DOCSLIB.ORG

Dfim: a New Digital Forensics Investigation Model for Internet of Things Mohammad Qatawneh 1, Wesam Almobaideen2, Mohammed Khanafseh3, Ibrahim Al Qatawneh 4

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Dfim: a New Digital Forensics Investigation Model for Internet of Things Mohammad Qatawneh 1, Wesam Almobaideen2, Mohammed Khanafseh3, Ibrahim Al Qatawneh 4 Journal of Theoretical and Applied Information Technology 31st December 2019. Vol.97. No 24 © 2005 – ongoing JATIT & LLS ISSN: 1992-8645 www.jatit.org E-ISSN: 1817-3195 DFIM: A NEW DIGITAL FORENSICS INVESTIGATION MODEL FOR INTERNET OF THINGS MOHAMMAD QATAWNEH 1, WESAM ALMOBAIDEEN2, MOHAMMED KHANAFSEH3, IBRAHIM AL QATAWNEH 4 1Professor. The University of Jordan, Department of Computer Science, Jordan 2Professor. The University of Jordan, Department of Computer Science, Jordan 2Professor. Rochester Institute of Technology, UAE 3Ph.D. candidate. The University of Jordan, Department of Computer Science, Jordan 4Professor. Al Ain University of Science and Technology College of Law E-mail: [email protected], [email protected], [email protected], [email protected], 4 [email protected] ABSTRACT The Internet of Things (IoT) smart devices have been used widely in several applications such as healthcare, education, environment, transportation, smart city, etc. These objects are resource-constrained devices which involve lacks regarding security and may lead to cyber-crime. Therefore, the IoT devices may contain evidence that are considered as an important need to investigators and can be admitted in courts. To tackle this problem most current research focuses on security issues for different IoT architectures rather than approaches and techniques of forensic acquisition and analysis for IoT objects. In this paper, we propose a new Digital Forensics Investigation Model for IoT (DFIM). The DFIM has two main components: The Data Provider Zone (DPZ) which responsible for grouping all data gathered by sensor nodes into a set of groups, where each group contains data or documents related to each other, and the investigation authority which receives the requests from the claimers for investigation, check the validation of the request, and finally select the appropriate investigators. In order to improve the IoT forensics investigation process, the proposed DFIM consists of seven stages and takes into consideration a set of principles such as security, privacy accuracy, performance, data reduction, Openness and transparency. Keywords: The Internet Of Things, IOT Forensics, Investigation Authority, Examination Stage, Investigation Process, Committee Of Investigators. 1. INTRODUCTION The Internet of Things (IoT) can be viewed as an spaces [27]. The number of IoT devices will information system made up of things, networks, reach or even exceed 75 billion and enables data and services. Such things may be wireless many applications in different fields [32] as sensors, traditional computers, smartphones, shown in figure 1. Among IoT devices, the cameras, humans, tablets, vehicles, home wireless sensors are considered the backbone of appliances etc. that are connected over a the IoT because they are part of our life and used network. These things may gather, process and in several applications such as smart city, smart upload a huge amount of data to the internet and home, transportation, environment, military, used to initiate service. The IoT devices can be healthcare, education etc. divided into four main groups: consumer, commercial, industrial, and infrastructure Figure 1: Iot Connected Devices From 2015 To 2019 (In Billions) 3850 Journal of Theoretical and Applied Information Technology 31st December 2019. Vol.97. No 24 © 2005 – ongoing JATIT & LLS ISSN: 1992-8645 www.jatit.org E-ISSN: 1817-3195 However, the wireless sensors are resource- Model for supporting forensics investigations, constrained devices which involve where IoT forensics can provide new insights to shortcomings regarding security and privacy determine facts about criminal incidents. The issues thereby rest of this paper is organized as follows: Section II provides the background information leading to cyber-crime. moreover, IoT is not about digital forensics, IoT forensics and their designed with security in mind, as the main challenges, Section III presents the proposed concern was to minimize the cost and size IoT Forensics-Model for supporting forensics consequently, the IoT is been exposed to the investigations, and finally we conclude in cyber threats and attacks. According to [4], three Section VI. main sources of threats in IoT has been identified as the following: - Malicious User: Is the owner or the user 2. THEORETICAL BACKGROUND of the IoT devices with potential to perform This section presents an overview of attacks to learn the secrets of the manufacturer, conventional digital forensics and IoT forensics. in order to sell secrets to third parties, or attack IoT forensics can be defined as one of the digital similar systems. forensics branches where the main investigation process must suit with the IoT infrastructure. - Bad Manufacturer: Is the producer of the 2.1 Convention Digital forensics: device with the ability to exploit and use the The evidence sources in