Chat with us, powered by LiveChat Mobile forensics is the process of obtaining information on a mobile device such as a smartphone or tablet. The technology has grown in sophistication, and it can be used to uncover hidden | Wridemy

Mobile forensics is the process of obtaining information on a mobile device such as a smartphone or tablet. The technology has grown in sophistication, and it can be used to uncover hidden

Mobile forensics is the process of obtaining information on a mobile device such as a smartphone or tablet. The technology has grown in sophistication, and it can be used to uncover hidden

Need it asap in 4 hours. Assignment is done but plagiarism level is too high and referencing is wrong. Need someone who can fix these problem.

Contents Introduction 2 What It Is 2 How It's Used 2 Steps in Mobile forensics 3 1. Seizure 3 2. Airplane mode 3 3. Phone jammer 3 4. Faraday bag 3 Acquisition 3 Examination and analysis 4 Invasive methods 5 1. Chip-off 5 2. Micro read 5 Case study 5 CSI wife killers case Ireland 5 Phone evidence clinched conviction of lying wife-killer 6 Mobile records checking 6 Conclusion 7 References 8

Mobile Forensic


Mobile forensics is the process of obtaining information on a mobile device such as a smartphone or tablet. The technology has grown in sophistication, and it can be used to uncover hidden content on devices, including text messages, apps and Wi-Fi connections. Mobile forensics goes beyond mere wireless security breaches. Today's mobile forensic tools can uncover true digital evidence and unlock devices with few endpoints or even no recovery partitions to access."

Mobile forensics is increasingly important in today's connected world. In this lesson, you'll learn more about mobile forensics, its uses, and the importance and steps of a forensically sound mobile investigation.

What It Is

A division of digital forensics, which deals with the extraction of data from electronic sources, is mobile forensics. Mobile forensics is specifically concerned with recovering evidence from portable electronic devices like smartphones and tablets. Since so many people send, receive, and search for data via mobile devices today, it makes sense that these devices contain a significant amount of evidence that could be useful to investigators.

Mobile devices can disclose a variety of crucial data, including as phone logs, text messages, web search history, and GPS information that reveals the owner's potential location at any given time.

How It's Used

The secret to gathering digital evidence is following forensically sound procedures, regardless of who utilises mobile forensics or how it is applied. According to Duke University's Electronic Discovery Reference Model, the word "forensically sound" refers to "procedures employed for gathering electronic information in a way that assures it is "as originally discovered" and is dependable enough to be allowed into evidence."

This basically implies that mobile evidence is treated so that it will be admissible in court and that it is not compromised during the forensic procedure. The idea of being forensically sound is based on the fundamental idea that transportable evidence should be kept in the same condition as when it was first discovered.

A defined procedure that helps to guarantee law enforcement or anyone collecting the data follow best practises for doing so lies behind forensically sound mobile evidence collection. Let's examine those actions.

Steps in Mobile forensics

1. Seizure

The foundation of digital forensics is the idea that evidence must always be properly processed, stored, and admissible in court. Mobile device confiscation is accompanied by a few legal considerations.

The activation of the lock (by the user, suspect, or unintentional third party), as well as the network or cellular connection, are the two main hazards associated with this stage of the mobile forensic procedure.

It's always a good idea to isolate your network, and there are two ways to do it: 1) put your phone in aeroplane mode and disable Wi-Fi and hotspots, or 2) copy your device's SIM card.

2. Airplane mode

Mobile devices are frequently confiscated switched on, therefore the best way to carry them is to try to keep them turned on to avoid a shutdown, which would unavoidably change files. This is because the goal of their confiscation is to preserve evidence.

3. Phone jammer

For performing mobile forensics, common pieces of equipment are a Faraday box or bag and an external power source. Unlike the latter, which is a power source implanted inside the Faraday box/bag, the former is a container particularly made to isolate mobile devices from network communications while also assisting with the safe transfer of evidence to the laboratory. To preserve the integrity of the evidence, disconnect the phone from the network, turn off all network connections (Wi-Fi, GPS, Hotspots, etc.), and switch on flight mode before placing it in the Faraday bag.

4. Faraday bag

A Faraday bag is a device that isolates electronic devices from electromagnetic interference. The main benefit of a Faraday bag is that it prevents signals on a phone or computer: phone calls, messages and data transfers. In the legal environment in particular, not only must investigators/lawyers protect their cell phones but also all related devices like laptops and tablets."


The phase's objective is to get data off the mobile device. With the proper PIN, password, pattern, or biometrics, a locked screen can be unlocked (Note that biometric approaches while convenient are not always protected by the fifth amendment of the U.S. Constitution). The Virginia Circuit Court has ruled that while passcodes are protected, fingerprints are not. Additionally, apps, pictures, SMSs, and messengers may all have lock features similar to this. On the other side, encryption offers protection at a hardware, software, or both level that is frequently impossible to defeat.

