Research Area:  Digital Forensics
Over the last two decades, the world has witnessed a vast increase in smart phones devices usage, where mobile phone devices have become an integral part of our daily routine. As a result, this has created security issues and lead to an increased dependency on smartphone usage, criminal activities and/or illegal practices. This increase in crimes committed by or via smartphones has made it a necessity for digital forensics experts to come up with reliable tools that can be used to help in extracting data from those smart phones. Currently mobile forensics work is fragmented and although attempts have been made to develop conceptual frameworks for mobile devices in the past few years, there is however, no common framework adopted to date that meets the needs of the ever changing and expanding world of mobile devices.
A comprehensive survey of mobile forensics frameworks in this research revealed that current frameworks tend to focus on targeting specific operating systems, responding to specific issues, or use complicated steps that make it difficult for users to follow. Some are also based on desktop and non-mobile device models. Also, tools analysis was carried out benefiting from NIST guidelines, where areas in which each tool should be tested and how the test should be conducted are specified. The results of the Tools Analysis were not encouraging, and quite surprising that many challenges that existed at the advent of the mobile devices have not been solved.
Based on the research and analysis in this thesis, it was clear that there is a need for a set of effective methods to ensure that extracted and examined information from mobile phones devices are not tampered with, accepted by a court of law, or can be relied upon as an undisputed means of proving that something has or has not taken place. A new PBFMF that is platform independent, open architecture, extensible and capable of integrating newer mobile device technologies is presented in this thesis.
Name of the Researcher:  Masoud. H. Al Tawqi
Name of the Supervisor(s):  Haitham Cruickshank
Year of Completion:  2017
University:  University of Surrey
Thesis Link:   Home Page Url