Challenges that handheld devices-smartphones provide for computer forensics

Discuss challenges that handheld devices/smartphones provide for computer forensics

Many devices in the market like cell phones, smart phones, music players and personal digital assistants are considered as mobile devices. The rapid advancement is mobile device technology and communication technology has enhanced user experience a lot. By providing many features and a large storage capacity, a mobile device can store a lot of information of various kinds. While this is a great revolution for the mobile device users, it has also created many opportunities for criminals to exploit the sophisticated technology and use it for malicious purposes. Criminals can use and store information like e-mails, word documents, text messages, maps and global positioning information, photographs, videos etc on a mobile device which can be useful for a criminal investigation

Mobile devices are also very dynamic in the sense that their position keeps changing and their technology keeps changing and getting upgraded fairly quickly. The number and types of mobile devices is increasing rapidly with various platforms like Apple iPhone, Android, Windows Mobile and Blackberry getting popular, thus making forensic investigations for mobile devices very difficult. It is not possible to develop a single system or tool for forensic investigations for the variety of devices.

With previous models of mobile phones, collecting digital evidence was an easy task. With the advent of smart phones, it is a challenging task for the forensics expert to develop techniques and tools to retrieve information from the device. Also, a lot of specific requirements have to be considered to preserve information on a mobile device for forensic investigation. As mobile devices are networked and communicate to send and receive data, they are susceptible to loss, change and overwriting of data, especially when using a wireless network for communication. "Mobile devices need a specialized interface, storage media and hardware". These devices also operate using a volatile memory which needs power supply to preserve information. A variety of operating systems are being used in the mobile devices which make it difficult for the forensic investigators to maintain pace with the upcoming technology and understand the devices well enough to preserve and extract information from it.

Mobile devices store important information like address books, text messages and personally identifiable information on the SIM card. Unlike a computer hard drive, it is very complicated to extract information from a SIM card without destroying the available data. Also, extracting information from a mobile device is difficult as the interaction which takes place between the mobile device and the forensic tool can destroy or change the available evidential data. Data recovery and analysis is also difficult as mobile devices are now full of various functionalities for which many different file formats, encoding and data sources are used.

There are many mobile forensic software applications available for this purpose but a specialized tool is not yet available. Also sometimes, a high budget is needed to make use of multiple tools and it becomes a challenge for law enforcement agencies working under a small budget, to carry out such investigations.

There are many organizations like National Institute of Standards and Technology (NIST) and Open Mobile Terminal Platform (OMTP) which develop standards for mobile device forensic investigations and develop requirements and test cases for the toolkits. These standards help forensic investigators to maintain quality of their investigations and choose the best possible tools for their purpose. As there are so many mobile devices from different manufacturers and as nothing is standardized in the mobile market, it is very difficult to develop such standards for quality control.

Thus it can be seen very clearly that because of the variety and sophistication in mobile device technology, a forensic investigation to preserve, extract and analyze information from a mobile device is indeed a challenging task. 


More than 18, 378, 87 Solved Course Assignments and Q&A, Easy Download!! Find Now