Mobile Forensics: Investigation and Tools |
||
 |
 |
|
| © 2025 by IJCTT Journal | ||
| Volume-73 Issue-6 |
||
| Year of Publication : 2025 | ||
| Authors : P. S. Vinayagam | ||
| DOI : 10.14445/22312803/IJCTT-V73I6P102 | ||
How to Cite?
P. S. Vinayagam, "Mobile Forensics: Investigation and Tools," International Journal of Computer Trends and Technology, vol. 73, no. 6, pp. 7-15, 2025. Crossref, https://doi.org/10.14445/22312803/IJCTT-V73I6P102
Abstract
Mobile devices, particularly smartphones, have become integral to daily life. The personal and sensitive information stored on these devices has become hot targets for cybercriminals. Crimes such as mobile banking fraud, online scams and payment fraud are taking new forms daily. Mobile phones are also being used for money laundering operations to transfer or exchange illicit funds through mobile payment platforms. Either way, the involvement of mobile phones in committing crimes or mobile devices being targets of attacks has made them a critical source of digital evidence in forensic investigations. To extract evidence from these devices, mobile forensic tools have become essential for law enforcement agencies to preserve, extract and acceptably analyze data from mobile devices in law courts. An in-depth examination of the current state-of-the-art mobile forensic tools is essential to help the investigators make an informed choice while selecting the tools. This paper explores four mobile forensic tools: Cellebrite UFED, XRY, Oxygen Forensics Detective, and Magnet AXIOM. A comprehensive overview of the tools is presented, focusing on their capabilities, technicalities and shortcomings in the ever evolving mobile ecosystem. Key functionalities such as accessing locked devices, deleted data recovery, app data parsing, cloud storage access, decryption of encrypted data, and timeline generation are discussed to assess the effectiveness of the tools. Even though these tools have become sophisticated over time, they face several technical challenges. No single tool provides a complete solution for mobile forensic investigation. It is recommended that a combination of tools, based on the case-specific requirements, device types and the nature of data extraction, be used. This paper underscores the importance of constant updates, a wide range of device support, and legal compliance to perform mobile forensic tools effectively.
Keywords
Cybersecurity, Cyber investigation, Digital forensics, Forensic tools, Mobile forensics.
Reference
[1] Arafat Al-Dhaqm et al., “A Review of Mobile Forensic Investigation Process Models,” IEEE Access, vol. 8, pp. 173359-173375, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[2] Bhavini Patel, and Palvinder Singh Mann, “A Survey on Mobile Digital Forensic: Taxonomy, Tools, and Challenges,” Security and Privacy, vol. 8, no. 2, pp. 1-27, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[3] Victor Agboola, Jude Osamor, and Funminiyi Olajide, “Evaluating the Efficiency of FTK, Autopsy, and Mobile Forensic Tools: A Comparative Study in Criminal Investigations,” International Journal of Intelligent Computing Research, vol. 15, no. 1, pp. 1279-1291, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[4] Rizwan Ahmed, and Rajiv V. Dharaskar, “Mobile Forensics: An Overview, Tools, Future Trends and Challenges from Law Enforcement Perspective,” Proceedings of 6th International Conference E-Governance, pp. 312-323, 2008.
[Google Scholar]
[5] Imam Riadi, Anton Yudhana, and Galih Pramuja Inngam Fanani, “Mobile Forensic Tools for Digital Crime Investigation: Comparison and Evaluation,” International Journal of Safety & Security Engineering, vol. 13, no. 1, pp. 11-19, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[6] Ritika Lohiya, Priya John, and Pooja Shah, “Survey on Mobile Forensics,” International Journal of Computer Applications, vol. 118, no. 16, pp. 6-11, 2015.
[CrossRef] [Google Scholar] [Publisher Link]
[7] Sthembile Ntshangase et al., “A Survey of Digital Forensic Tools for Android and iOS Smart Phones,” IEEE International Conference on Cyber Security and Resilience, London, United Kingdom, pp. 139-145, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[8] Ramy M. Abou-Elzahab, Mohammed F. Al Rahmawy, and Taher T. Hamza, “Comparative Study of Different Mobile Forensic Tools for Extracting Evidence from Android Devices,” Mansoura Journal For Computers and Information Sciences, vol. 16, no. 1, pp. 1-12, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[9] Almaha Almuqren et al., “A Systematic Literature Review on Digital Forensic Investigation on Android Devices,” Procedia Computer Science, vol. 235, pp. 1332-1352, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[10] Oluwafemi Osho, and Sefiyat Oyiza Ohida, “Comparative Evaluation of Mobile Forensic Tools,” International Journal of Information Technology and Computer Science, vol. 8, no. 1, pp. 74-83, 2016.
[CrossRef] [Google Scholar] [Publisher Link]
[11] Rusydi Umar, Imam Riadi, and Guntur Maulana Zamroni, “A Comparative Study of Forensic Tools for WhatsApp Analysis using NIST Measurements,” International Journal of Advanced Computer Science and Applications, vol. 8, no. 12, pp. 69-75, 2017.
[CrossRef] [Google Scholar] [Publisher Link]
[12] Abdul Rehman Javed et al., “A Comprehensive Survey on Computer Forensics: State-of-the-Art, Tools, Techniques, Challenges and Future Directions,” IEEE Access, vol. 10, pp. 11065-11089, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[13] Sakshi Singh, and Suresh Kumar, “Qualitative Assessment of Digital Forensic Tools,” Asian Journal of Electrical Sciences, vol. 9, no. 1, pp. 25-32, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[14] Eoghan Casey, Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet, 3rd ed., San Diego, CA, USA: Academic Press, 2011.
[Google Scholar] [Publisher Link]
[15] EC-Council, Mobile Device Forensics: What it is and how it’s used in Investigations, Cybersecurity Exchange, 2025. [Online]. Available: https://www.eccouncil.org/cybersecurity-exchange/computer-forensics/mobile-device-forensics/
[16] Marie-Helen Maras, Computer Forensics: Cybercriminals, Laws, and Evidence, 2nd ed., Burlington, MA, USA: Jones & Bartlett Learning, 2014.
[Google Scholar]
[17] Bruno M. V. Bernardo et al., “Mobile Device Forensics Framework: A Toolbox to Support and Enhance This Process,” Emerging Science Journal, vol. 8, no. 3, p. 972, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[18] Rick Ayers, Sam Brothers, and Wayne Jansen, “Guidelines on Mobile Device Forensics,” NIST SP 800-101 Rev. 1. Gaithersburg, MD: NIST, 2014.
[Google Scholar] [Publisher Link]
[19] United Nations Office on Drugs and Crime, Handling of Digital Evidence, Cybercrime Module 6 Key Issues, 2015. [Online]. Available: https://www.unodc.org/e4j/zh/cybercrime/module-6/key-issues/handling-of-digital-evidence.html
[20] Tanita Singano et al., “Digital Forensics Investigations: Major Challenges in Mobile and Cloud Forensics,” Towards New e Infrastructure and e-Services for Developing Countries, vol. 588, pp. 35-53, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[21] Cellebrite UFED, Cellebrite, 2025. [Online]. Available: https://cellebrite.com
[22] XRY - Mobile Device Forensics, Micro Systemation, 2025. [Online]. Available: https://www.msab.com/product/xry-extract/
[23] Oxygen Forensics Detective, Oxygen Forensics, 2025. [Online]. Available: https://www.oxygenforensics.com
[24] Magnet Forensics, Magnet AXIOM, 2025. [Online]. Available: https://www.magnetforensics.com/products/magnet-axiom/