Site icon Eminence Papers

Understanding Mobile Forensics- Challenges and Distinctions from Computer Forensics

Understanding Mobile Forensics- Challenges and Distinctions from Computer Forensics

Mobile Forensics and Computer Forensics

Forensics are conducted as a measure against cybercrime by extracting evidence (Krishnan et al., 2019). There are different types of forensics, including mobile and computer forensics (Sai et al., 2015). The two forensics are classified under digital forensics. Even though mobile and computer forensics are classified under digital forensics, they have some differences. In mobile devices, forensics involves multiple software standards, as well as hardware (Sai et al., 2015). However, in computer forensics, software and hardware are standardized. Non-standardization of software and hardware in mobile devices makes it difficult to use a single tool for forensics (Sai et al., 2015). Also, the high rate at which new mobile phones are developed and released into the market affects the choice of forensic tools. This is followed by rapid software update releases that further affect mobile device forensics. For computers, there are fewer operating systems in the market that are widely used, hence, making it possible to have one computer forensics tool across the platforms (Villar-Vega et al., 2019).

Percentage of Attacks on Networks That Come From Mobile Devices

Mobile devices such as phones and tablets are connected to the Internet of Things. These connections are popular today in places such as coffee shops, workplaces, hospitals, etcetera (Yesilyurt & Yalman, 2016). Therefore, should one of the mobile devices be exploited, the network would also be exploited. For example, if one mobile device downloaded a corrupted file from a WAN network to a LAN network, it would result in a LAN attack (Yesilyurt & Yalman, 2016). According to Yesilyurt and Yalman (2016), up to 68 percent of network attacks come from mobile devices. Mobile devices are prone to exploitation from their vulnerabilities as well as malware. Hackers aim at android browsers that are vulnerable. Once the browsers are exploited, the hackers can exploit the storage of a mobile device, and finally, the network (Yesilyurt & Yalman, 2016). On the attacked network, other mobile devices could be exploited, servers, and the hypervisor in a virtual environment. To protect against network attacks, mobile device users should be educated on how to protect their devices. For example, users could avoid downloading applications from unknown developers or sites. Users should also avoid accepting software updates from sites other than those authorized by the manufacturer. For example, android users should only accept updates from legit apps on the Play Store, while iOS users should use the Apple Store.

Challenges to Mobile Forensics

Rooting Android phones is one of the challenges of mobile forensics (Krishnan et al., 2019). This is because forensic tools present challenges whenever a phone requires rooting. However, a forensics officer should identify the root level required be root the phone (Krishnan et al., 2019). With root access, forensics can get access to all the details required for an investigation. Most Android users have their phones rooted whenever they require excess user rights like for an application (Krishnan et al., 2019). Rooting phones comes with a lot of risks and it should only be done if the benefits outweigh the drawbacks.

Another challenge of mobile forensics is the hardware limitations and device dependency (Krishnan et al., 2019). Mobile devices are updated frequently, making it difficult to have an up-to-date mobile forensic tool. Phones nowadays are developed in various versions that have a smaller lifespan (Krishnan et al., 2019). Meaning, users keep changing their phones for newer versions, and forensic experts find it challenging to keep up.

Tool reliability is a challenge of mobile forensics (Krishnan et al., 2019). Sometimes forensic analysts have a challenge in identifying the appropriate tool to use.  Based on research, it is difficult to find a mobile device forensic tool suitable for all phones (Krishnan et al., 2019). For example, a tool used to analyze two Samsung phones of different versions returned inconsistent results. The analysis was repeated five times, and the margin of error was still unsatisfactory (Krishnan et al., 2019). This concludes that each phone version could only be analyzed using the most accurate tool for it to obtain a satisfactory analysis.

