Home   >   CSC-OpenAccess Library   >    Manuscript Information
Full Text Available

(534.5KB)
This is an Open Access publication published under CSC-OpenAccess Policy.
Publications from CSC-OpenAccess Library are being accessed from over 74 countries worldwide.
Smartphone Forensic Challenges
Sundar Krishnan, Bing Zhou, Min Kyung An
Pages - 183 - 200     |    Revised - 31-07-2019     |    Published - 01-10-2019
Volume - 13   Issue - 5    |    Publication Date - October 2019  Table of Contents
MORE INFORMATION
KEYWORDS
Smartphone Forensics, Digital Forensics, Mobile Forensics, Mobile Security.
ABSTRACT
Globally, the extensive use of smartphone devices has led to an increase in storage and transmission of enormous volumes of data that could be potentially be used as digital evidence in a forensic investigation. Digital evidence can sometimes be difficult to extract from these devices given the various versions and models of smartphone devices in the market. Forensic analysis of smartphones to extract digital evidence can be carried out in many ways, however, prior knowledge of smartphone forensic tools is paramount to a successful forensic investigation. In this paper, the authors outline challenges, limitations and reliability issues faced when using smartphone device forensic tools and accompanied forensic techniques. The main objective of this paper is intended to be consciousness-raising than suggesting best practices to these forensic work challenges.
1 Google Scholar 
2 BibSonomy 
3 Doc Player 
4 Scribd 
5 SlideShare 
1 "Smartphone Market Share.", Internet:.https://www.idc.com/promo/smartphone-market-share/vendor, 2018, [May 19, 2019].
2 "EnCase Mobile Investigator - Mobile Forensics Investigation Solution.", Internet: https://www.guidancesoftware.com/encase-mobile-investigator?cmpid=nav_r., [May 22, 2019].
3 "Home - Cellebrite.", Internet:https://www.cellebrite.com/en/home/, [May 22, 2019].
4 "Magnet ACQUIRE - Magnet Forensics.", Internet: https://www.magnetforensics.com/products/magnet-acquire/ , [May 22, 2019].
5 "E3 DS for Mobile forensics, Smartphone Forensics, and IoT forensics - Paraben Corporation.", Internet: https://paraben.com/mobile-forensics-software/ , [May 22, 2019].
6 "SmartPhone Forensic System - Cell Phone Forensics Tools.", Internet: http://www.salvationdata.com/spf-smartphone-forensic-system.html , [May 22, 2019].
7 "Background on CTIA's Wireless Industry Survey.", Internet: https://api.ctia.org/wp- content/uploads/2018/07/CTIA_ToplineWirelessIndustrySurvey.pdf, 2018, [May 22, 2019].
8 Henry P., 2013, "The SANS Survey of Digital Forensics and Incident Response.", Internet: https://blogs.sans.org/computer-forensics/files/2013/07/sans_dfir_survey_2013.pdf, [May 22, 2019].
9 Harichandran V. S., Breitinger F., Baggili I., and Marrington A., (2016, Mar) , "A cyber forensics needs analysis survey: Revisiting the domain's needs a decade later," [On-line], Comput. Secur., vol. 57, pp. 1-13, Available: https://www.sciencedirect.com/science/article/pii/S0167404815001595, [May 22, 2019].
10 Krishnan S., Chen L., (2014), "Legal Concerns and Challenges in Cloud Computing," in 2nd International Symposium on Digital Forensics and Security (ISDFS 2014), [On-line], Available: https://arxiv.org/abs/1905.10868 , [May 21, 2019].
11 Kovar D., (2009), "Push button forensics - managing the downsides | Integriography: A Journal of Broken Locks, Ethics, and Computer Forensics," Intergriography: A Journal of Broken Locks, Ethics, and Computer Forensics , [On-line], Internet: https://integriography.wordpress.com/2009/11/19/push-button-forensics-managing-the-downsides/, [May 18, 2019].
12 James J. I. , Gladyshev P. (2013, Mar) , "Challenges with Automation in Digital Forensic Investigations," Available: http://arxiv.org/abs/1303.4498, [May 18, 2019].
13 Irons A. D., Stephens P., Ferguson R. I. (2009 Sept), "Digital Investigation as a distinct discipline: A pedagogic perspective," Digit. Investig., vol. 6, no. 1-2, pp. 82-90, Internet: https://linkinghub.elsevier.com/retrieve/pii/S1742287609000309, [May 18, 2019].
