mobile incident response and investigations 1
The mobile platform is experiencing explosive growth, and with that growth comes cyber-incident analysis and response challenges. There are literally several thousand types of mobile devices, with many types of interfaces, operating systems, and connectivity options. This type of environment has many implications for the incident responder. The number of devices makes it impossible to be well versed in each one, complicating analyses. The sheer number of devices also creates a massive expense simply trying to stay abreast of the major players in the market space. Complicating this further is that mobile devices can be the target of a security incident, but mobile devices can also prove to be an elusive means to coordinate, support, or execute an attack. The nature of mobile devices presents other challenges as well, including the ability to remotely access devices and the ability to remotely wipe out evidence, an evidence destruction process that can occur rapidly in a flash memory environment.
Mobile forensics is an increasingly complex environment for investigators because of the rapid rate of innovation and adoption of new technologies, applications, and hardware. Smartphones are being used in so many different ways that they have become a central focus in digital forensic investigations. The mobile platform is a forensic challenge because of the number of third-party applications found on many devices and the rapidly evolving security measures employed by device manufacturers and application developers.
In this project, you will write a 13- to 21-page White Paper that describes the current state of mobile incident response and investigation. The context is that as a forensic investigator, you are providing an objective overview of mobile technology and digital forensic and incident response capabilities for a law enforcement unit that has limited experience and capability with mobile forensics.
Your White Paper will describe mobile investigative challenges and the techniques and technologies available to perform mobile forensic examinations. You will also provide your personal perspective on the future of mobile forensics — the biggest threat to mobile forensics in years to come, and the biggest opportunity for investigators of mobile cybercrime. The most successful papers will include references to resources outside of the classroom.
There are six steps in this project. Each step focuses on one required element of the White Paper to be submitted at the end of this project. In Step 1, you will provide an overview of mobile technologies and cellular networks. Are you ready to get started?
When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission.
- 1.3: Provide sufficient, correctly cited support that substantiates the writer’s ideas.
- 1.5: Use sentence structure appropriate to the task, message and audience.
- 1.6: Follow conventions of Standard Written English.
- 1.7: Create neat and professional looking documents appropriate for the project or presentation.
- 2.1: Identify and clearly explain the issue, question, or problem under critical consideration.
- 5.1: Demonstrate best practices in organizing a digital forensic investigation.
- 6.1: Perform report creation, affidavit creation, and preparation to testify
- 6.2: Demonstrate ability to investigate Mobile Technology