Android phone forensic: Tools and techniques

Mobile forensic tools and techniques: Android data security

10.18411/2019-2019-2019-00002 ◽

2019 ◽

Cited By ~ 1

Author(s):

A. Mentsiev ◽

M.T. Alams

Keyword(s):

Data Security ◽

Forensic Tools ◽

Tools And Techniques

MEMORY FORENSIC: ACQUISITION AND ANALYSIS OF MEMORY AND ITS TOOLS COMPARISON

International Journal of Engineering Technologies and Management Research ◽

10.29121/ijetmr.v5.i2.2018.618 ◽

2020 ◽

Vol 5 (2) ◽

pp. 90-95

Author(s):

Mital Parekh ◽

Snehal Jani

Keyword(s):

Data Collection ◽

Research Paper ◽

Cyber Crime ◽

Forensic Investigation ◽

Short Period ◽

Cryptographic Keys ◽

Volatile Memory ◽

Forensic Tools ◽

Tools And Techniques ◽

Complete Investigation

The enhancement of technology has led to a considerable amount of growth in number of cases pertaining to cyber-crime and has raised an enormous challenge to tackle it effectively. There are various cyber forensic techniques and tools used to recover data from the devices to tackle cyber-crime. Present research paper focuses on performing memory forensic and analyzes the memory which contains many pieces of information relevant to forensic investigation, such as username, password, cryptographic keys, deleted files, deleted logs, running processes; that can be helpful to investigate the cyber-crime pining down the accused. The three main steps followed in memory forensic are acquiring, analyzing and recovering. Recovery of the evidences of crime from the volatile memory can be possible with the knowledge of different tools and techniques used in memory forensic. However, it is always tough to analyze volatile memory as it stays for a very short period. Not all tools can be used for memory forensic in every situation and therefore, it is important to have the knowledge of tools before applying to solve a particular cyber-crime. It is yet to establish on using a single tool for complete investigation, however, most of the tools used are successful in providing reasonable evidences. The present research paper provides an insight on analyzing the memory that stores relevant data, collection of evidences from the device(s), extraction of essential data using different memory forensic tools, tools useful for various purposes and the best suited tool for a particular situation.

The State of the Art Forensic Techniques in Mobile Cloud Environment

Mobile Computing and Wireless Networks ◽

10.4018/978-1-4666-8751-6.ch092 ◽

2016 ◽

pp. 2111-2131

Author(s):

Muhammad Faheem ◽

Mohand-Tahar Kechadi ◽

Nhien An Le-Khac

Keyword(s):

Cloud Computing ◽

Mobile Cloud Computing ◽

Mobile Cloud ◽

Cloud Environment ◽

Wide Range ◽

Resource Requirements ◽

Digital Forensic Investigations ◽

Forensic Tools ◽

Motivating Factor ◽

Tools And Techniques

Smartphones have become popular in recent days due to the accessibility of a wide range of applications. These sophisticated applications demand more computing resources in a resource constraint smartphone. Cloud computing is the motivating factor for the progress of these applications. The emerging mobile cloud computing introduces a new architecture to offload smartphone and utilize cloud computing technology to solve resource requirements. The popularity of mobile cloud computing is an opportunity for misuse and unlawful activities. Therefore, it is a challenging platform for digital forensic investigations due to the non-availability of methodologies, tools and techniques. The aim of this work is to analyze the forensic tools and methodologies for crime investigation in a mobile cloud platform as it poses challenges in proving the evidence.

DIGITAL EVIDENCE MANIPULATION USING ANTI-FORENSIC TOOLS AND TECHNIQUES

Handbook of Electronic Security and Digital Forensics ◽

10.1142/9789812837042_0021 ◽

2010 ◽

pp. 411-425 ◽

Cited By ~ 2

Author(s):

HAMID JAHANKHANI ◽

ELIDON BEQIRI

Keyword(s):

Digital Evidence ◽

Forensic Tools ◽

Tools And Techniques

THE SUBJECT OF TACTICAL DECISION IN CRIMINALISTICS

Theory and Practice of Forensic Science and Criminalistics ◽

10.32353/khrife.2.2020.03 ◽

2020 ◽

Vol 22 (2) ◽

pp. 41-51

Author(s):

O. Bululukov

Keyword(s):