Controlling data on mobile devices is challenging because the data itself is portable. Control is lost once messages or files are sent from a smartphone. Although a variety of devices can store a large amount of data, the data itself may actually be in another place. As an illustration, data synchronisation between devices and programmes can happen both directly and over the cloud. Users of mobile devices frequently use services like Apple's iCloud and Microsoft's One Drive, which opens the door to data collection from there.

Hardware and software might be able to close the data gap because data is continually being synchronised. Take Uber as an example; it has a website that is both functioning and an app. The Uber website or even the Uber software package installed on a computer can be used to view all the data that is accessible through the Uber app on a phone.

Regardless of the device type, the fragmentation of operating systems and item specs can make it more difficult to locate the data. Even Apple's iOS can change from version to version, and the open-source Android operating system alone has multiple versions. The proliferation and constant evolution of mobile apps present another difficulty for forensic professionals. Make a complete list of all installed applications. Some applications backup and archive data.

The next step is to correctly gather the data when one has identified the data sources. When it comes to acquiring information in the context of mobile technology, there are certain difficulties. Many mobile devices can't be gathered through the creation of an image; instead, they might need to go through a procedure called data acquisition. There are many protocols for gathering data from mobile devices since some design requirements could only permit a particular kind of acquisition. The forensic investigator should employ SIM Card imagining, a technique that generates a copy of the SIM Card's contents. The original evidence will be preserved while using the replica image for analysis, just like with previous replicas. To guarantee that the data is valid and unmodified, all picture files should be hashed.

Examination and analysis

Every digital investigation involving a mobile device or devices must begin with the forensic expert identifying:

What kind of mobile device(s) it is—for example, GPS, smartphone, tablet, etc.

GSM, CDMA, and TDMA networks are available. Carrier service provider (Reverse Lookup)

To get and evaluate data stored on the machine, the examiner may need to employ a variety of forensic tools. There is no one-size-fits-all set of mobile forensic tools because of how different mobile devices might be from one another. As a result, it is recommended to employ many tools when doing an examination. Popular forensic software programmes with analytical features include AccessData, Sleuthkit, and EnCase. Depending on the type and model of mobile device, the best tool or tools are selected.

From the perspective of a forensic analyst, timeline and link analysis, which is accessible in many mobile forensic technologies, could connect each of the most important occurrences.

Invasive methods

They are typically lengthier and more complicated. It is quite likely that the only option to recover data from a device in situations when it is completely non-functional owing to significant damage will be to manually remove and image the device's flash memory chips. The forensic expert might need to physically collect the contents of the chip even if the equipment or object is in good shape

1. Chip-off

A procedure that describes taking data directly out of the memory chip of the mobile device. The chip is removed from the device in accordance with the procedures relevant to this level, and data contained on the device under enquiry is extracted using a chip reader or a second phone. The fact that there are so many different chip kinds available on the mobile market should be recognised as making this procedure technically difficult. The chip-off procedure is also costly, calls for training, and requires the examiner to purchase particular hardware in order to de-solder and heat the memory chip. Unparsed, uncoded, and uninterpreted bits and bytes of raw data are still being extracted from the memory.

The whole process consists of five stages:

Detect the memory chip typology of the device

Physical extraction of the chip (for example, by unwelding it)

Interfacing of the chip using reading/programming software

Reading and transferring data from the chip to a PC

Interpretation of the acquired data (using reverse engineering)

2. Micro read

This technique entails manually viewing the entire memory chip via an electron microscope's lenses in order to examine the information visible there, more specifically the physical gates on the chip. In a word, micro read is an expensive, time-consuming procedure that requires the highest level of competence and is only used in extreme national security crises.

Case study

CSI wife killers case Ireland

CSI wife killers are Ireland's most notorious wife killers — men whose murder trials gripped the nation and whose evil crimes sent shock waves through the spines of the public.

For killing the ladies, they shared their lives with, Joe O' Reilly, Eamonn Lillis, and Brian Kearney are all currently beaten up in jail.

Lillis was ultimately found guilty of his wife's manslaughter, while Kearney and O'Reilly are currently serving life sentences for murder. Although the intricate cases that senior gardai established against these three offenders were unique, they all shared significant similarities.

But in cracking these cases, detectives relied hugely on innovations in technology and forensic science to succeed. There can be little doubt that just two decades ago it would have been almost impossible for the gardai to secure convictions in these investigations. Advances in forensic science, CCTV and the fact that information can be obtained from mobile phones and email mean that gardai are now better equipped to solve serious crime.

Phone evidence clinched conviction of lying wife-killer

DETECTIVES were aware that their investigation into Joe O'Reilly would shed light on a branch of forensic science that could aid criminals in eluding the law.

The prosecution considered expert testimony on the locations and times O'Reilly used his cell phone to be crucial to convincing the jury of his guilt.

