dfm covers
 
 

Advanced Forensic Analysis on Windows Mobile Systems

Written by DFM Team


Advanced Forensic Analysis on Windows Mobile Systems

Advanced mobile forensics techniques to analyse a Windows mobile device without expensive equipment


In the last few years’ hand-held devices experienced an impressive commercial success and a widespread diffusion. As a consequence, their use in criminal activities has also grown. The forensic investigation techniques applied to mobile devices have therefore become an important aid to law enforcement. In an analogous way to computer operating system, in Windows Mobile crucial information is stored in system registries, while information about user preferences and activities can be found in proprietary databases. In this paper we adopt an advanced technique, based on RAPI Tools, to extract information from Windows Mobile devices and analyze them with Forensic Tools like Encase and Windows Mobile emulators.

Hand-held devices like PDA, cell phones, smartphones, GPS etc, contain a huge quantity of evidence: subscriber, list of calls, contacts, sms, emails, multimedia files, and other kind of data stored in configuration files and databases. Data extraction techniques, from a mobile device, can be divided into two classes: physical and logical extraction. A logical extraction technique allows acquiring only visible data at the file system level, while physical extraction techniques permit you to acquire all the data stored in an electronic device.



Find out more - subscribe to DFM today and read the full article. Or if you're a subscriber, login and read the article online.


 
Please make cache directory writable.
 

Submit an Article

Call for Articles

We are keen to publish new articles from all aspects of digital forensics. Click to contact us with your completed article or article ideas.

Featured Book

Learning iOS Forensics

A practical hands-on guide to acquire and analyse iOS devices with the latest forensic techniques and tools.

Meet the Authors

Andrew Hoog

Andrew Hoog is the Chief Investigative Officer at viaForensics'

 

Coming up in the Next issue of Digital Forensics Magazine

Graph Database Technology

Attackers examine how your assets are connected, looking for a vulnerable part of the network, and navigating via methods such as “spear phishing.” What they’re really doing is abstracting out the graph of your networked systems, which is the set of security dependencies. Read More »


Fraudulent Use of Digital Images and Detection Survey

This article looks at the basic concepts related to image forgery; the types, detection procedure algorithms and all possible techniques to detect malicious signatures ibased on forgery types and detection techniques. Read More »

Subscribe today


Discovery in the Cloud: An Investigator’s Close Look at Unexpected Risks and Challenges

Documents residing in cloud storage accounts are increasingly coming into scope in digital forensic investigations such as IP theft, regulatory, corruption, merger clearance and civil matters.  Read More »


Every Issue
Plus the usual Competition, Book Reviews, 360, IRQ, Legal

Click here to read more about the future issues