Abstract
Cell phones are among the most common types of technologies present today and have become an integral part of our daily activities. The latest statis- tics indicate that currently there are over five billion mobile subscribers are in the world and increasingly cell phones are used in criminal activities and confiscated at the crime scenes. Data extracted from these phones are presented as evidence in the court, which has made digital forensics a critical part of law enforcement and legal systems in the world. A number of forensics tools have been developed aiming at extracting and acquiring the ever-increasing amount of data stored in the cell phones; however, one of the main challenges facing the forensics com- munity is to determine the validity, reliability and effectiveness of these tools. To address this issue, we present the performance evaluation of several market- leading forensics tools in the following two ways: the first approach is based on a set of evaluation standards provided by National Institute of Standards and Tech- nology (NIST), and the second approach is a simple and effective anti-forensics technique to measure the resilience of the tools.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Group, A.M.: Wireless Network Traffic 2008 2015: Forecasts and Analysis (October 2008), http://www.researchandmarkets.com/reports/660766/
Five Billion Cell Users in 2010 (October 2010), http://www.dailywireless.org/2010/02/16/5-billion-cell-users-in-2010/
Worldwide Mobile Phone Sales Declined 8.6 Per Cent and Smartphones Grew 12.7 Per Cent in First Quarter of 2009 (May 2009), http://www.gartner.com/it/page.jsp?id=985912
Cops warn of more cyber crimes with the launch of 3G services. http://bx.businessweek.com/mobile-tv/view?url=http%3A%2F%2Fc.moreover.com%2Fclick%2Fhere.pl%3Fr4546328679%26f%3D9791
Casey, E.: Addressing limitations in mobile device tool. In: Proceedings of the First Annual ACM Northeast Digital Forensics Exchange (2009)
Casey, E.: Addressing Limitations in Mobile Device Tool (July 2009), https://blogs.sans.org/computer-forensics/category/computer-forensics/mobile-device-forensics/
Casey, E.: Common Pitfalls of Forensic Processing of Blackberry Mobile Devices (June 2009), https://blogs.sans.org/computer-forensics/category/computer-forensics/mobile-device-forensics/
NIST, NIST - Computer Forensics Tool Testing (CFTT) Project (2010), http://www.cftt.nist.gov/
NIST, NIST: Smart Phone Tool Assessment Test Plan, National Institute of Standards and Technology (August 2009), http://www.cftt.nist.gov/mobiledevices.htm
Curran, K., Robinson, A., Peacocke, S., Cassidy, S.: Mobile phone forensic analysis. International Journal of Digital Crime and Forensics 2(2), 15–27 (2010)
Somasheker, A., Keesara, H., Luo, X.: Efficient forensic tools for handheld devices: A comprehensive perspective. In: Proceedings of Southwest Decision Sciences Institute (March 2008)
Kim, K., Hong, D., Chung, K., Ryou, J.-C.: Data acquisition from cell phone using logical approach. World Academy of Science, Engineering and Technology 32 (2007)
Thing, V., Ng, K.-Y., Chang, E.-C.: Live memory forensics of mobile phones. In: Proceedings of DFRWS (2010)
Mokhonoana, P.M., Olivier, M.S.: Acquisition of a symbian smart phone’s content with an on-phone forensic tool. In: Proceedings of the Southern African Telecommunication Networks and Applications Conference (SATNAC) (September 2007)
Connor, T.P.O.: Provider side cell phone forensics. Small Scale Digital Device Forensics Journal 3(1) (2009)
Distefano, A., Me, G., Pace, F.: Android anti-forensics through a local paradigm. Digital Investigation, 95–103 (2010)
Garfinkel, S.: Anti-forensics: Techniques, detection and countermeasures. In: Proceedings of the 2nd International Conference on i-Warfare and Security (ICIW), Monterey, CA (March 2007)
Test Results for Mobile Device Acquisition Tool: Secure View 2.1.0 (November 2010), http://ncjrs.gov/pdffiles1/nij/232225.pdf
Test Results for Mobile Device Acquisition Tool: XRY 5.0.2 (November 2010), http://ncjrs.gov/pdffiles1/nij/232229.pdf
Test Results for Mobile Device Acquisition Tool: Device Seizure 4.0 (November 2010), http://ncjrs.gov/pdffiles1/nij/232230.pdf
Test Results for Mobile Device Acquisition Tool: CelleBrite UFED 1.1.3.3 - Report Manager 1.6.5 (November 2010), http://ncjrs.gov/pdffiles1/nij/231987.pdf
Cellebrite mobile data secured, http://www.cellebrite.com/
Corporation, P.: http://www.paraben.com/
Micro Systemation XRY application, http://www.msab.com/xry/current-version-release-information
Guidance Software EnCase Neutrino, http://www.encase.com/products/neutrino.aspx
Susteen SecureView, http://www.secureview.us/secureview3
Harris, R.: Arriving at an anti-forensics consensus: Examining how to define and control the anti-forensics problem. In: Proceedings of Digital Forensic Research Workshop (2006)
Professional Software USB Protocol Analyzer, http://www.usblyzer.com/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Liu, H., Azadegan, S., Yu, W., Acharya, S., Sistani, A. (2012). Are We Relying Too Much on Forensics Tools?. In: Lee, R. (eds) Software Engineering Research,Management and Applications 2011. Studies in Computational Intelligence, vol 377. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23202-2_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-23202-2_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-23201-5
Online ISBN: 978-3-642-23202-2
eBook Packages: EngineeringEngineering (R0)