Decision Maker ◽

Scientific Literature ◽

Tactical Decision ◽

The Will ◽

The Subject ◽

Tactical Decisions ◽

Forensic Tools ◽

Tools And Techniques ◽

Ancient Philosopher

Questions under discussion as to the presence of decisions subject (in particular, of tactical decisions in criminalistics) are considered. An opinion was expressed regarding the subject of tactical decisions in criminalistics. Attention is drawn to the fact that study of the subject of a tactical decision is conditioned by the need to determine its place in the structure of a decision. The appropriate choice of the subject of a tactical decision contributes to the effectiveness of tactical influence and is important for achieving the goal of decision. The Article purpose is to substantiate the presence of subject in a tactical decision and to define it as forms of specific forensic tools and techniques used while crimes investigation. Research methods: formal logical methods of cognition (analysis, synthesis, generalization, analogy). To accomplish the task at hand, the etymology of the term “subject” is considered. Publications of the ancient philosopher Aristotle were the basis of motivation on the presence of the subject in a tactical decision. According to the scientist, “means to achieve the goal” are the subject of a decision. For a detailed study of this issue, some aspects of decision theory are outlined. Emphasis in the study was placed on the fact that in the structure of a decision there is always a goal, for the sake of which decision is taken, and means that contribute to the achievement of this goal. These elements manifest themselves differently in a decision. The goal (as a certain intellectual factor) manifests itself in a decision in the form of what someone “wants to achieve” and that directs actions of a decision-maker. The goal and its achievement are in direct proportion to means chosen to achieve the goal. The mentioned means are “materialized” elements of a decision, which allows them to be attributed to the subject of a decision. The following arguments are outlined in favor of means for achieving the goal of decision as its subject: a) thoughts of a decision-maker are directed at determining the type and quality of means for achieving goal; b) the expression of the will of a person making the decision is aimed at determining the optimal option for the use of certain means; c) implementation of a decision is an action on the application of certain means. To validate his findings, the author analyzed the definitions of a tactical decision available in the scientific literature and isolated the means of achieving the decision goal from their content. In the article conclusion, forensic tools and techniques are listed, which may be the subject of a tactical decision.

Comparative Study and Analysis on Integrity of Data Files Using Different Tools and Techniques

Journal of Information Security and Cybercrimes Research ◽

10.26735/symq8715 ◽

2021 ◽

Vol 4 (1) ◽

pp. 43-54

Author(s):

Kumarshankar Raychaudhuri ◽

M. George Christopher ◽

Nayeem Abbas Hamdani

Keyword(s):

Comparative Study ◽

Data File ◽

Digital Evidence ◽

Forensic Investigation ◽

Digital Devices ◽

Sample Data ◽

Chain Of Custody ◽

Data Files ◽

Forensic Tools ◽

Tools And Techniques

Digital forensic investigation is the scientific process of collection, preservation, examination, analysis, documentation and presentation of digital evidence from digital devices, so that the evidence is in compliance with legal terms and acceptable in a court of law. Integrity of the digital evidence is an indispensable part of the investigation process and should be preserved to maintain the chain of custody. This is done through hashing technique using standardized forensic tools. However, while handling the evidences , lack of knowledge might lead to unintentional alteration of computed hash. This violates the chain of custody and makes the evidence inadmissible in a court of law. In this paper, our objective is to determine the different conditions under which the original hash value of a digital evidence changes. For this, we create different scenarios using sample data files and compute their hash values. A comparative study and analysis are done to determine in which scenario the original hash value of the data file changes. The results of the research will prove useful and essential for Criminal Justice Functionaries in gaining knowledge about various conditions leading to the change in hash value of digital evidence and therefore, avoid its accidental alteration during forensic investigation/examination.

Urge for Novel and Secure Software Framework for Extraction and Decoding of Mobile Artifacts

YMER Digital ◽

10.37896/ymer20.12/56 ◽

2021 ◽

Vol 20 (12) ◽

pp. 589-598

Author(s):

Mr. Bhushan M Manjre ◽

◽

Dr. Krishan Kumar Goyal ◽

Keyword(s):

Cloud Computing ◽

Software Framework ◽

The Novel ◽

Mobile Data ◽

Software Applications ◽

Mobile Forensics ◽

Detailed Survey ◽

Secure Software ◽

Forensic Tools ◽

Tools And Techniques

Mobile Forensics is now days, increasingly becoming more challenging as it is the field of science that is continuously evolving with respect to the rapidly developing technologies and techniques for the extraction of the mobile data and its decoding. Majority of the crimes are getting committed digitally and especially the criminals are preferring mobile handsets than a laptop or desktop machines, leaving the footprints behind which could be evidence against them. The mobile handsets along with their software applications are getting more advanced and sophisticated mainly due to advances in Cloud computing where clouds are used to store data, Anti-forensics where efforts are made to defeat forensic procedures and Encryption which is used to secure the data during transit. But when compared with the pace of development in mobile hardware and software, the forensic tools and techniques are growing very slowly. Hence the contemporary forensic tools and methodologies are becoming increasingly obsolete and hence urges for the advanced forensic tools, methods which could comply with the need of today’s mobile forensics. Hence, this work presents a detailed survey of the contemporary challenges faced by the forensic experts with the current forensic tools and its methodologies and also the need, scope and opportunities associated with the novel and secure software framework that can address the majority of issues occurring while extraction and decoding of mobile artifacts.

