Mobile phone based cases are increasing every each year not only in Malaysia but also in other countries such as in Australia and the USA. This trend could be a basis for a lot of research done in this field [1]. The analysis is tricky because mobile phones are manufactured proprietary (segregated and secured data area) in nature and this will hamper digital forensics analysis altogether.
The production of a new mobile phone model is fast. There would be a new mobile phone model in an average of six months whereas the development of mobile phone forensics tools is always lagging behind. This has created a huge challenge in digital forensics and some said could be the death of digital forensics because the analysis is almost impossible to be conducted (cloud computing is another issue).
National Institute of Standards and Technology (NIST) in the Unites States of America has tested several computer and mobile phone forensics software [2, 3]. The aim is to provide some kind of assurance of the software performance. There is a necessity to observe the standard of the mobile phone forensics software because the analysis is extremely technical. The standard is to ensure the analysis output is comprehensive and trustable; must be forensically sound.
The mobile phone forensics software available in the market does not provide a total solution. The researchers are putting interest to manually analyze (sometimes reverse engineering) the mobile phone [4]. They have gone into hardware analysis (hardware forensics) and this has given some new dimensions of the research field. It has given some hope for the practitioners as well because they are able to follow the proven methodology [5].
What about iPhone 4s? mmmmm…..
[1] K.Jonkers. “The forensic use of mobile phone flasher boxes.” The Journal Digital Investigation, 2010.
[2] “Test Environment and Procedures for Testing EnCase 3.20.” The National Institute of Standards and Technology, 2004.
[3] W.Jansen and R.Ayers. “Cell Phone Forensic Tools: An Overview and Analysis.” The National Institute of Standards and Technology Special Publication, 104 pages, 2007.
[4] B.Mellars. “Forensic examination of mobile phones.” The Journal of Digital Investigation, pp.266-272, 2004.
[5] S.Y.Willassen, Norwegian University of Science and Technology. Forensic analysis of mobile phone internal memory. Internet: http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.101.6742&rep=rep1&type=pdf, [Feb. 12, 2011].
