Use this URL to cite or link to this record in EThOS:
Title: Architecture and design of Process Based Framework for Mobile Forensics (PBFMF)
Author: Al Tawqi, Masoud
ISNI:       0000 0004 6501 0111
Awarding Body: University of Surrey
Current Institution: University of Surrey
Date of Award: 2018
Availability of Full Text:
Access from EThOS:
Access from Institution:
Over the last two decades, the world has witnessed a vast increase in smart phones devices usage, where mobile phone devices have become an integral part of our daily routine. As a result, this has created security issues and lead to an increased dependency on smartphone usage, criminal activities and/or illegal practices. This increase in crimes committed by or via smartphones has made it a necessity for digital forensics experts to come up with reliable tools that can be used to help in extracting data from those smart phones. Currently mobile forensics work is fragmented and although attempts have been made to develop conceptual frameworks for mobile devices in the past few years, there is however, no common framework adopted to date that meets the needs of the ever changing and expanding world of mobile devices. A comprehensive survey of mobile forensics frameworks in this research revealed that current frameworks tend to focus on targeting specific operating systems, responding to specific issues, or use complicated steps that make it difficult for users to follow. Some are also based on desktop and non-mobile device models. Also, tools analysis was carried out benefitting from NIST guidelines, where areas in which each tool should be tested and how the test should be conducted are specified. The results of the Tools Analysis were not encouraging, and quite surprising that many challenges that existed at the advent of the mobile devices have not been solved. Without the existence of a generalized Process Based Framework for Mobile Forensics (PBFMF) to provide the appropriate guidelines, steps and procedures to be followed during the digital forensic phases, it will not be as simple as it might appear to extract data in an appropriate way from smart-phones even with the utilisation of the most popular tools. Based on the research and analysis in this thesis, it was clear that there is a need for a set of effective methods to ensure that extracted and examined information from mobile phones devices are not tampered with, accepted by a court of law, or can be relied upon as an undisputed means of proving that something has or has not taken place. A new PBFMF that is platform independent, open architecture, extensible and capable of integrating newer mobile device technologies is presented in this thesis. It formulates a better understanding of the barriers to using forensics tools effectively and appropriately. Key words: Processed Base Framework, Mobile Forensics Tools, Digital Forensics, Operating Systems, Smart Phones.
Supervisor: Cruickshank, Haitham ; Sun, Zhili Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID:  DOI: Not available