Search for Articles:
International Journal of Information Technology and Computer Science (IJITCS)

IJITCS Vol. 8, No. 1, 8 Jan. 2016

Cover page and Table of Contents: PDF (size: 386KB)

MECS Press Journal

Comparative Evaluation of Mobile Forensic Tools

Full Text (PDF, 386KB), PP.74-83

Views: 0 Downloads: 0

Author(s)

Oluwafemi Osho 1,* Sefiyat Oyiza Ohida 2

1. Department of Cyber Security Science, Federal University of Technology, Minna

2. African University of Science and Technology, Nigeria

* Corresponding author.

DOI: https://doi.org/10.5815/ijitcs.2016.01.09

Received: 3 May 2015 / Revised: 11 Aug. 2015 / Accepted: 6 Oct. 2015 / Published: 8 Jan. 2016

Index Terms

Mobile, mobile phone, smartphone, forensics, digital investigation, digital evidence

Abstract

Mobile technology, over the years, has improved tremendously in sophistication and functionality. Today, there are mobile phones, known as smartphones, that can perform virtually most functions associated with personal computers. This has translated to increase in the adoption of mobile technology. Consequently, there has been an increase in the number of attacks against and with the aid of this technology. Mobile phones will often contain data that are needed as evidence in a court of law. And, therefore, the need to be able to acquire and present this data in an admissible form cannot be overemphasized. This requires the right forensic tools. This is the focus of this study. We evaluated the ability of four forensic tools to extract data, with emphasis on deleted data, from Android phones. Our results show that AccessData FTK Imager and EnCase performed better than MOBILedit Forensic and Oxygen Forensic Suite at acquiring deleted data. The conclusion is that, finding a forensic tool or toolkit that is virtually applicable across all mobile device platforms and operating systems is currently infeasible.

Cite This Paper

Oluwafemi Osho, Sefiyat Oyiza Ohida, "Comparative Evaluation of Mobile Forensic Tools", International Journal of Information Technology and Computer Science(IJITCS), Vol.8, No.1, pp.74-83, 2016. DOI:10.5815/ijitcs.2016.01.09

Reference

[1]ITU. Mobile_cellular_2000-2012. Retrieved from http://www.itu.int/en/ITU-D/Statistics/Documents/statistics/2013/Mobile_cellular_2000-2012.xls

[2]Iovation. Fighting Mobile Fraud: Protecting Businesses and Consumers from Cybercrime. Retrieved from https://s3.amazonaws.com/content.iovation.com/white-papers/PDF/iovation-mobile-fraud-white-paper.pdf (2012).

[3]Ruggiero P, and Foote J. Cyber Threats to Mobile Phones. 2011. Retrieved August 20, 2014, from https://www.us-cert.gov/sites/default/files/publications/cyber_threats-to_mobile_phones.pdf.

[4]Felt A P, Finifter M, Chin E, Hanna S, and Wagner D, A Survey of Mobile Malware in the Wild. Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices. ACM, 2011, 3 – 14.

[5]Enck W, Ongtang M, and McDaniel P. On lightweight mobile phone application certification. Proceedings of the 16th ACM conference on Computer and communications security. ACM, 2009.

[6]Willassen S Y. Forensics and the GSM Mobile Telephone System. International Journal of Digital Evidence, 2003, 2(1), 1 – 17.

[7]Barmpatsalou K, Damopoulos D, Kambourakis G, and katos V. A Critical Review of 7 Years of Mobile Device Forensics. Digital Investigation, 2013, 10, 323 – 349.

[8]Sridhar N, Bhaskari D L, and Avadhani P. Plethora of Cyber Forensics. International Journal of Advanced Computer Science and Applications, 2011, 2(11), 110 – 114.

[9]Sindhu K K, and Meshram B B. Digital Forensic Investigation Tools and Procedures. International Journal of Computer Network and Information Security, 2012, 4, 39-48, doi: 10.5815/ijcnis.2012.04.05.

[10]Vishal R A, and Meshram B B. Digital Forensic Tools. IOSR Journal of Engineering, 2012, 2(3), 392-398.

