Multi-platform Process Flow Models and Algorithms for Extraction and Documentation of Digital Forensic Evidence from Mobile Devices

TL;DR

This paper presents a generic process flow model for extracting and documenting digital evidence from various mobile devices, aiming to standardize procedures and ensure repeatability and legal defensibility.

Contribution

It introduces a universal process flow model applicable across multiple mobile operating systems, validated through expert opinion, to improve forensic evidence extraction.

Findings

Model aids standardization of evidence extraction

Validated through expert feedback

Supports legal defensibility of forensic processes

Abstract

The increasing need for the examination of evidence from mobile and portable gadgets increases the essential need to establish dependable measures for the investigation of these gadgets. Many differences exist while detailing the requirement for the examination of each gadget, to help detectives and examiners in guaranteeing that of any kind piece of evidence extracted/ collected from any mobile devices is well documented and the outcomes can be repeatable, a reliable and well-documented investigation process must be implemented if the results of the examination are to be repeatable and defensible in courts of law. In this paper we developed a generic process flow model for the extraction of digital evidence in mobile devices running on android, Windows, iOs and Blackberry operating system. The research adopted survey approach and extensive literature review a s means to collect data. The models developed were validate through expert opinion. Results of this work can guide solution developers in ensuring standardization of evidence extraction tools for mobile devices.