Multi-platform Process Flow Models and Algorithms for Extraction and Documentation of Digital Forensic Evidence from Mobile Devices
Abstract
The increasing need for the examination of evidence from mobile and portable gadgets increases the essential need to establish dependable measures for the investigation of these gadgets. Many differences exist while detailing the requirement for the examination of each gadget to help detectives and examiners in guaranteeing that any kind of evidence extracted/ collected from any mobile device is well documented and the outcomes can be repeatable, a reliable and well-documented investigation process must be implemented if the results of the examination are to be repeatable and defensible in courts of law. In this paper, we developed a generic process flow model for the extraction of digital evidence in mobile devices running on Android, Windows, iOS, and Blackberry operating systems. The research adopted a survey approach and extensive literature review as a means to collect data. The models developed were validated through expert opinion. Results of this work can guide solution developers in ensuring the standardization of evidence extraction tools for mobile devices.
Downloads
References
ITU, “HIPCAR Establishment of Harmonized Policies for the ICT Market in the ACP countries Cybercrime/e-Crimes: Model Policy Guidelines & Legislative Texts Geneva, 2013 CARICOM.”.
C. A. Murphy, “Developing Process for Mobile Device Forensics” Accessed on, Vol. 11. 2013.
J. Son, “Social Network Forensics: evidence extraction tool capabilities,” (Doctoral dissertation, Auckland University of Technology), 2012.
J. T. Ami-Narh and P. A. H. Williams, “Digital forensics and the legal system: A dilemma of our times,” 6th Aust. Digit. Forensics Conf., pp. 30–40, 2008.
S. Saleem, O. Popov, and A. Kubi, “Evaluating and Comparing Tools for Mobile Device Forensics using Quantitative Analysis,” Digit. Forensics Cyber Crime Lect. Notes Inst. Comput. Sci. Soc. Informatics Telecommun. Eng., vol. 114, no. 1, pp. 264–282, 2013.
T. Mehrotra and B. M. Mehtre, “Forensic analysis of Wickr application on android devices,” 2013 IEEE Int. Conf. Comput. Intell. Comput. Res. IEEE ICCIC 2013, pp. 2–7, 2013.
S. Almulla, Y. Iraqi, and A. Jones, “A distributed snapshot framework for digital forensics evidence extraction and event reconstruction from cloud environment,” Proc. Int. Conf. Cloud Comput. Technol. Sci. CloudCom, vol. 1, pp. 699–704, 2013.
B. Martini and K. K. R. Choo, “An integrated conceptual digital forensic framework for cloud computing,” Digit. Investig., vol. 9, no. 2, pp. 71–80, 2012.
M. A. Frempong and K. K. Hiran, “Awareness and Understanding of Computer Forensics in the Ghana Legal System,” Int. J. Comput. Appl., vol. 89, no. 20, pp. 975–8887, 2014.
R. Ayers, S. Brothers, and W. Jansen, “NIST Special Publication 800-101 Revision 1: Guidelines on Mobile Device Forensics,” NIST Spec. Publ., vol. 1, no. 1, p. 85, 2014.
A. Srivastava and P. Vatsal, “Forensic Importance of SIM Cards as a Digital Evidence,” J. Forensic Res., vol. 07, no. 02, pp. 2–5, 2016.
D. B. Garrie, J. D. Morrissy, Z. Ellman, and K. Llp, “Digital Forensic Evidence in the Courtroom: Understanding Content and Quality,” Northwest. J. Technol. Intellect. Prop., vol. 12, no. 2, pp. 122–128, 2014.
S. Daware, S. Dahake, and V. M. Thakare, “Mobile forensics: Overview of digital forensic, computer forensics vs mobile forensics and tools,” Int. J. Comput. Appl., vol. 2012, pp. 7–8, 2012.
S. Rahman, Shaheed Zulfikar Ali Bhutto Institute of Science and Technology, Islamabad, Pakistan, and M. N. A. Khan, “Digital forensics through application behavior analysis,” Int. j. mod. educ. comput. sci., vol. 8, no. 6, pp. 50–56, 2016.
F. Freiling and M. Gruhn, “What is Essential Data in Digital Forensic Analysis?,” 2015 Ninth Int. Conf. IT Secur. Incid. Manag. IT Forensics, pp. 40–48, 2015.
R. Ahmed, R. Dharaskar, and V. Thakare, “Digital evidence extraction and documentation from mobile devices,” Int. J. Adv. Res. Comput. Commun. Eng., vol. 2, no. 1, pp. 1019–1024, 2013.
S. L. Garfinkel, “Effective Digital Forensics Research is nvestigator-centric,” Digit. Investig., vol. 7, pp. S64–S73, 2010.
J. M. Klein and D. Baker, “American bar association,” vol. 46, no. 3, pp. 373–378, 2000.
M. Yates and H. Chi, “A framework for designing benchmarks of investigating digital forensics tools for mobile devices,” Proc. 49th Annu. Southeast Reg. Conf. - ACM-SE ’11, p. 179, 2011.