conventional digital technology to gain information about the users forensics could be computers, mobile devices, and revealing it to the outsider. servers or gateways. Different conventional digital forensics models have been proposed. Each model contains a set of stages. Table 1 - External Attacker (Adversary): Known shows different frameworks proposed by many as an outsider entity which is not part of any IoT researchers. system and has no authorized to it. He or she then, try to get the sensitive in- formation for malicious purposes. From the forensics perspective, the IoT devices may contain evidence that is considered as an important need to investigators and courts. Even though IoT has rich sources of evidence, it causes some challenges for forensics investigators including but not limited to the location of data and heterogeneous nature of IoT devices such as differences in operating systems, communication standards, the existing digital forensics tools and approaches which don’t fit with the IoT paradigm. The variety of physical things which get connected with the IoT generate a huge amount of possible evidence bring new challenges to investigators to collect evidence from highly distributed IoT environments [25]. To investigate such evidence a digital IoT forensics is needed because most cur- rent research focuses on security issues for different IoT architecture rather than approaches and techniques of forensic acquisition and analysis for IoT objects [37]. Therefore, in this paper, we discuss the IoT forensics challenges, issues, and forensics frameworks. We propose an IoT Forensics- 3851 Journal of Theoretical and Applied Information Technology 31st December 2019. Vol.97. No 24 © 2005 – ongoing JATIT & LLS ISSN: 1992-8645 www.jatit.org E-ISSN: 1817-3195 Table 1: Different Models For Digital Forensics. e g Framewor Main Comments Framework ks Names And Limitations Contribution Analysis Collection Reduction Information Presentation Preservation Examination Review stage Review Privacy Aware Security Aware Reporting stage Reporting Integrity Aware Complexity Level Initialization sta Initialization stage Documentation Stage The investigation process can be carried out at different Generic The IoT levels (Fog Digital framework level and cloud Forensics introduced to level). Framewor enhance the H The framework k For IOT χ χ χ χ χ security and takes security [13] privacy policy into issues. account without any consideration of privacy. The main Prang drawback of this improvemen model t in DF Digital refers to the fact by exposing Forensics that in the digital Investigati investigation evidence that on Model L process there is hidden, χ χ χ χ χ χ χ (DFIM) is no concern but [36] about physical it does not evidence, only concern over about digital physical evidence. evidence. The weak points of this model is This hybrid Hybrid that it does not model was model for share the introduced digital investigation by handling forensics L report with both physical investigati χ χ χ χ χ χ others and is not evidence and on model aware of privacy logic [35] and security evidence. principles. 3852 Journal of Theoretical and Applied Information Technology 31st December 2019. Vol.97. No 24 © 2005 – ongoing JATIT & LLS ISSN: 1992-8645 www.jatit.org E-ISSN: 1817-3195 The main weak points of this framework is that This it does not take framework IoT into consideration analyzes the Mobility any policy for evidence Forensic[3 χ χ χ χ χ χ χ M privacy and gathered 0] security through from IoT the investigation devices. process. IoT Forensic: The authors identificati focus on on founding This framework And enhanced focuses classificati method to χ χ χ χ χ χ χ χ L identification and on of identify the collection stages evidence right in criminal evidence and investigati collect ons [8] the evidence in a secure and efficient. The idea of this The framework is framework lightweight for is to IoT IoT environment. introduce a forensics The main novel digital framework drawback is that forensics for smart it does not take χ χ χ χ χ χ M framework environme into consideration for smart nt [5] any principles environment for privacy and such as smart security. home, smart office, etc. The idea of this The framework is framework lightweight for is to IoT IoT environment. introduce a forensics The main novel digital framework drawback is that forensics for smart it does not take χ χ χ χ χ χ M framework environme into consideration for smart nt [5] any principles environment for privacy and such as smart security. home, smart office, etc. From the table 1, we can conclude that many authors includes identification and collections stages. The have defined the process of digital forensics into three second step deals with examination and analysis of steps as shown in figure 2, where the acquisition step evidence acquired from the crime scene to understand 3853 Journal of Theoretical and Applied Information Technology 31st December 2019. Vol.97. No 24 © 2005 – ongoing JATIT & LLS ISSN: 1992-8645 www.jatit.org E-ISSN: 1817-3195 how and by whom the crime was committed. The outcome of the analysis reports including other documentation comprises the presentation step. This step ends with presenting complete analysis re-port in front of the court.
