Abstract
With the increasing number of mobile phones and mobile applications, there is a noticeable rise in cybercrimes. Hence, an urgent need for mobile forensics. Before starting investigation, the investigator should choose one of the acquisition types; physical acquisition, logical acquisition or manual acquisition. The current mobile acquisition tools use these methods to produce an image of the entire mobile content, files of specific datatypes, or data of a certain application. Unfortunately, the resultant output does not facilitate investigating cases related to specific mobile application, since the tool might acquire more than what is needed which requires investigators to filter data manually, or acquire all the application’s data without sufficient analysis. Both cases are effort and time consuming. This study analyzes and compares currently available forensics tools that are designed to extract WhatsApp data only. The comparative study is based on two aspects; National Institute of Standards and Technology (NIST) Mobile Device Tool Test Assertions and researchers’ requirements. The results of the comparative study showed a shortage in the current WhatsApp forensics tools as they do not satisfy all NIST Test Assertions. Additionally, several researchers’ requirements such as: creating projects, comprehensive analysis, applying filters and validating the extracted files, were not met in the studied tools.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
