This chapter negotiations about development of smart phones with briefly explicating history of cell phones. Most of import and major constituents ( processor, memory ) of phones are explained, since its architecture would assist readers to understand how these devices plants and to distinguish with other nomadic devices. Market research of smart phones and Samsung Galaxy S is presented to demo the growing of its market and how monolithic it would be in a close hereafter. Inside Galaxy S and about its OS ( Android ) is discussed to research grounds why people would take this device and how it could be used to hive away informations and for different intents. Most common beginnings of groundss found in a nomadic device are explained followed by current challenges in this field. Common forensic tools used for probe of nomadic phones are explained with their characteristics and restrictions. Finally this chapter discusses about two forensic models ( ACPO and NIST usher ) designed for forensic probes of nomadic phones.
GENERATIONS OF CELLULAR PHONES
In 1982, the first cellular web system, Advanced Mobile System ( AMPS ) was developed by research workers at Bell Laboratories. The thought was foremost proposed by D.H Ring ‘s research squad at Bell labs back in 1947. The really first coevals of cellular nomadic devices was implemented with lone voice services and so simple textual messaging service. Since so the nomadic market has been quickly altering over the old ages to make the recent platforms offering combination of telephonic maps with the complex multimedia services which makes it a typical pocket Personal computer. Based on promotions in functionalities, nomadic phones are categorized into 3 different coevalss.
The first coevals of nomadic phones was the epoch of linear versions or Entire Access Communication Systems ( TACS ) which offered merely voice communicating services. This was replaced by the 2nd coevals ( 2G ) , with the execution of GSM ( Global System for Mobiles ) communicating protocol. This allowed offering services such as textual message exchange ( SMS ) and textual entree to the web. This coevals followed major promotions in footings of signal-to-noise ratio ratio and besides in footings of communicating security and available services.
In between GSM coevals ( 2G ) and the most recent 3G coevals, research workers believe there were two other intermediate coevalss that contributed of import inventions in footings of bandwidth and services offered. GPRS ( Global Packet Radio Service ) denoted as 2.5G, offered services like internet connexion with e-mail clients, web browse, GPS ( Global Positioning System ) and MMS ( Multimedia Messaging System ) .
The 2nd intermediate coevals identified as 2.7G engineering includes the EGPRS ( Enhanced-GPRS ) engineering, besides known as the EDGE ( Enhanced Data rate for GSM Evolution ) and SDMA ( Code Division Multiple Access ) criterions. The major services offered by this epoch include video exchange, place banking, e-commerce and radio gambling. The recent coevals or 3G provides services like videophone calls and picture which require a bandwidth equal to or greater than 1 Mbps based on UMTS ( Universal Mobile Telecommunication System ) criterion.
( Reference 1 )
INSIDE MOBILE PHONES
Mobile devices can run from simple cellular phones with basic voice maps to little computing machines, besides called smart phones with complex multimedia capablenesss. The basic hardware consists of microprocessor, ROM, RAM, a digital signal processor, a wireless faculty, a micro phone and talker, hardware interfaces ( such as keyboards, cameras and GPS devices ) , and an LCD show. Today most of the recent theoretical accounts are equipped with removable memory cards, and Bluetooth and Wi-Fi capablenesss.
Processor is the most of import hardware unit of the smart phone and common theoretical accounts of processors for smart phones include ARM ( advanced RISC machine ) , Motorola Dragon Ball, MIPS, and TI OMAP. Most of the processors uses XScale architecture which controls the power ingestion of the processor based on the running applications and treating calculations. SoC is a recent engineering which enables incorporating constituents like processor and a coach in a individual circuit. Using this engineering in smart phones increases the velocity of the processor, therefore, overall public presentation of the device up to 1GHz.
Most of the Operating systems installed in Smart phones are down shipped versions of runing systems that are used in the computing machines. This makes possible to manage calculations with a less memory comparative to desktop computing machines. In smart phones, OS and other applications are stored in RAM, ROM and brassy memory and most common devices require a capacity of 64 – 128 MB of SRAM for application codification, 128-256 MB of brassy memory for system codification and more than 128MB of brassy memory for user informations. Almost all devices allows users to widen memory, with external memory cards ( for illustration SmartMedia, CF ( compact flash ) , MMCs ( multimedia memory cards ) , and SD cards ) which can keep up to 32GB of informations.
