An Analysis of the Digital Forensic Examination of Mobile Phones

The fast-growing nature of instant messaging applications usage on Android mobile devices brought about a proportional increase on the number of cyber-attack vectors that could be perpetrated on them. Android mobile phones store significant amount of information in the various memory partitions when Instant Messaging (IM) applications (WhatsApp, Skype, and Facebook) are executed on them. As a result of the enormous crimes committed using instant messaging applications, and the amount of electronic based traces of evidence that can be retrieved from the suspect’s device where an investigation could convict or refute a person in the court of law and as such, mobile phones have become a vulnerable ground for digital evidence mining. This paper aims at using forensic tools to extract and analyse left artefacts digital evidence from IM applications on Android phones using android studio as the virtual machine. Digital forensic investigation methodology by Bill Nelson was applied during this research. Some of the key results obtained showed how digital forensic evidence such as call logs, contacts numbers, sent/retrieved messages, and images can be mined from simulated android phones when running these applications. These artefacts can be used in the court of law as evidence during cybercrime investigation.

Download Full-text

Standardizing digital forensic examination procedures: A look at Windows 10 in cases involving images depicting child sexual abuse

Wiley Interdisciplinary Reviews Forensic Science ◽

10.1002/wfs2.1417 ◽

2021 ◽

Author(s):

Graeme Horsman

Keyword(s):

Sexual Abuse ◽

Child Sexual Abuse ◽

Digital Forensic ◽

Forensic Examination

Download Full-text

Two Models of Digital Forensic Examination

2009 Fourth International IEEE Workshop on Systematic Approaches to Digital Forensic Engineering ◽

10.1109/sadfe.2009.8 ◽

2009 ◽

Cited By ~ 13

Author(s):

Fred Cohen

Keyword(s):

Digital Forensic ◽

Forensic Examination

Download Full-text

Digital Forensic Science: A Manifesto

South African Computer Journal ◽

10.18489/sacj.v28i2.442 ◽

2016 ◽

Vol 28 (2) ◽

Cited By ~ 2

Author(s):

Martin S Olivier

Keyword(s):

Forensic Science ◽

Forensic Sciences ◽

Digital Forensic ◽

Forensic Examination ◽

The Family

Forensic examination of evidence holds the promise of making claims about the truth of certain propositions with the inherent accuracy and reliability that characterises scientific endeavours. The propositions may relate to the artefacts examined or related artefacts. The nature of propositions about which claims can be made depend on the extent to which given propositions fall within the ambit of scientific knowledge and on the extent to which the examined evidence is suitable for the application of established science. A continuing series of incidents illustrate that in many forensic disciplines that promise is not met — often because some branch of forensic science happen to not being scientific at all. In fact, serious assessments of forensic science have shown that many (if not most) branches of forensic science are not scientifically valid. Digital forensic science is one of the newest members of the family of forensic sciences. A number of reasons for concern exist that it is following in the footsteps of its more established footsteps and repeating many of the mistakes of those other branches of forensic science. This viewpoint is written in the form of a manifesto that is situated in the current discourse about digital forensic science and practice. If challenges the current developments in digital forensic science by positing a number of demands that digital forensic science have to meet to be deemed scientific. The demands are posited as necessary, but not sufficient to ensure that digital forensic science uses science to contribute to justice. Appropriate responses to the manifesto is a change in digital forensic developments or an informed debate about the issues raised in the manifesto.

Download Full-text

Investigasi Aplikasi Messager Pada Smartphone Berbasis Android

Jurnal Rekayasa Sistem & Industri (JRSI) ◽

10.25124/jrsi.v4i02.147 ◽

2016 ◽

Vol 4 (02) ◽

Author(s):

Haris Richard Adrian Taruma Selej

Keyword(s):

