The discipline of smartphone forensics has recently got more at-tention because of the tremendous growth in the smartphones market. Smartphones, to some extent, have similar capabilities to that of PCs. They can store large amount of data and diver-gent categories of information. Among other mobile platforms, Android-based devices are getting more popularity. Variety of mo-bile Applications (Apps) are increasingly developed to mainly extend the functionally of the phones. The usage of Voice over IP (VoIP) Apps has explosively increased for their wide avail-ability and cheap prices. As Skype is one of the most popular VoIP Apps, in this paper we investigate the artifacts of Skype calls and chats in the Android devices. We inspect both the RAM and NAND flash memories in different scenarios and time dura-tions. Even though Skype provides secure communications over the Internet, this paper shows that Skype call and chat evidences can be truly found in the devices. To the best of our knowl-edge, we are the first to investigate Skype in the Android devices.
Cyber security threats are still big concerns of the cyber world. Even though many defense techniques have been proposed and used so far, the antivirus (AV) software is very widely used and recommended for the end-users-PC community. Most effective AV products are commercial and thus competitive and it is not obvious for security researchers or system developers how exactly the AV works or how it affects the whole system. The AV adds layers of complications over the already layered, complicated systems. Because there is very little effort in the literature to provide a way for understanding the AV functionality and its performance impact, in this paper we want to shed some light on that direction. To the best of our knowledge, we are the first to present an OS-aware approach to analyse and reason about the AV performance impact. Our results show that the main reason of performance degradation the tasks have with the existence of the AV software is that they mainly spend the extra time waiting on events. Also, the AV in most of our experiments enforces the tasks to spend more time using the CPU. Although there is an overhead from the competition between the tasks and the AV on the CPU, this competition is not a main factor of the overall overhead. Because of the AV intrusiveness, the tasks in our experiments are caused to create more file IO operations, page faults, system calls, and threads.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.