Load more

Recommended publications
  • Part 1 Digital Forensics Module Jaap Van Ginkel Silvio Oertli
    Part 1 Digital Forensics Module Jaap van Ginkel Silvio Oertli July 2016 Agenda • Part 1: Introduction – Definitions / Processes • Part 2: Theory in Practice – From planning to presentation • Part 3: Live Forensics – How to acquire a memory image – Investigate the image • Part 4: Advanced Topics – Tools – Where to go from here – And more 2 Disclaimer§ • A one or two-day course on forensics will not make you a forensics expert. – Professionals spend most of their working time performing forensic analysis and thus become an expert. • All we can offer is to shed some light on a quickly developing and broad field and a chance to look at some tools. • We will mostly cover Open Source Forensic Tools. 3 Introduction Forensics in History 4 Forensics – History 2000 BC 1200 BC 5 Introduction Definitions / Processes 6 Forensics – The Field digital forensics Computer Forensics Disk Forensics Mobil Forensics Memory Forensics Datenbase Forensics Live Forensics Network Forensics 7 Forensics - Definition • Digital Forensics [1]: – Digital forensics (sometimes known as digital forensic science) is a branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime. • Computer Forensics [2]: – Computer forensics (sometimes known as computer forensic science) is a branch of digital forensic science pertaining to legal evidence found in computers and digital storage media. The goal of computer forensics is to examine digital media in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing and presenting facts and opinions about the information. 8 Forensics - Definitions • Network Forensics [3]: – Network forensics is a sub-branch of digital forensics relating to the monitoring and analysis of computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection.[1] Unlike other areas of digital forensics, network investigations deal with volatile and dynamic information.
    [Show full text]
  • Guidelines on Mobile Device Forensics
    NIST Special Publication 800-101 Revision 1 Guidelines on Mobile Device Forensics Rick Ayers Sam Brothers Wayne Jansen http://dx.doi.org/10.6028/NIST.SP.800-101r1 NIST Special Publication 800-101 Revision 1 Guidelines on Mobile Device Forensics Rick Ayers Software and Systems Division Information Technology Laboratory Sam Brothers U.S. Customs and Border Protection Department of Homeland Security Springfield, VA Wayne Jansen Booz Allen Hamilton McLean, VA http://dx.doi.org/10.6028/NIST.SP. 800-101r1 May 2014 U.S. Department of Commerce Penny Pritzker, Secretary National Institute of Standards and Technology Patrick D. Gallagher, Under Secretary of Commerce for Standards and Technology and Director Authority This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Management Act of 2002 (FISMA), 44 U.S.C. § 3541 et seq., Public Law (P.L.) 107-347. NIST is responsible for developing information security standards and guidelines, including minimum requirements for Federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate Federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130, Section 8b(3), Securing Agency Information Systems, as analyzed in Circular A- 130, Appendix IV: Analysis of Key Sections. Supplemental information is provided in Circular A- 130, Appendix III, Security of Federal Automated Information Resources. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on Federal agencies by the Secretary of Commerce under statutory authority.
