Mobile phone forensics is the science of recovering digital evidence from a mobile phone under forensically sound conditions using accepted methods. This topic will provide an overlook on Mobile Technology and the Forensics associated with it. Far from being a lifestyle product, Mobiles have now become a necessity. India has seen a huge spur in mobiles in the past 5 years and it has penetrated even to the rural areas of India to a good extent. Cell phones vary in design and are continually undergoing change as existing technologies improve and new technologies are introduced. Mobile phones are highly 'mobile' communications devices that perform an array of functions ranging from that of a simple digital organizer to that of a low-end personal computer.
Mobile phones
i) Designed for mobility
ii) Compact
iii) Battery Powered
iv) Light Weight.
A mobile phone consists of following things:-
1) A microprocessor
2) Read Only Memory (ROM)
3) Random Access Memory (RAM)
4) A Radio module
5) A Digital Signal Processor
6) A Microphone and Speaker
7) A variety of hardware keys and interfaces
8) A liquid crystal display (LCD).
Mobile Communication mainly two types
i) GSM
ii) CDMA
• SIM FORENSICS :-Every mobile subscriber is issued with a smart card called a Subscriber Identity Module (SIM) . As physical evidence the SIM provides details printed on the surface of i) Name of the Network Provider ii) Unique ID Number. The SIM's main function entails authenticating the user of the cell phone to the network to gain access to subscribed services. The SIM also provides storage for personal information, such as phone book entries and text messages, as well as service-related information. Every SIM can be protected by a Personal Identification Number (PIN). It is set at point of manufacture. The major features are as follows
i)Can be changed by the Subscriber
ii) Four digit code
iii) Usually 3 attempts before phone is blocked.
SIM Contents the following details of the subscriber
i) Location Area Identifier
ii) Location Area Identifier
iii) Serial Number of SIM
iv) Subscriber Identifier - IMEI and Mobile Phone Number
v) MSISDN - Used for routing of calls
vi) Text Data Message (SMS)
vii) Dialled Numbers.
SIM Forensics that is potential Evidence as Call Records, Phonebook Information, Text Messages and deleted message and call records is done by softwares i) SIM Manager Pro ii) ChipIt iii) SimScan. Cards4Labs that is only available to Law enforcement agencies can produce a text report of analysis.
Major threats to SIM Data are SIM Cloning for illicit use.
• What Mobile Forensic Examination reveals i) Useful info as passwords, network logon names, internet activity ii)Potential Evidence as Call Records, Phonebook Information, Text Messages, E-Mail, Location Information, Web browsing activities, etc. Different Mobile Forensics tools are available .
HandSet Tools:
i) PDA Seizure
ii) Oxygen Phone Manager
iii) BitPIM
Integrated Tools:
i) Cell Seizure
ii) Cell Brite
iii) Mobiledit.
About Author / Additional Info:
Cyber Forensics journal
www.cyberforensics.in