- Mobile forensics
Mobile Forensics is defined as “the science of recovering digital evidence from a
mobile phone under forensically sound conditions using accepted methods.” (NIST)Mobile phones can provide several different kinds of forensic evidence.
Electronic evidence
This can include
*Call history
*Contacts
*Calendar information
*The SIM card's Location Information File can provide information about the last cells in which the phone was active.Physical evidence
*DNA - "one source of DNA on a phone is loose cheek cells that have settled in the microphone from the users breath." Skin flakes on the button recesses and earpiece can also yield DNA evidence. (New Scientist, 2007)
*Fingerprints - the article mentioned that "sliding a SIM card into its slot often leaves a highly readable fingerprint." (New Scientist, 2007)Retained data evidence
The EU requires its members countries to retain certain telecommunications data for use in investigations. This includes data on calls made and retrieved. The location of a mobile phone can be determined and this geographical data must also be retained.
Forensic techniques
There are different methods of retrieving the evidence, starting from simple screen captures over forensic software tools to bit-exact memory damps using
JTAG .The software tools differ in the supported models, connection types and cost. Another criterion is whether they are accepted in court.
The ever-changing mobile phone marked with new models released on weekly basis poses a huge challenge to the forensic examiner. Issues of connective and compatibility arise. In order to compensate for this problem some forensic products come with an update service.
For a detailed discussion see Gubian and Savoldi, 2007.
References
* [http://www.7safe.com/electronic_evidence/ACPO_guidelines_computer_evidence.pdf ACPO Guide to Good Practice Guide for Computer Based Electronic Evidence]
* [http://www.theregister.co.uk/2008/05/30/mobile_phone_forensics/ Mobile Phone Forensics]
* [Guidelines on cell phone forensics http://csrc.nist.gov/publications/nistpubs/800-101/SP800-101.pdf] 2007 by NIST
*Paolo Gubian and Antonio Savoldi. Sim and usim Filesystem: a forensics perspective. Proceedings of the 2007 ACM symposium on Applied computing, 2007.
*New Scientist magazine (UK) pages 24-25, 7th July 2007.
* [http://www.gizmag.com/go/7782/ Spying via mobile phone]
* [http://www.news.com/FBI-taps-cell-phone-mic-as-eavesdropping-tool/2100-1029_3-6140191.html FBI taps cell phone mic as eavesdropping tool]
* [http://lauren.vortex.com/archive/000202.html How To Tell If Your Cell Phone Is Bugged]
Wikimedia Foundation. 2010.