    [Show full text]
  • Digital Forensics Concentration
    DIGITAL FORENSICS CONCENTRATION The Digital Forensic concentration is available to students Why Enroll in the at Hilbert College who are interested in learning more about Digital Forensics computer-based information applied to legal matters. The concentration is comprised of three computer courses and 2 Concentration? digital forensic courses, some held in Hilbert’s new, modern Low student/teacher computer laboratory classroom. Together these five courses will ratio in all classes provide more in depth exposure to fundamental principles in the Access to all new l use of computers in legal investigations. This concentration is equipment and available to students in all majors, though it is likely of particular instrumentation interest to students in the Forensic Science/CSI department who Unmatched personal wish to obtain a stronger computer-based foundation than what attention to academic is required for their major. advisement Coursework includes one semester of computer systems Opportunity to learn (covering computer architecture and operating systems), one from top-notch semester of computer networking, one semester of computer professors who have crime investigation (covering procedures and techniques of data real-world experience in a digital forensic recovery involved in criminal investigations), one semester of setting computer forensics (covering data seizure, imaging and analysis) Job search guidance and one semester of Advanced Mobile Device Forensics. All in the profession courses in the concentration are three credits. Additionally, the Expanded job courses in the concentration do not require prior exposure to opportunities after graduation: computers as they are designed to be taken sequentially: initially “According to the introducing students to foundational concepts and material and Department of Labor, progressing to more advanced applications of concepts in later demand is expected to grow 22% over the courses.
    [Show full text]
  • Digital Forensics Based Analysis of Mobile Phones
    Journal of Android and IOS Applications and Testing Volume 4 Issue 3 Digital Forensics Based Analysis of Mobile Phones Pooja V Chavan PG Student, Department of Computer Engineering, K. J. Somaiya College of Engineering, Mumbai, Maharashtra, India Email: [email protected] DOI: Abstract Now-a-day’s ratio of mobile phone is increasing day by day. Digital forensics methodology is use to recover and investigate data that found in a digital devices. Mobile phone usage is more that’s why not only judicial events occurred but also mobile forensics and subdivision of digital forensics are emerged. Some hardware and software are used for mobile phone investigations. Keywords: Digital forensics, digital devices, mobile phone INTRODUCTION because electronic device have a variety of Forensic science’s subdivision is a digital different operating system, technology, forensic, is a one type of process. The storage structure, Features. First identify main objective of this process to find the crime after that digital forensic work evidence in digital devices [1]. Digital on four important steps (Figure 1): forensics are used for the analysis of data, such as audio, video, pictures, etc. After • Collection: The collected of evidence the analysis of electronic devices data that like fingerprints, broken fingernails help for legal process. The usage of blood and body fluids. advanced technology is increasing rapidly. • Examination: The examination of Electronic device have a variety of product process is depending on evidence. like tablet, flash memory, memory card, • Analysis: The crime scenes obtain SD card, etc. When forensic analysis is different digital evidence, analysis is performed at that time data should be done on storage evidence this secure.
    [Show full text]
  • Application of Network Forensics in Identification of Network Traffic
    Published by : International Journal of Engineering Research & Technology (IJERT) http://www.ijert.org ISSN: 2278-0181 Vol. 7 Issue 07, July-2018 Application of Network Forensics in Identification of Network Traffic 1Ajay Sehrawat, 2Neha Shankar Das and 3Praveen Mishra 1 Software Engineer (IT), Regional Centre for Biotechnology, 2M.Tech, GGSIPU, 3Additional Director, ERNET India, Abstract - With the development of the latest technology The use of Network Traffic Analysis can also be seen in interventions in the field of networking, cyber- crimes are security domain. It includes management and monitoring of increasing at a gradual rate. It has led to increase in online packets from source IP address to destination IP port crimes and attacks in which malicious packets are being sent to number. It takes amount of packets sent in consideration to other hosts. Network Traffic Analysis comes under Network check flow of consistency in network. Network forensics is Forensics which is one of the classifications of Cyber Forensics that deals with capturing, recording, monitoring and analysis defined in [11] as “capturing, monitoring and scrutiny of of network traffic. Keeping this in view, the paper describes the network events in order to determine the cause of security need of network forensics and its aspects. The paper proposes a attacks and other problem incidents”. It can be said that model for network traffic analysis which is useful for detecting Network Forensics is a branch of digital forensics which is malicious packets received from intruders. studied to examine the network traffic so that attacks and malicious activities can be discovered. There is difference Keywords: Network Forensics, Network Monitoring and Network between computer forensics and digital forensics.
