刑事技术2025,Vol.50Issue(5):457-462,6.DOI:10.16467/j.1008-3650.2024.0059
涉案即时通信app调证线索挖掘与数据分析
Forensic Clue Mining and Data Analysis of Malicious Instant Messaging Apps Involved in Cases
摘要
Abstract
In recent years,telecommunications fraud cases have become increasingly prevalent,with criminals continuously refining their fraud tactics.From initially exploiting mainstream instant messaging platforms like WeChat and QQ,perpetrators have shifted to luring victims into specially crafted apps.To streamline development and reduce costs,criminals embed third-party SDK interface codes into these illicit apps,with IM(Instant Messaging)services being a common type.In these novel fraud scenarios,conducting both dynamic and static analyses of the chat-focused apk files involved can yield valuable forensic leads regarding IM services and access databases containing crucial information for investigation and prosecution.This article,taking the Android system as an example,meticulously outlines the process of mining forensic clues from instant messaging apps and subsequent data analysis,encompassing technical principles,analysis and processing steps,and case applications.It emphasizes techniques such as extracting key values through apk static analysis,validating those keys via dynamic packet capture,and utilizing SQL queries to sift through and analyze chat logs,thereby offering a professional methodological reference for evidence gathering in related cases.关键词
即时通信/apk/静态分析/动态网络抓包/SQL/伪加密Key words
instant messaging(IM)/apk/static analysis/dynamic network packet capture/SQL/pseudo-encryption分类
社会科学引用本文复制引用
任风凯,张冬,庞然,冯冉..涉案即时通信app调证线索挖掘与数据分析[J].刑事技术,2025,50(5):457-462,6.基金项目
山东省重点研发计划(重大科技创新工程)(2021CXGC011305) (重大科技创新工程)
