A method and a case study for the selection of the best available tool for mobile device forensics using decision analysis. (29th March 2016)
- Record Type:
- Journal Article
- Title:
- A method and a case study for the selection of the best available tool for mobile device forensics using decision analysis. (29th March 2016)
- Main Title:
- A method and a case study for the selection of the best available tool for mobile device forensics using decision analysis
- Authors:
- Saleem, Shahzad
Popov, Oliver
Baggili, Ibrahim - Abstract:
- Abstract: The omnipresence of mobile devices (or small scale digital devices – SSDD) and more importantly the utility of their associated applications for our daily activities, which range from financial transactions to learning, and from entertainment to distributed social presence, create an abundance of digital evidence for each individual. Some of the evidence may be a result of illegal activities that need to be identified, understood and eventually prevented in the future. There are numerous tools for acquiring and analyzing digital evidence extracted from mobile devices. The diversity of SSDDs, types of evidence generated and the number of tools used to uncover them posit a rather complex and challenging problem of selecting the best available tool for the extraction and the subsequent analysis of the evidence gathered from a specific digital device. Failing to select the best tool may easily lead to incomplete and or improper extraction, which eventually may violate the integrity of the digital evidence and diminish its probative value. Moreover, the compromised evidence may result in erroneous analysis, incorrect interpretation, and wrong conclusions which may eventually compromise the right of a fair trial. Hence, a digital forensics investigator has to deal with the complex decision problem from the very start of the investigative process called preparatory phase. The problem could be addressed and possibly solved by using multi criteria decision analysis. TheAbstract: The omnipresence of mobile devices (or small scale digital devices – SSDD) and more importantly the utility of their associated applications for our daily activities, which range from financial transactions to learning, and from entertainment to distributed social presence, create an abundance of digital evidence for each individual. Some of the evidence may be a result of illegal activities that need to be identified, understood and eventually prevented in the future. There are numerous tools for acquiring and analyzing digital evidence extracted from mobile devices. The diversity of SSDDs, types of evidence generated and the number of tools used to uncover them posit a rather complex and challenging problem of selecting the best available tool for the extraction and the subsequent analysis of the evidence gathered from a specific digital device. Failing to select the best tool may easily lead to incomplete and or improper extraction, which eventually may violate the integrity of the digital evidence and diminish its probative value. Moreover, the compromised evidence may result in erroneous analysis, incorrect interpretation, and wrong conclusions which may eventually compromise the right of a fair trial. Hence, a digital forensics investigator has to deal with the complex decision problem from the very start of the investigative process called preparatory phase. The problem could be addressed and possibly solved by using multi criteria decision analysis. The performance of the tool for extracting a specific type of digital evidence, and the relevance of that type of digital evidence to the investigative problem are the two central factors for selecting the best available tool, which we advocate in our work. In this paper we explain the method used and showcase a case study by evaluating two tools using two mobile devices to demonstrate the utility of our proposed approach. The results indicated that XRY ( Alt 1 ) dominates UFED ( Alt 2 ) for most of the cases after balancing the requirements for both performance and relevance. … (more)
- Is Part Of:
- Digital investigation. Volume 16(2015)Supplement 1
- Journal:
- Digital investigation
- Issue:
- Volume 16(2015)Supplement 1
- Issue Display:
- Volume 16, Issue 1 (2015)
- Year:
- 2015
- Volume:
- 16
- Issue:
- 1
- Issue Sort Value:
- 2015-0016-0001-0000
- Page Start:
- S55
- Page End:
- S64
- Publication Date:
- 2016-03-29
- Subjects:
- Digital forensics -- Mobile device forensics -- Mobile device forensics tools -- Evaluation -- Multi-criteria decision analysis -- Digital evidence -- Digital investigation -- Expected utility -- Total ranking -- Hypothesis testing
Forensic sciences -- Data processing -- Periodicals
Criminal investigation -- Data processing -- Periodicals
363.250285 - Journal URLs:
- http://www.sciencedirect.com/science/journal/17422876 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.diin.2016.01.008 ↗
- Languages:
- English
- ISSNs:
- 1742-2876
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3588.396620
British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 7518.xml