14 Umale M., Deshmukh A. B., Tambhakhe M. D., (2014) "Mobile phone forensics challenges and tools classification: A review", [On-line], Internet: https://pdfs.semanticscholar.org/867c/098360eb7ed57bd991bf0bb99042799f2824.pdf, [May 18, 2019].
15 Ayers R., Brothers S., Jansen W., (2007, May), "Guidelines on Mobile Device Forensics," NIST Spec. Publ. 800-101 Revis. 1, Internet: https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-101r1.pdf, [May 18, 2019].
16 "SWGDE Best Practices for Mobile Phone Forensics.", Internet: https://www.swgde.org/documents/CurrentDocuments/SWGDEBestPracticesforMobilePhoneForensics, 2013, [May 18, 2019].
17 Steve, "Android File System and Directory Structure Explained," Internet: http://www.stevesandroidguide.com/android-files/, 2017, [May 18, 2019].
18 "iOS Security.", Internet: https://www.apple.com/business/site/docs/iOS_Security_Guide.pdf, 2019, [18-May-2019].
19 "System and kernel security | Android Open Source Project." Internet: https://source.android.com/security/overview/kernel-security, [May 20, 2019].
20 Abalenkovs D, Bondarenko P, Pathapati V. K., Nordbø A., Piatkivskyi D., Rekdal J. E., Ruthven P. B., (2012), "Mobile forensics: Comparison of extraction and analyzing methods of ios and android", [On-line], Available: https://andynor.net/static/fileupload/399/Mobile Forensics - Comparisonof extraction and analyzing methods of iOS and Android.pdf, [May 20, 2019].
21 "File System Basics.", Internet: https://developer.apple.com/library/archive/documentation/FileManagement/Conceptual/FileSystemProgrammingGuide/FileSystemOverview/FileSystemOverview.html. [May 18, 2019].
22 "What digital forensics artifacts can you find on a mobile phone?", Internet: https://www.gillware.com/digital-forensics/mobile-forensics/. [May 18, 2019].
23 Cell Phone Science - Criminal Advocacy Program, Internet: http://capwayne.org/cap-archives/capwayne/handouts/2014/2014-10-10_SRR-Cell-Phone-Science.pdf, [May 16, 2019].
24 Introduction: Importance of Mobile Forensics , Internet: https://resources.infosecinstitute.com/category/computerforensics/introduction/mobile-forensics/the-mobile-forensics-process-steps-types/#gref, [May 16, 2019].
25 Lohiya R., John P., and Shah P. (2015, May), "Survey on Mobile Forensics," Int. J. Comput. Appl., vol. 118, no. 16, [On-line], pp. 6-11, Internet: http://research.ijcaonline.org/volume118/number16/pxc3903476.pdf, [May 17, 2019].
26 Saleem S., Popov O., and Appiah-Kubi O. K., (2013, Oct), "Evaluating and Comparing Tools for Mobile Device Forensics Using Quantitative Analysis," Springer, Berlin, Heidelberg, [On-line], pp. 264-282, Available: http://link.springer.com/10.1007/978-3-642-39891-9_17, [May 17, 2019].
27 Padmanabhan R., Lobo K., Ghelani M., Sujan D., and Shirole M. (2016, Aug), "Comparative analysis of commercial and open source mobile device forensic tools," Ninth International Conference on Contemporary Computing (IC3), 2016, pp. 1-6, Internet: http://ieeexplore.ieee.org/document/7880238/, [May 18, 2019].
28 Osho, O., & Ohida, S. O. (2016), "Comparative evaluation of mobile forensic tools," mecs-press.net, Available:http://www.mecs-press.net/ijitcs/ijitcs-v8-n1/IJITCS-V8-N1-9.pdf, [May 18, 2019].
29 "Mobile Device Acquisition | Homeland Security," DHS. [On-line]. Internet: https://www.dhs.gov/publication/mobile-device-acquisition, [May 18, 2019].
30 Cellebrite - UFED Physical Analyzer, Internet: https://www.cellebrite.com/en/products/ufed-ultimate/, [June 12, 2019].
31 Teel Technologies, Internet: http://www.teeltech.com/mobile-device-forensic-software/up-828-programmer/, [June 11, 2019].