Power ingestion is a major issue with makers of Smart phones, and a batch of attempt has being put in to maximise power efficiency of batteries. Most common types of batteries used in smart phones are NiMH ( nickel metal hydride ) , Li-ion ( lithium-ion ) , and Li-polymer and each of these have an mean battery life of few yearss if merely used for normal uses such as voice calls.
( Reference 2 )
Subscriber Identity Module ( SIM ) cards are found most normally in GSM devices and consist of a microprocessor and from 16 KB to 4 MB of EEPROM. There are besides high capacity, high- denseness, super and mega SIM cards that boast every bit high as 1 GB of EEPROM. SIM cards are similar to standard memory cards ; accept the connections are aligned otherwise.
GSM refers to mobile phones as ‘mobile Stationss ‘ and divides a station into two parts: the SIM card and the nomadic equipment ( ME ) , which is the balance of the phone. The SIM card is necessary for the ME to work and function several extra intents.
Identifies the endorser to the web
Shops personal information
Shops address books and messages
Shops service-related information
SIM cards come in two sizes, but the most common is the size of standard U.S. postage cast and about 0.75mm midst. Portability of information is what makes SIM cards so versatile. By interchanging a SIM card between compatible phones, user can travel their information automatically without holding to advise the service supplier.
( Reference 3 & A ; 4 )
INSIDE GALAXY S
Samsung Galaxy S is designed for four major bearers ( AT & A ; T, T-Mobile, Verizon, Spring ) and each theoretical account differs in their design and characteristics. Epic 4G, for case, is the lone 1 with a slide-out difficult keyboard, and the lone one back uping 4G WiMax. The AT & A ; T Captivate, T-Mobile Vibrant and Verizon Fascinate theoretical accounts will all differ somewhat in design and application stack from one another and from Sprint ‘s offering.
Samsung Galaxy S phone weighs 4.2 oz which makes it lighter than iPhone4 and Droid X ‘s ( 4.2 oz and 4.8 oz severally ) . Galaxy S phones are designed with 4-inch broad show screens. Samsungs Super AMOLED screen uses OLED ( organic light-emitting rectifying tube ) engineering which makes it light weight, low power demands, faster, brighter and less brooding. In add-on the 4-inches 800-by-480-pixel screen ‘s artworks on Samsung ‘s Galaxy S phones are crisp, fast and clear, even at utmost angles.
Galaxy S series phone are driven by Samsung ‘s proprietary 1 GHz Hummingbird processor that makes it intelligent and gives a great velocity. Processor includes an onboard artwork processor, which enhances the device ‘s capableness of managing gambling, amusement and other complex multimedia services.
Memory direction in Galaxy S ensures efficient running of concurrent applications without impacting its overall public presentation. This multi-tasking capableness is handled by the ARM Cortex 1GHz processor with 512MB RAM and 2GB ROM. The phone allows users to spread out its internal memory capacity up to 32GB ( 8GB or 16GB, 32GB ) and this storage capacity is sufficient plenty to hive away legion files which could be sound files, images videos, paperss and other multimedia files.
The strong connectivity and speedy web shoping via HSUPA connexion over 3G webs makes it much better than any other 3G phones. Since, Galaxy S is Wi-Fi enabled French telephone with DLNA engineering therefore users can trade larger files in a affair of seconds. Social connectivity or networking is popular these yearss, hence, the maker includes all the popular societal or concern networking applications in the phone, so that users can straight link themselves merely by logging into the history. ( Reference 5 )
OS OF SMART PHONES
Most common and basic cellular phones run a proprietary OS which merely provides really basic functionalities such as voice and textual services. However smart phones are driven by complex interface OSs similar as Computer ‘s OSs which includes, Linux, Windows Mobile, RIM OS, Symbian OS and Mac OS X for apple iPhone series. In smart phones, OS is stored in ROM, which is non-volatile memory and it is non tampered or altered even phone is switched away. .