    [Show full text]
  • Purpose of Computer and Network Forensics
    Purpose of Computer and Network Forensics Table of Contents Purpose of Computer and Network Forensics ................................................................................ 2 What Is Digital Forensics? ............................................................................................................... 3 Need for Digital Forensics -1 ........................................................................................................... 4 Need for Digital Forensics -2 ........................................................................................................... 6 Purpose of Digital Forensics ............................................................................................................ 8 Notices .......................................................................................................................................... 12 Page 1 of 12 Purpose of Computer and Network Forensics Purpose of Computer and Network Forensics 4 **004 Okay. So we'll start out with the purpose of computer and network forensics. Page 2 of 12 What Is Digital Forensics? What Is Digital Forensics? As defined in NIST Guide to Integrating Forensic Techniques into Incident Response: “Application of science to the identification, collection, examination, and analysis of data while preserving the integrity of the information and maintaining a strict chain of custody for the data” Also known as or called computer forensics and network forensics, and includes mobile device forensics All better called one term: Digital
    [Show full text]
  • Guidelines for Digital Forensics First Responders
    GUIDELINES FOR DIGITAL FORENSICS FIRST RESPONDERS Best practices for search and seizure of electronic and digital evidence March 2021 01010101010101€01010101010101¥01010101010101$01010101010101€01010101010101¥01010101010101$01010101010101€01010101010101¥01010101010101$01010101010 101€01010101010101¥01010101010101$01010101010101€01010101010101¥01010101010101$01010101010101€01010101010101¥01010101010101$01010101010101€0101010 010101¥01010101010101$01010101010101€01010101010101¥01010101010101$01010101010101€01010101010101¥01010101010101$01010101010101€01010101010101¥0101 0101010101$10101010101010101¥01010101010101€01010101010101¥01010101010101$01010101010101€01010101010101¥01010101010101$01010101010101€010101010101 01¥010101010101012 $01010101010101€01010101010101¥01010101010101$01010101010101€01010101010101¥01010101010101$01010101010101€01010101010101¥01010101 01010101$01010101010101 €01010101010101¥01010101010101$01010101010101€01010101010101¥01010101010101$01010101010101€01010101010101¥01010101010101$01 Disclaimer These “Guidelines for Digital Forensics First Responders” (the “Guidelines”) have been prepared as technical guidelines to provide information and advice on digital forensic approaches that may be adopted when seizing and analysing different kinds of devices. These Guidelines are solely for the use of law enforcement professionals having the necessary legal basis or authorisation to perform the actions described herein. The legal, procedural and customary frameworks in respect of search, seizure, chain of custody, analysis, reporting,
    [Show full text]
  • Digital Forensic Analyses of Web Browser Records
    Journal of Software Digital Forensic Analyses of Web Browser Records Erhan Akbal1*, Fatma Güneş1, Ayhan Akbal2 1 Department of Digital Forensics Engineering, Fırat University Technology Faculty, 23119, Elazig, Turkey. 2 Department of Electrical and Electronics Engineering, Fırat University Engineering Faculty, 23119, Elazig, Turkey. * Corresponding author. Email: [email protected] Manuscript submitted January 11, 2016; accepted March 12, 2016. doi: 10.17706/jsw.11.7.631-637 Abstract: The most used applications by the majority of user of computer are web browsers. Users performs their many activities such as, browsing on the internet, download files, use social media applications, accessing e-mail accounts via web browser. Many of the crimes committed on digital resources must be analyzed user activities by examining the records of web browsers. Especially regarding crimes involving entered the URL, access times, browser type, time, downloaded files, search words, such information must be included in the reports of the examiners will create one of the data obtained. Web browser stores user records in different ways. Also, according to user operating systems differ in the locations for storing data. In this study, it is shown that how it should be done the analysis of web browsers on the digital resources which are subject to criminal, the data of different browsers on different operating systems, storage types and data types that can be obtained. In addition, it is showed that, the tools and features used to examine the records in the web browser. Key words: URL records, web browser analyses, digital forensic, digital evidence. 1. Introduction Web browsers are the tools for performing different activities on the Internet by users.
