comp.org/proc2013/icai/ICAI_Contents__Vol_II.pdf

Amandeep, K. R. & K. (2012). Digital Forensics. International Journal of Computer Applications, 50(5), 5–9. https://doi.org/10.5120/7765-0844

Basis Technology (2015). Autopsy User Documentation: Keyword Search Module - The Sleuth Kit. Retrieved October 18, 2018, from http://sleuthkit.org/autopsy/docs/user-docs/3.1/keyword_search.html

Beebe, N., & Dietrich, G. (2007). Chapter 12 A New Process Model For Text String Searching, 242, 179–191.

Carlson, P. (2006). Apache Lucene - Query Parser Syntax. The Apache Software Foundation.

Retrieved from http://lucene.apache.org/core/old_versioned_docs/versions/3_5_0/queryparsersyntax.html

Carrier, B. (2003). Defining digital forensic examination and analysis tools using abstraction layers. International Journal of Digital Evidence, 1(4), 1–12. https://doi.org/10.1017/CBO9781107415324.004

DFIR Training. (2019). Drugs lists. Retrieved December 15, 2019, from https://www.dfir.training/keyword-lists/drug-lists

Ghosh, S. (2018). WhatsApp is dramatically cutting message forwarding after viral fake news led to lynchings. Retrieved November 12, 2019, from https://www.businessinsider.my/whatsapp-cut-message-forwarding-stop-viral-fake-news-2018-7/

Lahaie, C., Porto, K., & Leberfinger, D. (2012). OSForensics Comparison. Retrieved from http://www.champlain.edu/Documents/LCDI/archive/OSForensics-Comparison-ReportPDF.pdf

Mishra, S. (2007). Keyword Indexing and Searching for Large Forensics Targets using Distributed Computing. University of New Orleans Theses and Dissertations. https://doi.org/510

NSTP Team. (2018). WhatsApp, Facebook main sources of fake news for Malaysians. Retrieved December 15, 2019, from https://www.nst.com.my/news/nation/2018/03/349523/whatsapp-facebook-main-sources-fake-news-malaysians

Palmer, G. (2001). A Road Map to Digital Forensic Research. In The Digital Forensic Research Conference DFRWS 2001 USA Utica, NY (Aug 7th - 8th) (p. 32). Retrieved from http://www.dfrws.org/2001/dfrws-rm-final.pdf

Reith, M., Carr, C., & Gunsch, G. (2002). An Examination Of Digital Forensic Models. International Journal of Digital Evidence, 1(3), 1–12. https://doi.org/10.1109/SADFE.2009/

Downloads

Published

2020-06-20

How to Cite

Nizam, S. H. S., Ab Rahman, N. H., & Cahyani, N. D. W. (2020). Keyword Indexing And Searching Tool (KIST): A Tool to Assist the Forensics Analysis of WhatsApp Chat. International Journal on Information and Communication Technology (IJoICT), 6(1), 23–30. https://doi.org/10.21108/IJOICT.2020.61.481

Issue

Vol. 6 No. 1 (2020): June 2020

Section

Security & Cryptography

License

Manuscript submitted to IJoICT has to be an original work of the author(s), contains no element of plagiarism, and has never been published or is not being considered for publication in other journals. Author(s) shall agree to assign all copyright of published article to IJoICT. Requests related to future re-use and re-publication of major or substantial parts of the article must be consulted with the editors of IJoICT.