A Study on the Differences of Capturing Digital Evidence by Forensic Tools Based on Mobile Device Platform

碩士 === 國防大學 === 資訊管理學系 === 103 === With the popularity of mobile devices and Internet use, crime information network has been significantly improved, the crime scene is no longer limited to physical traces card crime, law enforcement officers with traditional forensic equipment and tools are insuffi...

Full description

Bibliographic Details
Main Authors: Chang Feng Pin, 鄭鋒濱
Other Authors: Yen liug yin
Format: Others
Language:zh-TW
Published: 2014
Online Access:http://ndltd.ncl.edu.tw/handle/75964868104108420059
Description
Summary:碩士 === 國防大學 === 資訊管理學系 === 103 === With the popularity of mobile devices and Internet use, crime information network has been significantly improved, the crime scene is no longer limited to physical traces card crime, law enforcement officers with traditional forensic equipment and tools are insufficient to capture Internet digital space scene evidence.Therefore, law enforcement officers are required to understand the extent of the platform for mobile devices, such as electromagnetic records which may be generated, which will not get the record, what tools should be used to carry out forensic,it’s their basic knowledge. In response to the investigation of crime and improve smartphone efficiency and detection rate, investigators must be able to promptly identify and trace the source of the problem and, through compliance with standard operating procedures, evidence collection and processing so that come with digital evidence in court evidence probative force and enhance the professionalism of the forensic report and credibility. Thus, for different smartphone platforms crime patterns, what type of digital evidence should capture and use what professional forensic tools in order to effectively and quickly for digital forensic evidence, as court evidence in the courts has become very important. and how to provide an appropriate recommendations or guidelines for the use of law enforcement personnel reference, has become very urgent and important issues worth exploring. This study attempts to create a different smartphone platforms use the same context, and the use of different professional forensic tools implementation, by sorting, classification, analysis and other steps to retrieve the digital evidence to compare the implementation of key differences, such as the mirror file produced time, file restore time, the identification data integrity, data identification readability, data identification number, to restore the hardware and software categories and support system, expect to obtain an objective relative differences in data, and then for different smartphones platform crime patterns, what type of digital evidence should capture and use what professional forensic tools in order to effectively and quickly for digital forensic evidence put forward appropriate recommendations or guidelines related to law enforcement officers to serve for reference use; study showed relevant information is available forensic personnel familiar with the operation and forensic tools to be an effective reference for the court, and proposed future direction for the development of resistance and forensic work.