The wife-phone killer's would demonstrate that he could not be in two places at once, and this was to prove to be his demise in a case that was primarily built on circumstantial evidence. Communications experts told the court that the location of O'Reilly's phone on the day of the murder contradicted his account of his movements. A garda source said that career criminals would never again dream of using mobile phones registered to them or associates. "Joe O'Reilly was not a career criminal and clearly didn't know his phone could be tracked and place him close to the scene of the crime at a time when he claimed to be somewhere else. What this trial has done, I suppose, is show once again that we have access to this sort of technology. A phone doesn't even have to be used to show where it is."As someone moves across a city, for example, their phone registers to the nearest mast. It doesn't give a precise location, but it can contradict a false alibi.

Mobile records checking

"Checking mobile records is now standard protocol in so many cases, particularly those involving missing persons and homicide. Joe O'Reilly didn't appear to be aware of it."

This is not the first time gardai have used mobile phone evidence, often described as the "new fingerprint", in a high-profile trial. Perhaps the most famous case concerned the 1998 Real IRA bombing of Omagh, which left 29 people dead.

In January 2002, father-of-four Colm Murphy was found guilty at the Central Criminal Court of plotting the atrocity. His 25-day trial heard allegations that he had loaned two phones to the bombers. RUC and gardai working with mobile phone experts, tracked the movements of the phones from the Republic to Omagh and back on the day of the outrage. The prosecution's case was that Murphy had given the phones to the bombers knowing they would be used for unlawful purposes.

Murphy subsequently won an appeal. His conviction was quashed, and a retrial has been ordered. His lawyers are currently arguing for the case to be dropped on the grounds that he is too ill for a retrial.

Nevertheless, the case set a new standard for garda investigations.


Mobile phone evidence helped one of Britain's most notorious killers come to terms with his misdeeds. In August 2002, Holly Wells and Jessica Chapman, two 10-year-old schoolgirls from the English town of Soham, were kidnapped and slain by Ian Huntley. Investigators determined that Jessica's phone was off inside or close to Huntley's home. O'Reilly's phone would also lead to his demise since it revealed he had lied about Nikki Pelley, his lover. He claimed the connection was finished in his statement to garda police, but experts found that a total of 18 conversations and texts were made between his and Ms. Pelley's phones on the day he killed his wife.


Appendix A mapping to cybersecurity framework¶. Appendix A Mapping to Cybersecurity Framework – NIST SP 1800-27 documentation. (n.d.). Retrieved October 17, 2022, from

14, J., 7, S., 28, J., & 6, J. (2021, June 2). The Mobile Forensics Process: Steps and types. Infosec Resources. Retrieved October 17, 2022, from

EclipseForensics. (2021, March 3). The process of mobile device forensics. Eclipse Forensics. Retrieved October 17, 2022, from

CSI wife Killers Ireland. independent. (n.d.). Retrieved October 17, 2022, from

Harkin, G. (2012, November 25). Phone evidence clinched conviction of lying wife-killer. independent. Retrieved October 17, 2022, from


6193719_1058293741_7141666 683091.docx


Submission date: 25-Oct-2022 01:38AM (UTC-0600) Submission ID: 1934831214 File name: 6193719_1058293741_7141666683091.docx (31.51K) Word count: 2439 Character count: 13150




























3 3


















1 1






1 17%

2 16%

3 5%

4 5%

5 5%

6 3%

7 3%

8 2%

6193719_1058293741_7141666683091.docx ORIGINALITY REPORT


Submitted to Coventry University Student Paper Internet Source

Submitted to American Public University System Student Paper Internet Source Internet Source

Submitted to University Tun Hussein Onn Malaysia Student Paper

Submitted to Softwarica College Of IT & E- Commerce Student Paper

9 2%

10 1%

11 1%

12 1%

13 1%

14 1%

15 <1%

16 <1%

17 <1%

Exclude quotes Off

Exclude bibliography On

Exclude matches Off

Submitted to De Montfort University Student Paper

Submitted to London Metropolitan University Student Paper

Submitted to University of Portsmouth Student Paper

Submitted to University of Greenwich Student Paper

Submitted to City University College of Ajman Student Paper

Submitted to University of Huddersfield Student Paper

Submitted to National College of Ireland Student Paper Internet Source

Submitted to Murray State University Student Paper

Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.

Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.

Do you need an answer to this or any other questions?

About Wridemy

We are a professional paper writing website. If you have searched a question and bumped into our website just know you are in the right place to get help in your coursework. We offer HIGH QUALITY & PLAGIARISM FREE Papers.

How It Works

To make an Order you only need to click on “Order Now” and we will direct you to our Order Page. Fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.

Are there Discounts?

All new clients are eligible for 20% off in their first Order. Our payment method is safe and secure.

Hire a tutor today CLICK HERE to make your first order

Related Tags

Academic APA Writing College Course Discussion Management English Finance General Graduate History Information Justify Literature MLA