Samsung Galaxy S phones uses Google ‘s Android OS which is extremely celebrated in today ‘s community due to its enhanced attractive feartures. Android OS is based on Linux meat and was foremost launched in 2008 and since so it has passed through different coevalss to come to latest version 2.1. Since is an unfastened beginning platform, which allows developers all about universe to develop applications, huge figure of assorted classs of application are available in its application database.
Architecture of Android OS consist major five constituents viz. Applications, Application Framework, Libraries, Android Runtime and Linux Kernel. The first constituent, Applications are aggregation of plans or tools which offer assorted services to users such as web browse, texting, multimedia etc. Some plans are preinstalled in devices while they are shipped and this includes SMS director, Calendar, Web-Browser etc. The 2nd constituent Application Framework allows export of interfaces in between any two applications. Third constituent, Libraries include a Berkeley Software Distribution ( BSD ) derived System-C library, which is helpful for coders and developers. Java scheduling characteristics are offered by the 4th constituent, Android Runtime. The last constituent, Linux Kernel ( Android uses Linux Kernel 2.6 ) to command low degree procedure such as memory direction and procedure direction.
( Reference -6 )
Samsung Galaxy S phones run Android 2.1 version which is updated to 2.2 version of Google ‘s Android OS series which has gone through long manner and has brought new and improved quality to mobile devices and better serviceability. Android 2.1 1 was foremost introduced in Google ‘s Nexus One smart phones, and brought assorted exciting new characteristics and capablenesss. One of the major promotion is widening the voice hunt capablenesss found on its replacements, by offering users the option to interpret address into text in any text entry field. It besides came with alive and synergistic live wall documents and 3D effects were brought into OS. ( Reference -7 )
SMART PHONES EVOLUTION AND MARKET
Smart phone has become powerful device in accomplishing ends of permeant calculating vision. It is a good promising calculating platform, offering extended informations processing and hive awaying capablenesss. Assorted theoretical accounts of Smart Phones are available in today ‘s market, and these devices incorporate advanced advanced communicating engineerings, which enables them to feel and response to environment with the aid of embedded cameras and detectors. In position of the fact that, Smart phones offer legion types of utile information services, it is non surprising that there is a considerable involvement among the today ‘s community towards smart phone industry. ( Reference – 8 )
Smart phone makers, are good motivated in seeking new advanced ways to distinguish themselves in the market to beef up their client bonds. This makes, germinating of new and exciting betterments to devices in footings of design and characteristics. These factors provide answer to the inquiry why the power of smart phone has strengthened in the market in recent old ages compared to the cell phone market. The figure below represents consequences of a research done by intel in 2009 which shows Cell phone, Smart phone and Laptop cargos worldwide from 2004 – 2008, and estimated cargos for 2008 – 2013.
Based on the statistics represented in the above graph, it clearly shows an increasing growing of cargos of Smart phones across worldwide and it is expected be to increasing this tendency over approaching old ages. In 2006, cargos of Laptops were at around 86 million and Shipments of Smart phones were merely behind of Laptop gross revenues. However statistics of 2007 shows Smart phone ‘s gross revenues has overtaken the gross revenues of Laptops which is a immense accomplishment for Smart phones industry. The demand for Smart phones has increased over recent old ages as they are executing as same degree as Laptops and people prefer it due to its portability and serviceability.
Due to some restrictions and challenges, Smart phone ‘s gross revenues are lower than the gross revenues of cell phones and this tendency is estimated to be continued in future. One of the major grounds is, the cost of Smart phones in the market related to cost of Cell phones. Most of the Smart phones theoretical accounts are 3 to 5 times expansive than normal Cell phones, nevertheless costs of Smart phones are finally falling, due to handiness of legion theoretical accounts and demand is being increasing. Another restriction is power ingestion of smart phones and decreased battery life compared to normal Cell phones. Since battery life is considered as a critical factor for most of the people in preferring their phones, Smart phone industry is working on happening better solution for this issue, in order to drive forward its market.
