Mobile Telephone Forensics

Mobile Telephone Forensics

Mobile telephones are small devices and commonly, due to misunderstanding and lack of appreciation of the brilliant work that goes into making a mobile telephone and SIM Card operate, are relegated to a lower standard of investigation. Yet, with mobile telephones primary radio capability, with solid-state electronics to back it up, enables them to punch, pound for pound, way above their weight when measured in terms of multifunctional computers or laptops.

This makes mobile telephone forensics an exciting branch of forensic science, but it does mean taking time and a dedication to comprehend. Consider the wireless and connectivity of a mobile telephone and it may surprise many what is incorporated into these mobile devices.

We commonly think of mobiles defined by their wireless service they use, such as GSM GPRS 3G etc, which are of course very important to mobile 'phone forensics. However, behind that sits a myriad of connectivity from which data can be generated and provide equally importance evidence. A footprint, if you will, that needs to be considered. For instance, what impact it has in relation to how data got to be there, what affect and effect it has regarding evidence and whether the proposition of what the evidence means can be correlated to the connectivity in question.

If SMS text messages were the only evidence to be considered then it would be understandable that connectivity would be rather a moot point. But given the fact mobile telephones have come on leaps and bounds with the introduction of Symbian based systems and java technology etc isolating SMS text messages is no longer an option. EMS and MMS play an important part in evidence, as do emails, videos etc. Indeed, transporting data wirelessly between devices through close-range communications equally means that connectivity cannot be ignored within the forensic investigation. The possible paths how data are populated in mobile device requires identification, in order to be able to comprehend the overall picture how the devices have or can be used.

- WAP 1.0, 2.0
- Bluetooth v.1.0, v.2.0
- GPRS class 10 EGPRS (Class B, Multislot class 11)
- E-mail protocols: SMTP, POP3, IMAP4 - attachments
- MMS
- Synchronization via Bluetooth or a cable SyncML
- SMIL
- USB 1.0, 2.0 via Pop-Port
- PoC or PTT
- Instant Messaging
- VideoCall
- WiFi (WLAN)

Above are just some of the connectivity technologies in use today in mobile telephones. Look, comprehend and consider is the name of the game with mobile 'phone forensics. For each heading shown above, each has its own subset standards and guidelines. It is not difficult to see why mobile telephones are very smart phones indeed.