The State of the Art Forensic Techniques in Mobile Cloud Environment

International Journal of Digital Crime and Forensics ◽

10.4018/ijdcf.2015040101 ◽

2015 ◽

Vol 7 (2) ◽

pp. 1-19 ◽

Cited By ~ 15

Author(s):

Muhammad Faheem ◽

Tahar Kechadi ◽

Nhien An Le-Khac

Keyword(s):

Cloud Computing ◽

Mobile Cloud Computing ◽

Mobile Cloud ◽

Computing Technology ◽

Wide Range ◽

Resource Requirements ◽

Digital Forensic Investigations ◽

Forensic Tools ◽

Motivating Factor ◽

Tools And Techniques

Smartphones have become popular in recent days due to the accessibility of a wide range of applications. These sophisticated applications demand more computing resources in a resource constraint smartphone. Cloud computing is the motivating factor for the progress of these applications. The emerging mobile cloud computing introduces a new architecture to offload smartphone and utilize cloud computing technology to solve resource requirements. The popularity of mobile cloud computing is an opportunity for misuse and unlawful activities. Therefore, it is a challenging platform for digital forensic investigations due to the non-availability of methodologies, tools and techniques. The aim of this work is to analyze the forensic tools and methodologies for crime investigation in a mobile cloud platform as it poses challenges in proving the evidence.

The State of the Art Forensic Techniques in Mobile Cloud Environment

Web-Based Services ◽

10.4018/978-1-4666-9466-8.ch103 ◽

2016 ◽

pp. 2324-2344

Author(s):

Muhammad Faheem ◽

Mohand-Tahar Kechadi ◽

Nhien An Le-Khac

Keyword(s):

Cloud Computing ◽

Mobile Cloud Computing ◽

Mobile Cloud ◽

Cloud Environment ◽

Wide Range ◽

Resource Requirements ◽

Digital Forensic Investigations ◽

Forensic Tools ◽

Motivating Factor ◽

Tools And Techniques

Smartphones have become popular in recent days due to the accessibility of a wide range of applications. These sophisticated applications demand more computing resources in a resource constraint smartphone. Cloud computing is the motivating factor for the progress of these applications. The emerging mobile cloud computing introduces a new architecture to offload smartphone and utilize cloud computing technology to solve resource requirements. The popularity of mobile cloud computing is an opportunity for misuse and unlawful activities. Therefore, it is a challenging platform for digital forensic investigations due to the non-availability of methodologies, tools and techniques. The aim of this work is to analyze the forensic tools and methodologies for crime investigation in a mobile cloud platform as it poses challenges in proving the evidence.

Memory Based Anti-Forensic Tools and Techniques

Pervasive Information Security and Privacy Developments ◽

10.4018/978-1-61692-000-5.ch013 ◽

2010 ◽

pp. 184-199

Author(s):

Hamid Jahankhani ◽

Elidon Beqiri

Keyword(s):

Computer Forensics ◽

Digital Evidence ◽

The Creation ◽

Volatile Memory ◽

Forensic Tools ◽

Tools And Techniques ◽

Computer Forensic

Computer forensics is the discipline that deals with the acquisition, investigation, preservation and presentation of digital evidence in the court of law. Whereas anti-forensics is the terminology used to describe malicious activities deployed to delete, alter or hide digital evidence with the main objective of manipulating, destroying and preventing the creation of evidence .Various anti-forensic methodologies and tools can be used to interfere with digital evidence and computer forensic tools. However, memory-based anti-forensic techniques are of particular interest because of their effectiveness, advanced manipulation of digital evidence and attack on computer forensic tools. These techniques are mainly performed in volatile memory using advanced data alteration and hiding techniques. For these reasons memory-based anti-forensic techniques are considered to be unbeatable. This chapter aims to present some of the current anti-forensic approaches and in particular reports on memory-based anti-forensic tools and techniques.