Title :
Forensic analysis of wireless networking evidence of Android smartphones
Author :
Andriotis, P. ; Oikonomou, George ; Tryfonas, Theo
Author_Institution :
Bristol Cryptography Group, Univ. of Bristol, Bristol, UK
Abstract :
This paper introduces a method for acquiring forensic-grade evidence from Android smartphones using open source tools. We investigate in particular cases where the suspect has made use of the smartphone´s Wi-Fi or Bluetooth interfaces. We discuss the forensic analysis of four case studies, which revealed traces that were left in the inner structure of three mobile Android devices and also indicated security vulnerabilities. Subsequently, we propose a detailed plan for forensic examiners to follow when dealing with investigations of potential crimes committed using the wireless facilities of a suspect Android smartphone. This method can be followed to perform physical acquisition of data without using commercial tools and then to examine them safely in order to discover any activity associated with wireless communications. We evaluate our method using the Association of Chief Police Officers´ (ACPO) guidelines of good practice for computer-based, electronic evidence and demonstrate that it is made up of an acceptable host of procedures for mobile forensic analysis, focused specifically on device Bluetooth and Wi-Fi facilities.
Keywords :
Bluetooth; digital forensics; mobile computing; smart phones; telecommunication security; wireless LAN; Android smartphone; Bluetooth interface; Wi-Fi; forensic-grade evidence; mobile Android device; mobile forensic analysis; open source tool; security vulnerability; wireless communication; wireless networking; Bluetooth; Databases; Forensics; IEEE 802.11 Standards; Smart phones; Wireless communication;
Conference_Titel :
Information Forensics and Security (WIFS), 2012 IEEE International Workshop on
Conference_Location :
Tenerife
Print_ISBN :
978-1-4673-2285-0
Electronic_ISBN :
978-1-4673-2286-7
DOI :
10.1109/WIFS.2012.6412634
