Comparing Two Tools for Mobile-Device Forensics

Abstract

Gathering forensic data from mobile devices has become essential with the rise of mobile technology and the value of the data they store. This thesis looked at a new analysis platform, which we called "T," and compared its output with an existing tool, Cellebrites Physical Analyzer (CPA). We imaged 22 different devices with Cellebrites imaging software and then analyzed the images with both tools. The phones were categorized into 1 of 7 categories based on their content and usage. We concluded that CPA and T have different benefits. CPA was strongest in its user interface and ability to determine web usage, as well as being able to analyze a variety of devices. T had the ability to allow for keyword searches, which allowed us to be able to identify more email address possibilities. We propose testing more recent updates of the tools against a larger corpus of phones in future work.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 01, 2017
Accession Number
AD1046880

Entities

People

  • Casandra M. Martin

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Cyber
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Computational Forensics
  • Computer Program Documentation
  • Computer Programs
  • Computer Science
  • Computers
  • Electronic Mail
  • Graphical User Interface
  • Mobile Devices
  • Mobile Operating Systems
  • Mobile Phones
  • Operating Systems
  • Smartphones
  • Text Messaging
  • User Interface
  • Wireless Networks
  • Xml

Readers

  • Agent-Based Social Robotics and Mobile-Assisted Learning in Virtual Environments.
  • Image Processing and Computer Vision.
  • Theoretical Analysis.