This report provides a verification assessment of the Targeted Data Extraction System, for the targeted extraction of data from mobile phones for forensic investigations.
This verification assessment report discusses the evaluation of the Targeted Data Extraction System (TDES), to verify claims regarding TDES prototype’s ability to perform targeted extraction of data that were generated and stored on a mobile phone during defined time intervals to the exclusion of information that was not generated and stored during those incident-related intervals. The authors of this report note that one performance requirement was that the TDES should offer at least comparable performance to existing digital forensic software tools available for examining and analyzing mobile devices. The TDES verification testing plan was executed using a phase-gate approach. The ability of the TDES tool to read a file system was assessed by three parameters: the tool correctly read a data system as demonstrated by the calculation of a cryptographic hash for a file; it correctly read the file path for the files of interest; and it correctly interpreted and displayed the metadata of a file, as demonstrated by examination of the file modified/accessed/created times and dates. Assessment outcomes suggested the following: TDES does not have an acquisition function that would allow for more extensive analysis and confirmation of findings; the TDES software operates differently relative to other commercially available mobile forensic tools in that the file is executed by the examiner’s computer, which installs the TDES drivers automatically onto the device when it is connected to the computer; TDES functions differently because it is a manual operation driven by the operator, once the analysis is complete the artifacts from TDES remain on the phone and will be detectable later when a forensic analysis is performed; TDES does not allow for a forensic copy of the data and requires actions that do not reflect sound forensic practice; and TDES does not allow the export of data from other messaging apps.
Downloads
Similar Publications
- A DNA Barcoding Strategy for Blow and Flesh Flies Encountered during Medicolegal Casework
- Using Data Governance and Data Management in Law Enforcement Building a Research Agenda That Includes Strategy, Implementation, and Needs for Innovation
- Introducing the NIJ Forensic Intelligence Framework: Pillars and Guiding Principles for Successful Implementation