Forensic Investigation of OneDrive, Box, GoogleDrive and Dropbox Applications on Android and iOS Devices

Hi All,

Another research result of our research team in cloud forensics is published in Australian Journal of Forensics Sciences  titled "Forensic Investigation of OneDrive, Box, GoogleDrive and Dropbox Applications on Android and iOS Devices" - following is the paper abstract 

"In today's Internet-connected world, mobile devices are increasingly used to access cloud storage services, which allow users to access data anywhere, anytime. Mobile devices have, however, been known to be used and/or targeted by cyber criminals to conduct malicious activities, such as data exfiltration, malware, identity theft, piracy, illegal trading, sexual harassment, cyber stalking and cyber terrorism. Consequently, mobile devices are an increasing important source of evidence in digital investigations. In this paper, we examine four popular cloud client apps, namely OneDrive, Box,GoogleDrive, and Dropbox, on both Android and iOS platforms (two of the most popular mobile operating systems). We identify artifacts of forensic interest, such as information generated during login, uploading, downloading, deletion, and the sharing of files. These findings may assist forensic examiners and practitioners in real world examination of cloud client applications on Android and iOS platforms."

Here is authors pre-print version of the paper and final version of the paper.  

Please cite the paper as:

  • Farid Daryabar; Ali Dehghantanha; Brett Eterovic-Soric,Kim-Kwang Raymond Choo, "Forensic Investigation of OneDrive, Box, GoogleDrive and Dropbox Applications on Android and iOS Devices", Australian Journal of Forensic Sciences, 2016 (JCR IF 2014: 0.583), DOI:10.1080/00450618.2015.1110620


Ali Dehghantanha

Dr. AliDehghantanha ( has served for more than a decade in a variety of industrial and academic positions with leading players in Cyber-Security and E-Commerce. He has long history of working in different areas of computer security as security researcher, malware analyzer, penetration tester, security consultant, professional trainer, and university lecturer. Ali is imminently qualified in the field of cyber security; he has an EU Marie Curie post-doctoral fellowship in cyber forensics (the Marie Curie Fellowships are Europe’s most competitive and prestigious award), Ph.D in Security in Computing and a number of professional qualifications namely SANS-GIAC Exploit Researcher and Advanced Penetration Tester (GXPN), SANS-GIAC Reverse Engineering Malware (GREM), SANS-GIAC Certified Forensics Analyst (GCFA), CCFP (Certified Cyber Forensic Professional), CISSP (Certified Information Systems Security Professional), and CEH (Certified Ethical Hacker). Ali is a fellow of the UK Higher Education Academy (HEA) and served as a keynote speaker for a number of security conferences namely the International Conference on Information Security and Cyber Forensics (InfoSec2015) speaking about “Detection and analysis IoT Malwares" at Cape-Town, South Africa, keynote speaker at the International Conference on Information Security and Digital Forensics (ISDF2015) speaking on "Efficient Analysis of Malware Campaigns" at Kuala Lumpor, Malaysia and invited speaker for ISACA EuroCACS/ISRM 2015 speaking about "Finding the Needle in Internet of Everything Haystack" at Copenhagen, Denmark. In 2015, he was an invited speaker for ISACA North-West UK meeting and talked about "Strategic Cyber Threat Intelligence".  He was one of the lead editors for Elsevier book titled “Contemporary digital forensic investigations of cloud and mobile applications” and a guest editor for a special issue on “Internet of Things: Security and Forensics Trends and Challenges” in the Elsevier Future Generation Computer Systems journal, guest editor for a special issue on "Big Data Applications in Cyber Security and Threat Intelligence" in IEEE Transactions on Big Data.  Ali is the founder of annual “International Conference in Cyber-Security, Cyber Warfare and Digital Forensics (CyberSec)” and served as editor in chief for the International Journal of Cyber Security and Digital Forensics (IJCSDF) between Jan 2012 to Jan 2015!