Abstract
With the rapid development of technology, mobile phones have become an essential tool in terms of crime fighting and criminal investigation. However, many mobile forensics investigators face difficulties with the investigation process in their domain. These difficulties are due to the heavy reliance of the forensics field on knowledge which, although a valuable resource, is scattered and widely dispersed. The wide dispersion of mobile forensics knowledge not only makes investigation difficult for new investigators, resulting in substantial waste of time, but also leads to ambiguity in the concepts and terminologies of the mobile forensics domain. This paper developed an approach for mobile forensics domain based on metamodeling. The developed approach contributes to identify common concepts of mobile forensics through a development of the Mobile Forensics Metamodel (MFM). In addion, it contributes to simplifying the investigation process and enables investigation teams to capture and reuse specialized forensic knowledge, thereby supporting the training and knowledge management activities. Furthermore, it reduces the difficulty and ambiguity in the mobile forensics domain. A validation process was performed to ensure the completeness and correctness of the MFM. The validation was conducted using two techniques for improvements and adjustments to the metamodel. The last version of the adjusted metamodel was named MFM 1.2.
Highlights
The worldwide use of mobile phone devices is increasing daily
This paper develops a Mobile Forensic Metamodel (MFM) in order to clarify all the necessary activities required by investigators for conducting their task
The purpose of extracting digital evidence from mobile phone devices is to use it in court proceedings, as these devices are frequently used in criminal activities [13]
Summary
The worldwide use of mobile phone devices is increasing daily. Ericsson President and CEO Hans Vestberg expects that by 2020, 50 billion mobile phones will be connected to the web as compared to five billion [1]. Mobile Device, Identification, Securing Scene, Evaluating Scene, Potential Digital Evidence, 62 Procedure, Seizure Device, Integrity, Preparing, Search, Documentation, Recording, Photographing, Evidence Collection, Memory Volatility, PackagingAndSealing, Transporting and Storing Evidence, Isolation, Faraday Cage, Decision, Filtering, Law Enforcement, Validation, Hidden Data Analysis, Equipment, Removable Media, Verification, Interviewing, Internal Memory, Forensic Examiner, Capturing, Forensic Specialist, Forensic Laboratory, Acquisition Method, Logical Acquisition, Physical Acquisition, Manual Extraction, Extraction, Recovering, Search Warrant, Forensic Tool, Examination Data, Copy of Evidence, Forensic Analyst, Potential Evidence, Suspect, Analysis Data, Hash Value, Application and File Analysis, Timeframe Analysis, Court of Law, Results, Evidence, Jurisdiction, Scene, Conclusion, Acquired Data, KeywordSearch, Source, Airplane Mode, Cell Site Analysis, Network Provider.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
