Map applications are becoming an essential application for smartphone users by providing various location-based services such as navigation, route search, public transportation directions, and traffic information. At this time, The location information of user travel paths and destinations generated by the use of the application can be combined with time to be used as important data from a digital forensics perspective. Therefore, it is necessary to collocet and analyze map application data in advance so that it can be used as evidence. In this paper, we analyzed Naver Map, TMAP and Kakao Map which are used the most among maps and navigation applications. We identified the artifacts generated by the use of each application in the Android environment based on user behavior and obtained important data from a digital forensic perspective. We found that TMAP and Kakao Map store all data in plaintext, and we analyzed user artifacts in the data. However, Naver Maps encrypts and stores main database files, and uses Android Keystore to archive the passphrase, the encryptionkey used for encryption. We decrypted the encrypted database by hooking the API to extract the decrypted passphrase. Through this, we analyzed artifacts related to location information on Naver Map.
Map applications are becoming an essential application for smartphone users by providing various location-based services such as navigation, route search, public transportation directions, and traffic information. At this time, The location information of user travel paths and destinations generated by the use of the application can be combined with time to be used as important data from a digital forensics perspective. Therefore, it is necessary to collocet and analyze map application data in advance so that it can be used as evidence. In this paper, we analyzed Naver Map, TMAP and Kakao Map which are used the most among maps and navigation applications. We identified the artifacts generated by the use of each application in the Android environment based on user behavior and obtained important data from a digital forensic perspective. We found that TMAP and Kakao Map store all data in plaintext, and we analyzed user artifacts in the data. However, Naver Maps encrypts and stores main database files, and uses Android Keystore to archive the passphrase, the encryption key used for encryption. We decrypted the encrypted database by hooking the API to extract the decrypted passphrase. Through this, we analyzed artifacts related to location information on Naver Map.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.