    [Show full text]
  • Curriculum Vitae
    February, 2013 CURRICULUM VITAE Name: Douglas H. Ubelaker Born: August 23, 1946 Horton, Kansas Present Position: Curator, Department of Anthropology National Museum of Natural History Smithsonian Institution Washington, D.C. 20560 Adjunct Positions: Consultant in Forensic Anthropology to the FBI, 1978-present Professorial Lecturer, Department of Anatomy, The George Washington University, Washington, D.C., 1986-present Professorial Lecturer, Department of Anthropology, The George Washington University, Washington, D.C., 1986-present Professor, Department of Anthropology, Michigan State University, East Lansing, Michigan, 2009-present Education: B.A. (honors) University of Kansas, 1968 Ph.D. University of Kansas, 1973 Military Service: U.S. Army, 1969-71 Major Consultant Work: Analysis of human skeletal remains 1976 to present. Over 855 individual cases reported on. Testimonials as expert witness at trials and hearings: September 6, 1978 State of Florida vs. Ludwig Oddo Baglioni Pensacola, Florida March 11, 1981 Commonwealth of Massachusetts vs. Carl Drew Fitchburg, Massachusetts March 2, 1982 State of Washington vs. Michael A. Smith Spokane, Washington June 5, 1985 U.S.A. vs. Buck Duane Walker San Francisco, California 2 September 16, 1985 State of Rhode Island and Providence Plantations vs. Paul Triana Providence, Rhode Island February 7, 1986 U.S.A. vs. Stephanie Stearns San Francisco, California February 21, 1986 State of Nebraska vs. Thomas E. Nesbitt Omaha, Nebraska April 16, 1987 State of New York vs. William Seifert Buffalo, New York April 28, 1987 United States of America vs. Gary Cheyenne Rapid City, South Dakota February 5, 1988 Commonwealth of Massachusetts vs. Christopher Bousquet New Bedford, Massachusetts November 19, 1990 State of Washington vs.
    [Show full text]
  • Iot Ignorance Is Digital Forensics Research Bliss
    University of New Haven Digital Commons @ New Haven Electrical & Computer Engineering and Computer Electrical & Computer Engineering and Computer Science Faculty Publications Science 8-2019 IoT Ignorance is Digital Forensics Research Bliss: A Survey to Understand IoT Forensics Definitions, Challenges and Future Research Directions Tina Wu University of Oxford Frank Breitinger University Liechtenstein Ibrahim Baggili University of New Haven, [email protected] Follow this and additional works at: https://digitalcommons.newhaven.edu/ electricalcomputerengineering-facpubs Part of the Computer Engineering Commons, Electrical and Computer Engineering Commons, Forensic Science and Technology Commons, and the Information Security Commons Publisher Citation Wu, T., Breitinger, F., & Baggili, I. (2019, August). IoT Ignorance is Digital Forensics Research Bliss: A Survey to Understand IoT Forensics Definitions, Challenges and Future Research Directions. In Proceedings of the 14th International Conference on Availability, Reliability and Security, ARES '19 (Article no. 46). ACM. Comments Dr. Baggili was appointed to the University of New Haven's Elder Family Endowed Chair in 2015. This is the authors' version of the paper published in ARES '19 Proceedings of the 14th International Conference on Availability, Reliability and Security by ACM. ISBN: 978-1-4503-7164-3. The ap per of record can be found at http://dx.doi.org/10.1145/3339252.3340504 IoT Ignorance is Digital Forensics Research Bliss: A Survey to Understand IoT Forensics Definitions, Challenges and Future Research Directions Tina Wu Frank Breitinger Tina:wu@cs:ox:ac:uk Ibrahim Baggili University of Oxford FBreitinger@newhaven:edu Oxford, UK IBaggili@newhaven:edu University of New Haven West Haven, Connecticut ABSTRACT ACM Reference Format: Interactions with IoT devices generates vast amounts of personal Tina Wu, Frank Breitinger, and Ibrahim Baggili.
