Question

You have been assigned a case that needs mobile forensic analysis. A mobile is found from the suspect’s office, and it might have critical information related to the case.

a) Discuss the information that can be retrieved from this mobile’s SIM card.

b) Illustrate the general procedure to access the content on this mobile phone SIM card.

c) Explain measures to validate data on this mobile.

Answer 1

Mobile Forensic helps in retrieving the digital information and datas from the device which might be helpful in solving any case.

a) The various information that can be retrieved from Mobile's SIM card are:

Call history like incoming calls, outgoing calls, missed calls.

The contacts details from phone book and the text messages along with details.

Photos, videos, and documents stored in the phone

Browsing history, items downloaded and other internet related details.

Deleted datas, files, call record and messages.

Passwords, passkeys and bank details.

b) Procedure to access the content from SIM card is given below:

1) Seizing: The device which has to be go through the forensic process may contain the fingerprints of the persons that may be helpful in solving the case. So the device should be kept safe in a airtight packet without touching it directly by wearing gloves in hands.

2) Phone jammers and Airplane mode: The device may be connected to any network. So, we should make sure that it is not connected to any network or device. So a jammer and Airplane mode is applied.

3.) Data Acquisition: The datas or contacts in the SIM card can be retrieved or accessed using the SIM card imagining technique. This creates a replica of the SIM card from which all the datas of SIM card can be retrieved. The original SIM card is kept undisturbed using this technique and the contents can be easily accessed.

c) The datas which has to extracted from the mobile has to be validated first. The validation is done by using any application that is reliable enough to do the task of validation of datas from mobile. The datas which are there in mobile shouldn't be disturbed or deleted. It should be using authentic application and storage device to keep the retrieved datas safe and secure. A proper examining and analysis of the datas should be performed to get the right information from it.

The validation requires various softwares and skilled professionals for the task to be done.