Mobile Phone ◽

Mobile Phones ◽

Digital Forensics ◽

Text Message ◽

Forensic Investigation ◽

Communication Tool ◽

Basic Principles ◽

Digital Forensic ◽

Considerable Distance

in the era of technology has greatly advanced, mobile phones have become a necessity and a means of communicating with each other. even though they are separated by a considerable distance, no longer need to spend the time to meet physically. This reason also makes the phone as the primary choice for criminals to communicate. communication used a variety of purposes, such as positive or negative. In 2010, digital forensic analyst team has examined such as network Puslabfor drugs, pornography, gambling, corruption, defamation, fraud, bribery, and others. Of these, as many as 118 types of mobile phones in the form of evidence. It means that offenders still consider mobile phones as a primary communication tool. Digital forensic analysts and investigators, it shall be able to anticipate these things, so that when there is evidence of mobile phone, which was confiscated from criminals, can be checked properly in accordance with the basic principles of digital forensics. This study uses DFIF (Digital Forensic Investigation Framework) smartphone investigation by searching for evidence of a conversation via text message. the results of the investigation evidence to prove the offender information, the information will be presented in the form of a forensic report which will be used as evidence in court.

Download Full-text

A practical and robust approach to coping with large volumes of data submitted for digital forensic examination

Digital Investigation ◽

10.1016/j.diin.2013.04.003 ◽

2013 ◽

Vol 10 (2) ◽

pp. 116-128 ◽

Cited By ~ 23

Author(s):

Adrian Shaw ◽

Alan Browne

Keyword(s):

Robust Approach ◽

Digital Forensic ◽

Forensic Examination

Download Full-text

Analisis Kelayakan Integrated Digital Forensics Investigation Framework Untuk Investigasi Smartphone

Jurnal Buana Informatika ◽

10.24002/jbi.v7i4.767 ◽

2016 ◽

Vol 7 (4) ◽

Cited By ~ 1

Author(s):

Ruuhwan Ruuhwan ◽

Imam Riadi ◽

Yudi Prayudi

Keyword(s):

Digital Forensics ◽

Electronic Media ◽

Digital Data ◽

Digital Evidence ◽

Forensic Investigation ◽

Digital Forensic ◽

Forensic Examination ◽

Different Types ◽

Valid Evidence

Abstract. The handling of digital evidence each and every digital data that can proof a determination that a crime has been committed; it may also give the links between a crime and its victims or crime and the culprit. How to verify a valid evidence is to investigate using the approach known as the Digital Forensic Examination Procedures. Integrated Digital Forensic Investigation Framework (IDFIF) is the latest developed method, so that it is interesting to further scrutinize IDFIF, particularly in the process of investigation of a smartphone. The current smartphone devices have similar functions with computers. Although its functions are almost the same as the computer, but there are some differences in the process of digital forensics handling between computer devices and smartphones. The digital evidence handling process stages need to overcome the circumstances that may be encountered by an investigator involving digital evidence particularly on electronic media and smartphone devices in the field. IDFIF needs to develop in such a way so it has the flexibility in handling different types of digital evidence.Keywords: digital evidence, IDFIF, investigation, smartphoneAbstraks. Penanganan bukti digital mencakup setiap dan semua data digital yang dapat menjadi bukti penetapan bahwa kejahatan telah dilakukan atau dapat memberikan link antara kejahatan dan korbannya atau kejahatan dan pelakunya. Cara pembuktian untuk mendapatkan bukti valid adalah dengan melakukaninvestigasi dengan pendekatan Prosedur Pemeriksaan Digital Forensic. Integrated Digital Forensics Investigation Framework (IDFIF) merupakan metode terbaru sehingga IDFIF ini menarik untuk diteliti lebih lanjut terutama dalam proses investigasi smartphone. Saat ini perangkat smartphone memiliki fungsi yang sama dengan komputer. Meskipun demikian, ada beberapa perbedaan dalam proses penanganan digital forensics diantara perangkat komputer dan smartphone. Tahapan proses penanganan barang bukti digital seharusnya dibuat untuk mengatasi keadaan umum yang mungkin dihadapi oleh investigator yangmelibatkan barang bukti digital terutama pada perangkat smartphone dan media elektronik terkait di lapangan. IDFIF perlu dikembangkan sehingga memiliki fleksibilitas dalam menangani berbagai jenis barang bukti digital.Kata Kunci: bukti digital, IDFIF, investigasi, smartphone

Download Full-text