Not long ago, mobile device forensics was a relatively straightforward process. Contact lists, SMS messages and call logs were obtained and examined for evidence using specialized forensics technology. But with the blistering rate advances in mobile technology, the explosion of mobile data and devices, and all the ways in which they are used today—for working, engaging in social media, taking photos, making videos, conducting financial transactions and more—times have drastically changed. In addition, the digital world has become a breeding ground for new types of crimes, such as cyber stalking, cyber bullying, hacking and other offenses. Most mobile device forensics solutions simply cannot keep up.
What's needed is a radically new approach to mobile device forensics: one that's adaptive, intuitive and capable of supporting just about any mobile device on the market, as well as multiple operating systems and data types. The solution also must integrate with other forensics tools and address e-discovery requirements.
Law enforcement agencies and enterprises are struggling with too many devices, too many mobile apps, and too many data types. Mobile applications are updated at blinding speeds, and the mobile OS's are continually refreshed. Compounding all this complexity is the massive amount of data that's accruing, and the increase in malware.
The Increase in Mobile Devices
There were 1.8 billion mobile phones sold worldwide in 2013, according to mobiThinking, which compiles mobile statistics from multiple research firms including
At first glance, those figures are mind-boggling. Add in the fact that the ratio of subscriptions to people isn't one to one, and things get even more overwhelming. According to the Cisco VNI Global IP Traffic Forecast, 2012-2017, by 2017 there will be 2.5 devices/connections for every person on earth, and 5 devices/connections for every Internet user. These multi-device, multi-subscription scenarios complicate mobile device forensics. Investigators are likely to find themselves analyzing data from more than one cellular phone, tablet, GPS device and other mobile media due to hit the shelves soon, not just per case but also per person. There are also competing mobile operating systems, although the two most popular are iOS and Android. Couple those complexities with the numerous hardware systems from the likes of Motorola, Acer and HTC and the permutations become overwhelming when conducting an investigation.
As of mid-2013, there were more than 900 million different Android devices in use, and there were, on average, 1.5 million Android devices activated daily. During that same period, about 2.5 billion apps are downloaded from Google Play each month. In
Mobile technology is progressing at such a rapid rate; it's difficult for mobile forensic solutions to keep up. Most forensics tools require regular updates so they can keep pace with the latest and greatest mobile technologies, but those updates frequently fall behind. Add to that the learning curve with successive updates and busy investigative agencies face yet another bottleneck.
The Increase in Application Usage
According to digitalbuzzblog, half of the mobile phone users use their mobile devices as their primary Internet source, and 80 percent of their time is spent inside mobile apps. A large majority—80 percent—of consumers plan to conduct mobile commerce in the next year, digitalbuzzblog says.
There are other equally weighty stats to consider. More than 800,000 applications are available from the Apple store, and just as many are available from the
Social media usage on mobile devices is exploding. There are 802 million daily, active Facebook users on average and 609 million mobile daily, active Facebook users on average. On a typical day, people send out more than 500 million tweets—averaging 5,700 tweets per second. More than 20 billion photos have been shared on Instagram, and on average there are 60 million Instagram photos posted per day.
The result? Data living in social applications has become critically important as the number of criminal investigations involving data collected from these applications is rising significantly.
The Increase in Data
It's called Big Data, and it's everywhere: on enterprise servers, in applications and of course, on mobile devices. It's estimated that by 2017, 50 percent of all IP traffic will be generated from non-PCs, and traffic from wireless and mobile devices will exceed traffic from wired devices by 2016. With the amount of digital evidence growing from gigabytes to terabytes in many cases, data analytics and data visualization becomes even more crucial in understanding evidence. But research shows that only 5 to 10 percent of the entire corpus of user data is examined by typical mobile device forensics tools. This leaves as much as 95 percent of application data uncollected, and therefore unanalyzed.
Investigators need to be able to separate relevant data from the inconsequential, and then easily understand and explain the differences to themselves, colleagues, barristers/attorneys and jurors. However, most mobile forensic tools on the market today are still inept in properly parsing and displaying all the different data that might be available on a mobile device.
The Increase in Mobile Malware
A recent release from Russian information technology (IT) security firm
There's no question, mobility has upended and drastically altered nearly every aspect of our day-to-day lives. It definitely has complicated mobile device forensics. Considering that a crime can be now be facilitated entirely targeting a mobile device, it is imperative that law enforcement be able to quickly adapt to the ever evolving world of mobility and mobile device forensics.
The rising tide of mobile malware is forcing forensics examiners to understand how to recognize and analyze it together with other evidence. Mobile malware can harm the integrity of evidence presented in a court of law at worst and introduce a delay in the investigation at a minimum. Consequently, this can result in dismissal of charges or even the dismissal of the entire civil/criminal case.
Mobile device forensics has become an increasingly complex and difficult process, mainly because the tools available to examiners and investigators have not kept pace with all the mobile technology advances, the mobile malware, and the ever-growing numbers of mobile data and devices and all the ways in which they are used today: surfing the Internet, playing games, taking photos, tweeting, texting and more. Moreover, mobility has spawned new types of crimes, such as cyber stalking, cyber bullying, hacking and other offenses.
Law enforcement agencies and enterprises are struggling with these rapid-fire changes, all of which are threatening the efficacy of criminal and civilian investigations. To solve this problem, they need to put a plan in place that allows the support of almost any mobile device, operating system and data type that allows them to quickly and effectively collect, identify and uncover the key data—often the key data needed to crack the case.
Most Popular Stories
- Cape Cod Building Mussel Industry
- Hollywood Eager to Grasp Hispanic Market
- Frightfully Fun Films Return for Halloween
- Would Soccer Be Richer Without Small Clubs?
- Sears Denies Store Closings, Layoffs Report
- Microsoft Beats Income Expectations
- Cloud Lifts Microsoft's Quarterly Results
- Pfizer Approves $11 Billion Buyback Plan
- IS Funded by Black Market Oil Sales, Racketeering
- Weekly Jobless Claims Rise but Remain Low