32 Easy JTAG, Internet: http://easy-jtag.com/, [June 10, 2019].
33 eMMC Pro, Internet: https://www.emmc-pro.com/, [June 10, 2019].
34 Ayers R. P., "Smart Phone Tool Specification | NIST.", (2010, Apr), Internet: https://www.nist.gov/publications/smart-phone-tool-specification, [May 18, 2019].
35 Martínez A. (2016), "Tools for carrying out forensic analyses on mobile devices | INCIBE-CERT," INCIBE, Internet: https://www.incibe-cert.es/en/blog/mobile-forensic-analyses-tools. [May 18, 2019].
36 Aviv A. J., Gibson K., Mossop E., Blaze M., and Smith J. M. (2010), "Smudge attacks on smartphone touch screens," Proceedings of the 4th USENIX conference on Offensive technologies. USENIX Association, [On-line], pp. 1-7, Internet: https://dl.acm.org/citation.cfm?id=1925009, [May 19, 2019].
37 Engler R. and Miller C. (2013), "Six Persistent Challenges with Smartphone Forensics," Forensicmag, Internet: https://www.forensicmag.com/article/2013/02/6-persistent-challenges-smartphone-forensics. [May 19, 2019].
38 Bhargavi S. (2006), "Implementation of microcontroller based mobile communication data acquisition and control system using nokia F bus protocol in real time environment", [On-line], Internet: https://shodhganga.inflibnet.ac.in/handle/10603/64948, [Jun 10, 2019].
39 Ghosh R. K. (2017), "Mobile OS and Application Protocols," in Wireless Networking and Mobile Data Management, Singapore: Springer Singapore, [On-line], pp. 217-261. Internet: http://link.springer.com/10.1007/978-981-10-3941-6_8, [Jun 10, 2019].
40 Mikalack B., The Vestige Team, How much does Digital Forensic Services Cost? Internet: https://www.vestigeltd.com/thought-leadership/digital-forensic-services-cost-guide-vestige-digital-investigations/ , [Sept 5, 2019].
41 Grossman L (2016, Mar) , Inside Apple CEO Tim Cook's Fight With the FBI, Internet: https://time.com/4262480/tim-cook-apple-fbi-2/, [Sept 5, 2019].
42 Benner K., Lichtblau E., The New York Times, U.S. Says It Has Unlocked iPhone Without Apple, Internet: https://www.nytimes.com/2016/03/29/technology/apple-iphone-fbi-justice-department-case.html , [Sept 8, 2019].
43 Novac M (2017), Gizmodo, The FBI Paid $900,000 to Unlock the San Bernardino Terrorist's iPhone, Internet: https://gizmodo.com/the-fbi- paid-900-000-to-unlock-the-san-bernardino-kill-1795010203 , [Sept 8, 2019].
44 Al Hanaei, E. H., Rashid, A. (2014, May). DF-C2M2: a capability maturity model for digital forensics organisations. In 2014 IEEE Security and Privacy Workshops (pp. 57-60). IEEE. , [Sept 10, 2019].
45 Frye v. United States, 293 F. 1013 (D.C. Cir. 1923) , Internet: https://www.law.ufl.edu/_pdf/faculty/little/topic8.pdf , [Sept 12, 2019].
46 Daubert v. Merrell Dow Pharmaceuticals (92-102), 509 U.S. 579 (1993), Internet: https://www.law.cornell.edu/supct/html/92-102.ZS.html , [Sept 12, 2019].
47 The American Society of Crime Laboratory Directors (ASCLD) , Internet: https://www.ascld.org/ , [Sept 12, 2019].
48 Conformity assessment - Requirements for the operation of various types of bodies performing inspection, ISO/IEC 17020:2012 [-,IEC], Internet: https://www.iso.org/standard/52994.html , [Sept 9, 2019].
49 General requirements for the competence of testing and calibration laboratories, ISO/IEC 17025:2005, Internet: https://www.iso.org/standard/39883.html, [Sept 8, 2019].
Mr. Sundar Krishnan
Department of Computer Science, Sam Houston State University - United States of America
skrishnan@shsu.edu
Dr. Bing Zhou
Department of Computer Science, Sam Houston State University - United States of America
Dr. Min Kyung An
Department of Computer Science, Sam Houston State University - United States of America