Mobile Device Forensics
SciFed Journal of Forensics mainly focus on cybercrime, crime investigation, digital forensics, mobile tracing.
Throughout the year 2016, the Computer Crimes and Intellectual Property Section (CCIPS) Cybercrime Lab saw an increase in the number of supports and inquires relating to mobile devices. These inquiries include questions about how data is stored, whether the data is recoverable, and whether you can get the data if the device is locked.
Since the release of the first smartphones, Apple’s original iPhone (running iPhone OS) and HTC’s Dream G1 (running Android 1.0), consumers entrust their lives to mobile devices. In a 2015 survey conducted by the Pew Research Center, 92 percent of people in the United States owned a cellphone, and 68 percent owned a smart phone. PEW RESEARCH CTR., DEVICE OWNERSHIP (2015). That averages out to almost one mobile device per person in the United States.
How does this effect law enforcement? With mobile devices allowing consumers to communicate, socialize, bank, shop, navigation, start their car, track their health, and monitor their in home surveillance cameras, a plethora of information is contained on these devices. Just about every crime being committed has the potential to have the involvement of a mobile device, but the investigation team must first recognize the mobile device—whether it is a watch, phone, or tablet—and then preserve the data for collection and analysis. While it is getting more difficult to bypass security features in mobile devices, the Cybercrime Lab can assist you in determining your options
Mobile devices contain more than just call logs and text messages; they contain a plethora of information, some in the device and some in the cloud. Working with the investigative team to locate and preserve the cloud and web-based accounts will help provide a better picture of the subject’s life.
With your locked devices, remember that if it is not supported today, check back or contact the CCIPS Cybercrime Lab for updates and possible solutions. With this ever-changing time, devices not supported last week could be supported next week.
Most mobile device forensic reports come with a list of application SQLite databases identified on the phone. This list needs to be reviewed to see if the database was decoded. While it is not common for commercial tools to miss supported databases, an update from the app builder could influence whether the tool worked properly. Third-party tools can assist in looking deeper into databases if the need arises.
The above Article originally got published at SciFed Journal of Forensics in 2017,To have a glance please visit: Click Here
0 comments: