Abstract:
The digital revolution and mobility of devices has caused an increase in the use of smartphones in criminal activities. Mobile forensics, aims to address this issue by providing investigation and legal authorities with software and hardware to gather evidence from smartphones and digital equipment gathered from the crime scene. Major artifacts and items of interest which include calls, text messages, logs and file structure are critical in providing information that can lead to culprits and assist in proceeding with investigations.
The Smartphone Forensics Toolkit aims to provide a forensic solution for smartphones operating on iOS and Android. The project is a Windows based that is multi-platform in terms of providing forensic tools and is a desktop application made using C#, provides GUI to the investigator with the help of Windows Forms.
The toolkit has been divided into two portions for handling iOS and Android phones respectively. A USB connection is established between the workstation and smartphone (evidence) before starting a case followed by phone attributes transfer including manufacturer name, model, OS version and IMEI.
Each case is followed by image extraction for Android/iOS in which artifacts are extracted and displayed given the state of the mobile evidence. An investigator initiates a new case, proceeds with image extraction, analyses contents by viewing them in database, xml, and text or pdf/word format and concludes case with a report.
