![]() Unfortunately, with mobile forensic always it is not possible to use this method. Physical - It is a bit-to-bit copy of the device and allow to recover deleted data.Below overview has been given about each. There are three methods used for the data extraction from the Android devices. But we could calculate the hash value of the extracted data through logical extraction or of the image file extracted through physical extraction. As previously mentioned it is almost impossible to interact mobile device without altering it. MD5 or SHA are widely used algorithms to calculate the Hash values of the evidence. Hashing - Hashing is the method used to prove the integrity of the evidence.It is crucial because it keeps track of the Digital evidence. It includes details like serial no, case no, locker no, investigator's name, time and date during each step, details of evidence transportation. Chain of Custody - Chain of custody is the document to maintain each record of the Digital evidence from the collection to presentation.Forensic Investigator can remove SIM card, Switch to Airplane mode or Use Faraday's Bag or Jammer There are several ways that could be followed according to the scenario.So, the first step should be to isolate the mobile device from the network. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |