DF: Chapter 9: Mobile Forensics

1. preservation 2. Acquisition 3. Examination and Analysis 4. reporting

4 steps involved in a forensic exam

Base transceiver station

Law enforcement can request cell site records from a carrier for a cell phone user that indicate where the user was, based in the data retrieved from the...

Windows phone

a microsoft operating system that can be found on personal computers, phones, and tablets

People Hub

an address book took found on windows phone devices that can synchronize contacts from social networking sites

public switched telephone network (PSTN)

an aggregate of all circuit-switched telephone networks. connects all telephone networks worldwide

International Mobile Subscriber Identity (IMSI)

an internationally unique number on the SIM card that identifies a user on a network

Android

an open source operating system based on the Linux 2.6 kernel. In 2005 was google acquired. Has 2 types of memory, RAM and NAND

SQLite database

an open source relational database standard, which is frequently found on mobile devices. found on androids.

cell site

cell tower located in a cell. when you make a call, you connect with a cell tower

mobile station

consists of mobile equipment (handset) and, int he case of a GSM network, a subscriber identity module (SIM)

Base transceiver station

equipment found at a cell site that facilitates the communication of cell phone users across cell network

A cell

geographic area within a cellular network

SIM card

identifies a user on a cell network and contains an IMSI. Found in cell phones that operate on GSM cell networks and usually in iDEN network cell phones

Public switched telephone network

if the user is calling a user on a cell network managed by another carrier, the call is routed from the MSC to the...

1. logical 2. physical 3. joint test action group (JTAG) 4. Chip-off

investigators can extract evidence from an android smartphone in four ways

IMEI

is generally found by removing the back of the cell phone and then looking under the battery

NAND

nonvolatile flash memory

International mobile equipment Identity (IMEI)

number that uniquely identifies the mobile equipment or handset

The National Institute os Standards and Technology (NIST)

provides standard operating procedures for a variety of scientific practices, including cell phone forensics

operating system (OS)

purpose is to manage the resources of an electronic devise, usually a computer. Found in a ROM chip on a phone

mobile switching center (MSC)

responsible for switching data packets from one network path to another on a cell network

Type Allocation Code (TAC)

the initial 6 or 8 digits of the IMEI. Identifies the type of wireless device

RIM OS

the operating system developed by Research in Motion (RIM) for use on blackberry smartphones and tablets

internet explorer mobile

the web browser, based on internet 9, found on windows phone devices

RAM

volatile memory and may contain evidence that includes the user's passwords