( Reference 9 )
Even with these restrictions, there is a important involvement in Smart phone industry and it remains as a hot market. Harmonizing to, 4th one-fourth smart phone market study 2010, published by Gartner, the sale volume of smart phone in the twelvemonth 2009 was 53.8 million which is an increase of 41.1 % compared to 2008 gross revenues. The same consequences were appeared in the research done by NDP Group and their research besides mentioned that, ache phone Android market topographic point in the first one-fourth of 2010 has overtaken the 2nd place by accomplishing an addition of 28 % based on unit gross revenues ( Reference 10 ) . This shows the demand for Android platforms are increasing and its community will acquire wider in coming old ages.
Samsung, the universe ‘s 2nd largest nomadic phone maker, announced its Android Galaxy S in June 2010 which has four different versions. Samsung had partnered with the four major bearers of US ( AT & A ; T, T-Mobile, Sprint and Verizon ) in establishing Galaxy S which would hike the market for this smart phone. Within the first three months, since the launch of the Galaxy S in US, over one million devices were sold which is a record for Samsung itself. And in some Asiatic states like South Korea and Taiwan gross revenues of Samsung Galaxy S smart phones has overtaken the gross revenues of iPhone which is the most popular phone around universe. ( Reference -11 )
EVIDENCE ITEMS AVAILABLE IN MOBILE PHONES AND POSSIBLE SOURCES
A nomadic phone seized from a offense scene, could incorporate legion grounds points, with immense significance in an scrutiny. Basic beginnings of groundss in a typical Mobile phone include, SIM, Internal Memory, Memory cards and besides Network service suppliers. Common types of memory cards used in nomadic phones include SD, MMC, CF and these cards are capable of hive awaying up to 32GB of informations. All these cards are compatible with Computers, as most of them use FAT file system and contents of it can be viewed and synched to computing machines.
For the recovery of informations from a SIM of memory card in a forensic sound mode, a carder reader will be required. By using probe processs carefully, it is possible to recover important sum of deleted informations from a memory card with the usage of tools such as Encase or FTK. Using appropriate techniques and tools, tester could recover deleted informations such as contacts, text messages, paperss, chat logs and assorted formats of media files.
Networker service supplier or mobile phone operator besides could play an of import function in an probe, as they hold a immense volume of information about the endorser and his/her activities within the web. Name information records ( CDRs ) , information about messages and personal information of endorser ( Name, Address, Nationality, IC, Secondary contacts ) are such valuable information that could be retrieved from the service supplier. In add-on, with the aid of a specialised tool felon can be tracked by detecting nomadic Numberss from IMEI and graphical use of a peculiar phone can besides be tracked.
( Reference -12 )
CHALLENGES ASSOCIATED WITH MOBILE PHONE FORENSICS
Forensic probe of nomadic phones is an emerging and disputing field where, processes and processs need to be reviewed continuously. This is necessary as engineering supports on altering, and new innovations are being shipped every twenty-four hours. Numerous figure of nomadic phone ‘s theoretical accounts exists today, and each theoretical account differs in architecture and design. Most of the nomadic phone tallies proprietary runing systems, and due to these close operating systems, research workers face a immense challenge in happening compatible tools for their scrutiny procedure.
While transporting forensic probe on a nomadic phone, any signals need to be blocked as signals may do intervention to procedures of phone and besides it may do an change to data. This seems to be a ambitious procedure, as if phone is non shielded decently, phone will seek for webs and would rapidly cut down its battery life-time, doing loss of volatile informations. Another of import challenge that needs to be tackled is struggles arise to different runing systems and their versions. Specific drivers are needed for different runing systems, and their belongingss ( file system, memory direction ) differ to a great extent which shows a demand of specific tool for every theoretical account.
Another job arises when the phone needs to be connected to PC for acquisition and analysis of groundss. There is no cosmopolitan or standard interface, each maker has developed its ain coach or interface mediums. Therefore research workers have to seek for the appropriate overseas telegram which would be compatible with the device in manus. Forensic package compatibility is besides an issue, since each tool has certain advantages and disadvantages both with respects to theoretical accounts supported and package characteristics. Research worker should hold cognition about the phone in order to choose the most suited tool for the probe.
