The digital forensic community is always facing the challenge of keeping ahead of the latest technologies in the market that could be employed for exposing essential clues during an investigation (Ayers, Brothers, & Jansen, 2014). Mobile devices are common phenomena in the society and they are employed both for personal and professional purposes. Today, cell phones vary in designs, and they constantly undergo improvement due to the constant changes in technology. When the mobile devices are encountered during a criminal investigation, it is important for a forensic scientist to know the right procedure and tools for attaining evidence from them. This essay is a discussion of the steps that should be taken to forensically process the cell phone for evidence as well as a discussion of the hardware and software that should be utilized for the forensics. The essay also discusses the type of information that can be forensically retrieved from the cell phone.
Steps to Forensically Prepare the Cell Phone for Evidence
SeizureThis is the process of acquiring or securing the mobile phone so that it can be utilized in a forensic investigation. A forensic scientist should have the necessary legal requirements to examine the contents of the cell phone device under investigation. In addition, he/she should have sufficient knowledge or the best way to handle the cell phone device before it is investigated. This is important because if not handled the right way, any physical evidence present on the cell phone could be contaminated and as such rendered useless. A forensic scientist should also be in a position to identify other supporting equipment that may be used together with the cell phone in its operation. Such equipment may include the media storage devices, the power adapter, UICC and other accessories of interest.
Isolation is the second step in preparing the acquired cell phone for forensic investigation. It is a critical step in the investigation process since the data stored on the cellular phone can be changed, modified or deleted by using various applications that support Over the Air (OTA) capabilities (Dixon, 2011). In the isolation process, the forensic scientist should photograph the cell phone at the time of seizure. Such photos should illustrate the time setting when the picture was taken, the state of the cell phone at the point of seizure as well as the characteristics of the cell phone. Certain precautions must also be employed to ensure that any data that could be used as important evidence in an investigation is not compromised. One of the most effective methods that can be employed to isolate the cell phone is the Cellular Network Isolation Card (CNIC). The CNIC resembles the original UIIC, and it is employed to prevent any network access to and from the cellular phone.
This is the last step that should be employed in a forensic investigation process. The step also entails photographing the scene of the crime as well as the imaging of each item that can be used together with the cell phone by the crime suspect. All digital devices in close proximity to the cellular phone should also be photographed. Such include the peripheral cables, removable media devices, USB connections as well as power connectors among others. In this case, a forensic scientist must avoid touching as well as contaminating the cell phone device in its original environment where it was found. This will aid in securing the most precise and viable evidence that can be employed in the determination of the validity of evidence in an ongoing investigation.
Hardware or Software to Process the Cell Phone for Evidence
There are several tools that can be employed to process the cell phone for evidence. Among them is the Cellebrite UFED, Micro Systemation XRY as well as Susteen Secure View. In addition, there are other modern tools that have been developed and manufactured by Chinese corporations for cell phone forensic purposes. Such tools include the MediaTek (MTK), MStar, Spreadtrum as well as the XRY Pinpoint among others. In addition, forensic disoldering can also be employed as an effective method of preparing a cell phone for evidence.
The disoldering technique is considered to be the most intrusive method of attaining the memory image from a cell phone after the acquisition. The process entails disoldering the non-volatile chip that stores the memory of the cell phone. Nevertheless, this method poses a substantial danger to the cell phone as erroneous disoldering can result in the destruction of data. The chip as well as its contents may also be partially destroyed due to the heat required in the disoldering process.
Type of Information That Can Forensically Be Retrieved from The Cell Phone
In traditional cell phones, a forensic analyst can recover the SMS as well as MMS messages and also recover the call logs made by the user of the phone for a specified period. In addition, the forensic analyst can retrieve the contact list as well as the phones IMEI or ESN information. If the acquired cell phone is a smart phone, additional set of information such as the web browsing history, the geological information of the user as well as the wireless network settings can also be acquired. In addition, he/she can recover social networking services, contacts as well as posts retained on the smart phone application. Ultimately, he/she can also recover emails and other media contents saved by the cell phone user applications.
In conclusion, there are three primary steps that should be employed when performing a forensic research on a cell phone. The steps include seizure, isolation as well as documentation. In addition, some of the hardware and software tools that can be employed in processing a cell phone for evidence may include the Cellebrite UFED, Micro Systemation XRY as well as Susteen Secure View among others. In addition, the form of information that can be retrieved in a forensic investigation from the cell phone may include the SMS and MMS messages as well as the phones IMEI or ESN information.
Ayers, R., Brothers, S., & Jansen, W. (2014, May). Guidelines on Mobile Device Forensics. NIST Special Publication 800-101 Revision 1, 87. Retrieved December 21, 2016, from http://dx.doi.org/10.6028/NIST.SP.800-101r1
Dixon, E. (2011, March 30). Mobile Phone Investigations: Best Practices. Retrieved December 21, 2016, from Forensic Magazine: http://www.forensicmag.com/article/2011/03/mobile-phone-investigations-best-practices
Cite this page
Mobile Phone Forensics - Example of Writing Assignment . (2021, Mar 30). Retrieved from https://proessays.net/essays/mobile-phone-forensics-example-of-writing-assignment
If you are the original author of this essay and no longer wish to have it published on the ProEssays website, please click below to request its removal:
- Obesity in Children's In Michigan: Developing an Advocacy Campaign
- Modification of Existing Laws Essay
- Ethical Practice in Criminal Justice Essay
- Effect of Architecture in Reducing Crimes: New York City (NYC) vs Oklahoma City
- Reasons Why Healthcare Should Be Considered as a Human Right
- Non Verbal Cues in Martin Luther King's Speech Essay
- European Refugee Crisis and How It Began Essay