National Institute of Standards and Technology (NIST) researchers have developed a new technique aimed at improving the validation of a crime lab's cell phone forensics tools. Cell phones reveal much about our daily communications, such as calls and texts. A small chip card within most phones, called an identity module, stores this and other data for a subscriber. A subscriber identity module (SIM) accommodates phonebook entries, recently dialed numbers, text messages and cellular carrier information. Forensic examiners use off-the-shelf software tools to extract the data, allowing them to "connect the dots" in a criminal case such as identifying affiliations or detecting mobile phone activity around the time of an event.
But for this information to be used as evidence in court or other formal proceedings, the software tools that forensic teams employ are normally validated to determine suitability for use. Currently, preparing test materials for assessing cell phone tools is labor intensive and may require learning new command languages to perform the process.
NIST scientists detail their proof-of-concept research in a NIST Interagency Report, Mobile Forensic Reference Materials: A Methodology and Reification. They also developed an experimental application, called SIMfill, and a preliminary test dataset that follows the methodology described in the report. SIMfill can be used to automatically upload cell phone data such as phone numbers and text messages to "populate" test SIMs that can then be recovered by forensic cell phone tools. In this way, examiners can use SIMfill as one method to assess the quality of their off-the-shelf tool.
"Our research was a proof of concept," report author Wayne Jansen says. "Hopefully, forensic examiners will use our work to validate mobile forensics tools thoroughly before they employ them." The next step in the research is open. Scientists could expand the technique for mobile handsets and other types of identity modules, or the forensic community could decide to adopt this dataset and application as an open source project, according to Jansen.
http://www.sciencedaily.com/releases/2009/12/091202091032.htm
No comments:
Post a Comment