Abstract
This study focuses on digital forensic investigations of the databases used in an instant messenger application. Instant messengers store and manage user data in databases, which can be encrypted for privacy protection. We proposed a method to identify and decrypt an SQLite version 3.40.0 database encrypted using wxSQLite3 version 4.9.1, and then we examined the LINE instant messenger application to validate the proposed method. As a result, we successfully acquired the wxSQLite3 passphrase, which was used to decrypt the database of the LINE messenger application. We also performed artifact analysis to enumerate the data from a digital forensics perspective. To the best of our knowledge, this study is the first to propose a method to identify and decrypt of wxSQLite3-encrypted database and its applications.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