Authentication mechanisms established for nomadic phones is besides a challenge, research worker would confront while covering a phone seized from a offense scene. SIM and informations could be protected by a PIN ( Personal Identification figure ) and watchwords. Detecting PIN, PUK ( Phone Unlock Key ) and other security codifications might be a hard undertaking at sometimes. Trap can be tried three times, while 10 efforts can be made to come in the right Personal Unblocking Code ( PUK ) . ( References 13 & A ; 14 )
MOBILE FORENSIC TOOLS
There are several types of package tools available for forensic scrutiny of French telephones. These tools are specially designed for acquisition, saving and scrutiny of digital groundss contained in a cell phone. Most of the tools are specially designed for distinguishable platforms and their compatibility is limited since most of the theoretical accounts are shipped with proprietary runing systems instead than a standard operating systems. These tools allow acquisition of groundss in a forensically sound mode, and to protect its unity by ciphering appropriate hash values and make studies. Different tools support different interfaces for acquisition of informations from device, and most common methods are Cables ( USB ) , irDA, Bluetooth and radio. ( Reference 15 ) Before choosing a tool for probe procedure, tester demands to analyse the available tools, to choose the most appropriate tool that supports the device in manus and could warrant its consequences in a forensic mode.
1-Secure View is merchandise of Susteen, which allows testers to get informations from nomadic phones that supports most common webs including GSM, CDMA and TDMA. The recent version of Secure View provides tester ability to carry on analysis SIM card with the aid of PC/SC-compatible reader. In unafraid View information is extracted in separate groups of file such as Address book, SMS, Graphics and Audio. It is a commercial forensic tool and the buying bundle includes necessary overseas telegrams and drivers for supported phones. The chief restriction with this tool is that it does non supply hashing capablenesss which is found in most of the forensic tools. However examiner can procure files with watchwords. It is compatible with merchandises of Motorola, Nokia, Samsung, Sony Erikson, LG, Sanyo, Kyocera, Audiovox and Siemens.
2-The Cell Seizure Toolbox is a merchandise of Paraben which offers capableness of aggregation and scrutiny of informations retrieved from assorted theoretical accounts of cell phones and look intoing unity of groundss. It supports GSM, TDMA, and CDMA cell phones and besides it allows acquisition of text messages, reference books, call logs, deleted files and complete acquisition of SIM card informations. Advance hunt functionality is capable executing seeking utilizing text and jinx values and Cell Seizure tool box generates first-class studies in html format. It supports devices of industries: Nokia, Samsung, Siemens, Motorola and Sony Ericson.
3-SIMIS is a merchandise released by Crownhill as SIM package with the capablenesss of pull outing informations contained in a cell phone SIM. It requires a USB dongle as interface medium with a computing machine, and it is capable of procuring the unity of extracted groundss by making cryptanalytic hashes. Its characteristics allow retrieving of active and deleted informations such as text messages and contact information. This tool comes with a stand-alone SIMIS Mobile Handheld reader which can capture SIM informations that could be transferred to computing machine. The chief negative facet of this tool highlighted by experts is the obscure format of the study it generates.
4-Oxygen Phone Manager has two versions, viz. non-forensic version and forensic version which is used by jurisprudence enforcements and legal governments. Forensic version is used for forensic probes of cell phone devices and it is capable of procuring informations extracted being altered and tampered. The Oxygen Phone Manager ( OPM ) is compatible with cell phones and Smart phones manufactured by Nokia, Sony Ericson, Siemens, Panasonic, Samsung, Sendo and Benq theoretical accounts. Latest version of OPM supports Android platforms, and it is allows research workers to export extracted informations in assorted different formats.
5-MOBILEedit! Forensic is an application good known for its capableness of geting, seeking and analyzing informations carried by cell phone devices. It supports devices on GSM, CDMA, PCS webs, and device could be connected via Cable, IR and Bluetooth. When the device is connected with the MOBILEEdit! , it is able to place device ‘s maker, theoretical account figure, consecutive figure ( IMEI ) and besides provides an image of the device being connected. This application has the capableness of geting call records, text messages and multimedia files and these informations are stored in.med file format. In add-on, it provides service of myPhoneSafe.com which provides entree to IMEI database where user can register and look into for stolen phones.