Data volatility is a challenge of mobile forensics (Krishnan et al., 2019). Some phones, such as those with iOS, delete data when full. The same data in Android is stored on Read-Only Memory and is not erased. Those phones that are set to delete data when the memory is full, create a challenge to forensic analysts (Krishnan et al., 2019). Also, when iOS devices are switched off, the data in them is encrypted, making it challenging to analyze the device (Krishnan et al., 2019).

Mobile Forensic Tools

There are two main mobile forensic tools; physical, logical acquisition, and (Krishnan et al., 2019).  Physical acquisition collects memory dump in bits that involve the image of mobile phones. This memory dump includes deleted data. The data collected in physical acquisition is raw and, therefore, requires parsing (Krishnan et al., 2019). Logical acquisition uses API to collect all undeleted data. Such data includes all details that are available to the phone user, like call logs and contacts. However, some application data could also be obtained by logical acquisition (Krishnan et al., 2019). These two mobile forensics tools are used depending on the state of the mobile device. For example, if the device is on or not and whether it allows forensics analysis in that state.

Should the Analysis Be Different on iOS vs Android?

Forensics analysis on iOS should be different from that of Android because the two operating systems are analyzed differently (Krishnan et al., 2019). iOS devices cannot be analyzed when they are powered off; hence, they cannot be analyzed using tools that analyze switched-off phones. Mobile devices from the same manufacturer but with different versions of operating systems cannot be analyzed with the same forensics tool (Krishnan et al., 2019). As newer versions of the mobile device operating system get developed, suitable forensics tools have to be selected. The changing dynamics of mobile phones, including hardware, make it challenging to use one forensics tool on different or all mobile phones (Krishnan et al., 2019). Also, Android devices have very different specifications from iOS phones. For example, android phones have to be rooted to allow users a certain level of access. This means that forensic analysts have to root them too. Rooting is done because Android does not allow root access for its users (Krishnan et al., 2019). However, in iOS, the operating system allows data extraction bit by bit. Therefore, a physical acquisition would be conducted on iOS without requiring to be rooted (Krishnan et al., 2019)

References

Krishnan, S., Zhou, B., & An, M. K. (2019). Smartphone Forensic Challenges. International Journal of Computer Science and Security (IJCSS)13(5), 183-200. https://www.researchgate.net/publication/336221775_Smartphone_Forensic_Challenges

Sai, D. M., Prasad, N. R., & Dekka, S. (2015). The Forensic Process Analysis of Mobile Device. International Journal of Computer Science and Information Technologies6(5), 4847-4850. http://ijcsit.com/docs/Volume%206/vol6issue05/ijcsit20150605150.pdf

Villar-Vega, H. F., Perez-Lopez, L. F., & Moreno-Sanchez, J. (2019). Computer forensic analysis protocols review focused on digital evidence recovery in hard disk devices. Journal of Physics: Conference Series1418(2019), 1-7. https://iopscience.iop.org/article/10.1088/1742-6596/1418/1/012008/pdf

Yesilyurt, M., & Yalman, Y. (2016). Security Threats on Mobile Devices and their Effects: Estimations for the Future. International Journal of Security and its Applications10(2), 13-26. https://www.researchgate.net/publication/297746368_Security_Threats_on_Mobile_Devices_and_their_Effects_Estimations_for_the_Future

ORDER A PLAGIARISM-FREE PAPER HERE

We’ll write everything from scratch

Question 


After reading the required articles this week, please write a research paper that answers the following questions:

What are mobile forensics and do you believe that they are different from computer forensics?
What is the percentage of attacks on networks that come from mobile devices?
What are the challenges to mobile forensics?

Understanding Mobile Forensics- Challenges and Distinctions from Computer Forensics

What are some mobile forensic tools?
Should the analysis be different on iOS vs Android?

Your paper should meet the following requirements:
Be approximately 4-6 pages in length, not including the required cover page and reference page.
Follow APA7 guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.
Support your answers with the readings from the course and at least two scholarly journal articles to support your positions, claims, and observations, in addition to your textbook.
Be clearly and well-written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing.

Exit mobile version