Proposal / Submission Type
Peer Reviewed Paper
Abstract
Uber is a ride-hailing smartphone application (app) that allows users to order a ride in a highly efficient manner. The Uber app provides Mobility as a Service and allows users to easily order a ride in a private car with just a few clicks. Uber stores large amounts of data on both the mobile device the app is being used on, and in the cloud. Examples of this data include geolocation data, date/time, origin/destination addresses, departure/arrival times, and distance. Uber geolocation data has been previously researched to investigate the privacy of the Uber app; however, there is minimal research relating to the other data the Uber app collects. Because this data could be of significance in a forensic investigation, it is important to determine where the majority of the Uber data are stored, either in the cloud or on the mobile device itself, and if one of these storage locations contains more information than the other. In this study, we analyzed the Uber app by forensically imaging the iPhone running the Uber app in three different acquisition phases. The different acquisitions allowed us to compare the data before and after data population, determine where the majority of the Uber data are stored, and determine if jailbreaking the iPhone provided more data than the previous acquisitions. Obtaining and analyzing the data in this study was done using Magnet AXIOM and Cellebrite forensic software suites.
Scholarly Commons Citation
Matulis, Nina and Karabiyik, Umit, "Digital Forensics for Mobility as A Service Platform: Analysis of Uber Application on iPhone and Cloud" (2022). Annual ADFSL Conference on Digital Forensics, Security and Law. 5.
https://commons.erau.edu/adfsl/2022/presentations/5
Included in
Aviation Safety and Security Commons, Computer Law Commons, Defense and Security Studies Commons, Forensic Science and Technology Commons, Information Security Commons, National Security Law Commons, OS and Networks Commons, Other Computer Sciences Commons, Social Control, Law, Crime, and Deviance Commons
Digital Forensics for Mobility as A Service Platform: Analysis of Uber Application on iPhone and Cloud
Uber is a ride-hailing smartphone application (app) that allows users to order a ride in a highly efficient manner. The Uber app provides Mobility as a Service and allows users to easily order a ride in a private car with just a few clicks. Uber stores large amounts of data on both the mobile device the app is being used on, and in the cloud. Examples of this data include geolocation data, date/time, origin/destination addresses, departure/arrival times, and distance. Uber geolocation data has been previously researched to investigate the privacy of the Uber app; however, there is minimal research relating to the other data the Uber app collects. Because this data could be of significance in a forensic investigation, it is important to determine where the majority of the Uber data are stored, either in the cloud or on the mobile device itself, and if one of these storage locations contains more information than the other. In this study, we analyzed the Uber app by forensically imaging the iPhone running the Uber app in three different acquisition phases. The different acquisitions allowed us to compare the data before and after data population, determine where the majority of the Uber data are stored, and determine if jailbreaking the iPhone provided more data than the previous acquisitions. Obtaining and analyzing the data in this study was done using Magnet AXIOM and Cellebrite forensic software suites.
