Introduction to Windows Mobile Forensics
نویسندگان
چکیده
Windows Mobile devices are becoming more widely used and can be a valuable source of evidence in a variety of investigations. These portable devices can contain details about an individual’s communications, contacts, calendar, online activities, and whereabouts at specific times. Although forensic analysts can apply their knowledge of other Microsoft operating systems to Windows Mobile devices, there are sufficient differences that require specialized knowledge and tools to locate and interpret digital evidence on these systems. This paper provides an overview of Windows Mobile Forensics, describing various methods of acquiring and examining data on Windows Mobile devices. The locations and data formats of useful information on these systems are described, including text messages, multimedia, e-mail, Web browsing artifacts, and Registry entries. This paper concludes with an illustrative scenario involving MobileSpy monitoring software. a 2010 Elsevier Ltd. All rights reserved.
منابع مشابه
A Novel Method for Windows Phone Forensics
Mobile forensics is a branch of cyber forensics which helps in extracting evidence from mobile devices. A variety of software tools are available from different vendors for performing the acquisition and analysis of handheld devices ranging from basic phones to smart phones. From an investigator’s point of view, information like call log, sms, mms, contacts, multimedia and other user related fi...
متن کاملA comparison of forensic evidence recovery techniques for a windows mobile smart phone
Acquisition, decoding and presentation of information from mobile devices is complex and challenging. Device memory is usually integrated into the device, making isolation prior to recovery difficult. In addition, manufacturers have adopted a variety of file systems and formats complicating de-coding and presentation. A variety of tools and methods have been developed (both commercially and in ...
متن کاملWindows Phone 7 from a Digital Forensics' Perspective
Windows Phone 7 is a new smartphone operating system with the potential to become one of the major smartphone platforms in the near future. Phones based on Windows Phone 7 are only available since a few months, so digital forensics of the new system is still in its infancy. This paper is a first look at Windows Phone 7 from a forensics’ perspective. It explains the main characteristics of the p...
متن کاملWindows Mobile advanced forensics
Windows CE (at this moment sold as Windows Mobile) is on the market for more than 10 years now. In the third quarter of 2009, Microsoft reached a market share of 8.8% of the more than 41 million mobile phones shipped worldwide in that quarter. This makes it a relevant subject for the forensic community. Most commercially available forensic tools supporting Windows CE deliver logical acquisition...
متن کاملData Recovery from Windows CE Based Handheld Devices
Data hiding creates serious problems for digital forensic practitioners attempting to recover evidence. It is possible to conceal large amounts of sensitive data in handheld devices in a manner that prevents their recovery using standard forensic tools. This paper describes a technique for recovering data stored in the slack memory of Windows CE based devices. A case study involving data hiding...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Digital Investigation
دوره 6 شماره
صفحات -
تاریخ انتشار 2010