[11]Umale M N, Deshmukh A B, and Tambhakhe M D. Mobile Phone Forensics Challenges and Tools Classification: A Review. International Journal on Recent and Innovation Trends in Computing and Communication, 2014, 2(3), 622 – 626.

[12]Casey E, and Turnbull B. Digital evidence on mobile devices. Eoghan Casey, Digital Evidence and Computer Crime. Third Edition. Forensic Science, Computers, and the Internet, Academic Pres (2011).

[13]Willassen S Y. Forensic analysis of mobile phone internal memory. Advances in Digital Forensics. Springer US, 2005. 191-204.

[14]Mokhonoana P M, and Olivier M S. Acquisition of a Symbian Smartphone’s Content with an On-Phone Forensic Tool.  In Proceedings of the Southern African Telecommunication Networks and Applications Conference, 2007, 8. Retrieved from mo.co.za/open/symbianfor.pdf.

[15]Brothers S., Cell Phone and GPS Forensic Tool Classification System. 2009, Retrieved from http://www.mobileforensicsworld.org/2009/presentations/MFW2009_BROTHERS_CellPhoneandGPS  ForensicToolClassificationSystem.pdf.

[16]Ahmed R, and Dharaskar R V. Mobile forensics: an overview, tools, future trends and challenges from law enforcement perspective. 6th International Conference on E-Governance (ICEG), Emerging Technologies in E-Government, M-Government, 2008, 312 – 323 (2008).

[17]Lutes K D, and Mislan R P. Challenges in Mobile Phone Forensics. Proceeding of the 5th International Conference on Cybernetics and Information Technologies, Systems, and Applications (2008).

[18]Distefano A, and Me G. An overall assessment of Mobile Internal Acquisition Tool. Digital Investigation, 2008, 5, 121 – 127.

[19]Mohtasebi S H, Dehghantanha A, and Broujerdi H G. Smartphone Forensics: A Case Study with Nokia E5-00 Mobile Phone. International Journal of Digital Information and Wireless Communications, 2011, 1(3), 651 – 655.

[20]Pooters I. Full User Data Acquisition from Symbian Smart Phones. Digital Investigation, 2010, 6, 125 – 135.

[21]Lessard J, and Kessler G C. Android Forensics: Simplifying Cell Phone Examinations. Small Scale Digital Device Forensics Journal, 2010, 4(1), 1 – 12.

[22]Sack S, Kroger K, and Creutzburg R. Overview of Potential analysis of an Android Smartphone.  IS&T/SPIE Electronic Imaging, pp. 83040M-83040M. International Society for Optics and Photonics, 2012. doi:10.1117/12.909657.

[23]Mubarak A, and Ali A. Smartphone Forensics Analysis: A Case Study. International Journal of Computer and electronic Engineering, 2013, 5(6), 576 – 580.

[24]Al Mutawa N, Baggili I, and Marrington A. Forensic Analysis of Social Networking Applications on mobile devices. Digital Investigation, 2012, 9, 24 – 33.

[25]Schwamm R, and Rowe N C. Effects of the factory reset on mobile devices. Journal of Digital Forensics, Security and Law, 2014, 9(2), 205-220.

[26]Williamson B, Apeldoorn P, Cheam B, and McDonald M. Forensic Analysis of the contents of Nokia Mobile Phones. 4th Australian Digital Forensics conference, 2006, 36.

[27]Casey E, Bann M, and Doyle J. Introduction to Windows Mobile Forensics. Digital Investigation, 2010, 6, 136 – 146.

[28]Jonkers K. The Forensic Use of Mobile Phone Flasher Boxes. Digital Investigation, 2010, 6, 168 – 178.

[29]www.samsung.com

[30]GSMArena. http://www.gsmarena.com/compare.php3?idPhone1=4612&idPhone2=5666#results

[31]http://www.mobiledit.com/phones?MANUFACTURER_ID=315

[32]http://www.mobiledit.com/phones?MANUFACTURER_ID=7

Subscribe to receive issue release notifications and newsletters from MECS Press journals