Application Analysis

Introduction:

The Application Analysis team is a group of technical interns at the Leahy Center for Digital Investigation. The LCDI offers  great opportunities for students to gain knowledge and skills in digital forensics and cybersecurity. This project is how four intern students have gone about testing some consumer mobile tracking & monitoring software.

Experience:

The Application Analysis team has currently been researching four different mobile tracking & monitoring programs available in today’s market. The programs we are looking at are mSpy, FlexiSpy, Mobistealth, and Highster Mobile. We are researching the specifications that each of these applications claims to have. We have five Nexus 7 tablets, four of which are rooted using Nexus Root Toolkit and one that is being used as the control device. A control device is a device that you leave in its original state to compare with other devices so you can see what has changed. Sometimes unexpected things will change and that is how you can confirm that it has been altered. We have a laptop that is being used to monitor the traffic via WireShark and also used as the control panel for the software.   

Our team is using the following apps: Google Hangouts, Facebook, Facebook Messenger, Kik, and Skype. We are generating data by sending information between the rooted device and the control device using these various applications. We are seeing if we are able to view all the information that we generated and are checking on whether any data is not collected.

In addition, we are testing if video calls are recorded and sent to the parents’ account. We have set a keyword to test the capability of specific programs to see if it alerts the parent when the keyword is used. Since the first program that we tested has the capability of Geo-Fencing, we decided to test for this capability as well. Geo-fencing means if a device leaves a certain location, there would be an alert sent to notify the parent that the device has left the specified location.

Conclusion:

We have created a variety of questions that we would like to look further into with each of the programs, including if the software can be hidden on the device. Stay tuned to read further updates on this project and the information we continue to gather from our devices.

 

To learn more about this and other blogs of the LCDI visit us here: LCDI Blog.

Stay in the loop on our current and upcoming projects and events by following us on Facebook,  Twitter, or Instagram.