Comparative Study of Different Mobile Forensic Tools for Extracting Evidence from Android Devices

M. Abou-Elzahab, Ramy; F. Al Rahmawy, Mohammed; T. Hamza, Taher

doi:10.21608/mjcis.2020.321070

Comparative Study of Different Mobile Forensic Tools for Extracting Evidence from Android Devices

Document Type : Original Research Articles.

Authors

Faculty of Computers and Information, Computer Science Dept. Mansoura University, Egypt

10.21608/mjcis.2020.321070

Abstract

Nowadays there are more than one billion smartphone users all over the world, principally Android smartphone users because of its small size and its ease to help users in most tasks of their daily life. Therefore, smartphones can give huge amount of evidence and information to forensic investigators if a crime has happened. In our research, it has been chosen four forensic tools: MOBILedit, Oxygen forensic, Autopsy and Andriller and made a comparison among them while extracting data from a smartphone and a tablet with different Android versions. On the other hand, it has been examined the extracted data, identified the important extracted data and the unreadable data, so that the evidence can be accepted in a court of law. It has been proved that the free open source tools could extract many evidence data but not as good as the extracted data with a paid tool as MOBILedit forensic tool. There are no any open source tool could extract all important evidence data separately.

Keywords