Downloaded 18 times
Uploaded bySuresh Kumar
Mobile device forensics
This document outlines the agenda for a mobile device forensics session. It discusses what mobile device forensics is, the history of the field, types of evidence that can be recovered from mobile devices including internal memory, external memory and service provider logs. It also describes the forensic process of seizing devices, acquiring data, and examining and analyzing the evidence. Methods like rooting and jailbreaking are mentioned, along with controversies in the field. The document concludes with an announcement of a demonstration of acquiring data from a mobile phone using forensic software.
More Related Content
Similar to Mobile device forensics
![UiPath Automation Suite Installation (Hands-On) [2/3]](https://cdn.slidesharecdn.com/ss_thumbnails/automationsuitecommunitysession2-251015095633-a6d862f1-thumbnail.jpg?width=600ounds&width=560&fit=bounds)
Mobile device forensics
- 1.
- 2. AGENDA What isMobile device forensics? History Types of evidence Internal memory External memory Service provider logs Forensic process Seizure Acquisition Examination and analysis Rooting / jailbreak Controversies Demo : mobile phone data acquisition using santaku AFLogic 13-07-2017 Suresh Kumar K
- 3. WHAT IS MOBILE DEVICEFORENSICS? Mobile device forensics is a branch of digital forensics relating to recovery of digital evidence or data from a mobile device under forensically sound conditions. The phrase mobile device usually refers to mobile phones; however, it can also relate to any digital device that has both internal memory and communication ability, including PDA devices, GPS devices and tablet computers. 13-07-2017 Suresh Kumar K
- 4.
- 5. HISTORY As a fieldof study forensic examination of mobile devices dates from the late 1990s and early 2000s. The role of mobile phones in crime had long been recognized by law enforcement. With the increased availability of such devices on the consumer market and the wider array of communication platforms they support (e.g. email, web browsing) demand for forensic examination grew 13-07-2017 Suresh Kumar K
- 6. TYPES OF EVIDENCE •Internal memory • Nowadays mostly flash memory consisting of NAND or NOR types are used for mobile devices • External memory • External memory devices are SIM cards, SD cards (commonly found within GPS devices as well as mobile phones), MMC cards, CF cards, and the Memory Stick. • Service provider logs • Although not technically part of mobile device forensics, the call detail records (and occasionally, text messages) from wireless carriers often serve as "back up" evidence obtained after the mobile phone has been seized. 13-07-2017 Suresh Kumar K
- 7. FORENSIC PROCESS • Seizure •Acquisition • Examination and analysis 13-07-2017 Suresh Kumar K
- 8.
- 9. CONTROVERSIES In general thereexists no standard for what constitutes a supported device in a specific product. This has led to the situation where different vendors define a supported device differently. 13-07-2017 Suresh Kumar K
- 10. DEMO Mobile phone dataacquisition using santoku AFLogic 13-07-2017 Suresh Kumar K
- 11.
- 12.