Research Article
Evaluating and Comparing Tools for Mobile Device Forensics Using Quantitative Analysis
@INPROCEEDINGS{10.1007/978-3-642-39891-9_17, author={Shahzad Saleem and Oliver Popov and Oheneba Appiah-Kubi}, title={Evaluating and Comparing Tools for Mobile Device Forensics Using Quantitative Analysis}, proceedings={Digital Forensics and Cyber Crime. 4th International Conference, ICDF2C 2012, Lafayette, IN, USA, October 25-26, 2012, Revised Selected Papers}, proceedings_a={ICDF2C}, year={2013}, month={10}, keywords={Digital Forensics Mobile Device Forensics and tools e-Evidence Evaluation Confidence Interval Hypothesis Testing and Quantitative Analysis}, doi={10.1007/978-3-642-39891-9_17} }- Shahzad Saleem
Oliver Popov
Oheneba Appiah-Kubi
Year: 2013
Evaluating and Comparing Tools for Mobile Device Forensics Using Quantitative Analysis
ICDF2C
Springer
DOI: 10.1007/978-3-642-39891-9_17
Abstract
In this paper we have presented quantitative analysis technique to measure and compare the quality of mobile device forensics tools while evaluating them. For examiners, it will provide a formal mathematical base and an obvious way to select the best tool, especially for a particular type of digital evidence in a specific case. This type of comparative study was absent in both NIST’s evaluation process and our previous work (Evaluation of Some Tools for Extracting e-Evidence from Mobile Devices). We have evaluated UFED Physical Pro 1.1.3.8 and XRY 5.0. To compare the tools we have calculated Margin of Error and Confidence Interval (CI) based on the proportion of successful extractions from our samples in different scenarios. It is followed by hypothesis testing to further strengthen the CI results and to formally compare the accuracy of the tools with a certain level of confidence.