S. Yadav, K. Ahmad, and J. Shekhar, “Analysis of Digital Forensic Tools and Investigation Process,” High Perform. Archit. Grid, pp. 435–441, 2011.
O. Bongomin, G. Gilibrays Ocen, E. Oyondi Nganyi, A. Musinguzi, and T. Omara, “Exponential Disruptive Technologies and the Required Skills of Industry 4.0,” J. Eng., vol. 2020, pp. 1– 17, 2020. https://doi.org/10.1155/2020/4280156
F. Jafari and R. S. Satti, “Comparative Analysis of Digital Forensic Models,” J. Adv. Comput. Networks, vol. 3, no. 1, pp. 82–86, 2015.
R. S. Satti and F. Jafari, “Reviewing Existing Forensic Models to Propose a Cyber Forensic Investigation Process Model for Higher Educational Institutes,” Int. J. Comput. Netw. Inf. Secur., vol. 7, no. 5, pp. 16–24, 2015.
S. Karthick and S. Binu, “Android security issues and solutions,” in IEEE International Conference on Innovative Mechanisms for Industry Applications, ICIMIA 2017 - Proceedings, pp. 686–689, 2017.
M. Elyas, S. B. Maynard, A. Ahmad, and A. Lonie, “Towards a Systematic Framework for Digital Forensic Readiness,” J. Comput. Inf. Syst., vol. 54, no. 3, pp. 97–105, 2014.
R. V Krejcie and D. W. Morgan, “Determining Sample Size for Research Activities Robert,” Educ. Psychol. Meas., vol. 38, no. 1, pp. 607–610, 1970.
C. Kothari, Research methodology: methods and techniques. 2004.
C. B. Perry R, Hinton, Isabella McMurray, SPSS Explained Second Edition. 2014.
L. Cohen, L. Manion, and K. Morrison, Research methods in education, 3rd ed. London, England: Routledge, 1989.
L. Spencer, J. Ritchie, J. Lewis, and L. Dillon, “Quality in qualitative evaluation: a framework for assessing research evidence (supplemetary Magenta Book guidance),” Natl. Cent. Soc. Res., no. December, 2003.
I. M. Kisembo et al., “An Algorithm for Improving Email Security on the Android Operating System in the Industry 4.0 Era,” J. Eng., vol. 2021, pp. 1–8, Nov. 2021.
ITU-HIPCAR, “Cybercrime/e-Crimes: Model Policy Guidelines & Legislative Texts,” 2012.
D. C. A. Murphy, “Developing Process for Mobile Device Forensics,” 2009.
L. Aouad, T. Kechadi, and J. Trentesaux, “Chapter 11 An Open Framework For Smartphone,” in In: Peterson G., Shenoi S. (eds) Advances in Digital Forensics VIII., IFIP Advan., Springer, Berlin, Heidelberg, 2012, pp. 159–166.
A. Holliday, Doing and Writing Qualitative Research Second edition, Thousand Oaks, CA: SAGE Publications, 2007.
“Report on 2016 Inspection of Ernst & Young LLP Public Company Accounting Oversight Board, This is A Public Version of A Pcaob Inspection Report Portions of the Complete Report are Omitted from this Document in Order to Comply with Sections 104(G)(2) An,” 2017.
D. Abalenkovs et al., “Mobile Forensics: Comparison of extraction and analyzing methods of iOS and Android,” Gjovik University College, Gjovik, Norway, pp. 1–13, 2012.
M. Huber, B. Taubmann, S. Wessel, H. P. Reiser, and G. Sigl, “A flexible framework for mobile device forensics based on cold boot attacks,” Eurasip J. Inf. Secur., vol. 2016, no. 1, p. 17, 2016.
S. P. Framework, “Assessment G rid for E valuating Strategic Policy Frameworks for Digital Growth & Next Generation Network P lans,” pp. 1–7, 2014.
C. Grobler and B. Louwrens, “Digital Forensics: A Multi-Dimensional Discipline,” Proc. ISSA 2006, 2006.
M. M. N. Umale, P. A. B. Deshmukh, and P. M. D. Tambhakhe, “Mobile Phone Forensics Challenges and Tools Classification: A Review,” Int. J. Recent Innov. Trends Comput. Commun., vol. 2, no. 3, pp. 622–626, 2014.
K. Kent, S. Chevalier, T. Grance, and H. Dang, “Guide to integrating forensic techniques into incident response,” NIST Spec. Publ., no. August, pp. 800–886, 2006.
R. L. Brian Cusack, “Up-dating investigation models for smart phone procedures | Semantic Scholar,” 2014.
Copyright (c) 2022 Gilbert Gilibrays Ocen, Ocident Bongomin, Gilbert Barasa Mugeni, Stephen Makau Mutua, Twaibu Semwogerere
This work is licensed under a Creative Commons Attribution 4.0 International License.