    [Show full text]
  • Practical Investigations of Digital Forensics Tools for Mobile Devices Maynard Yates II, M.S
    Practical Investigations of Digital Forensics Tools for Mobile Devices Maynard Yates II, M.S. Florida Agricultural and Mechanical University Department of Computer and Information Sciences Technical Building A, Room 211 Tallahassee, FL 32307-5100 [email protected] ABSTRACT A few examples of these changes are: With the continued growth of the mobile device market, the Correspondence: Postal mail → Electronic mail (E- possibility of their use in criminal activity will only continue to mail) → SMS messages (text messages) increase. While the mobile device market provides a great variety of manufactures and models causing a strong diversity. It Telecommunications: Telephones → car powered cell becomes difficult for a professional investigator to choose the phones→ battery powered cell phones proper forensics tools for seizing internal data from mobile Calendar: Secretary → Day Planner→ Personal Data devices. Through this paper, we will give a comprehensive Assistant (PDA)→ “Smartphone” perspective of each popular digital forensic tool and offer an inside view for investigators to choose their free sources or commercial tools. In addition, a summary for the future direction As technology continues to permeate society and mobile for forensics tools in mobile devices. computing becomes more prevalent, people will more heavily depend on applications such as e-mail, SMS (Short Message Service), MMS (Multimedia Messaging Service) and online Categories and Subject Descriptors transactions (i.e. bank, ins, etc); such devices provide a good K.4.1. [Computers and Society]: Public Policy Issues - abuse source of evidence for forensic investigators to prove or disprove and crime involving computers; D.4.6 [Operating Systems]: the commitment of crimes or location of suspects/victims [6].
    [Show full text]
  • 73Rd Aafs Annual Scientific Meeting
    AMERICAN ACADEMY OF FORENSIC SCIENCES 73RD AAFS ANNUAL SCIENTIFIC MEETING PROGRAM • FEBRUARY 2021 WELCOME MESSAGE Welcome to the 73rd American Academy of Forensic Sciences Annual Scientific Meeting. We are 100% virtual this year and it is my pleasure and excitement to greet each and every one of you. While we could not be in Houston, we have planned a jammed packed week of science, collegial interactions, collaborations, learning, social networking, and just plain fun! The Academy has nearly 6,500 members representing 70 countries. We usually meet annually in the U.S., but this year we are meeting virtually and worldwide for the first time. I cannot wait to see how many locations across the globe will be represented by our attendees. Jeri D. Ropero-Miller, PhD 2020-21 AAFS President Our meeting theme this year, One Academy Pursuing Justice through Truth and Evidence, has fueled the culture of the Academy since its inception. It has also encouraged more than 1,000 presentations for this week with over 560 oral, more that 380 posters, and countless presenters in the 18 workshops, and special sessions. The Exhibit Hall will be accessible to attendees the entire week. Don’t miss out on all the latest products and technology available to the forensic science industry. You also will want to participate in the Gamification activity by going on a virtual scavenger hunt to earn points towards winning some fun prizes. Don’t forget to visit the online AAFS store between sessions for your chance to purchase meeting apparel. I cannot thank everyone enough for all the effort, dedication, and support for making this virtual event memorable for all.
    [Show full text]