Utilization of Open Source Tools to Advance Mobile Forensic Curriculum Development
Date:
Today’s rapid advancement in mobile technology and the constant growth of personal information being stored in mobile devices has revealed the need for mobile forensics and the increasing demand for individuals skilled in mobile forensics investigation. In order for the forensics community to have advances in the mobile forensics concentration, there is a need to clearly define an educational agenda for researchers and students. Once a role is clearly outlined, better educational material can be developed for students.
The vast mobile device market with its large variety of manufactures and architectures has created a problem for advancing mobile forensics education. Producing clear guidelines for mobile forensic steps and procedures are a challenge because they have to be tailored differently for almost every mobile device vendor. Compared to the desktop and laptop market, the mobile market is extremely diverse. We propose that in order to clearly define a mobile forensics agenda, there is a need to develop a curriculum guide and mobile forensics laboratory assignments that use open source mobile forensics tools. Although there are many commercial tools available today, they are generally too expensive for students to purchase in order to get hands-on experience in mobile forensics. The goal of this research effort is to develop laboratory assignments that make use of enough open source tools to expose students to necessary mobile forensics techniques. This will increase the body of knowledge available to the mobile forensics community, validate the use of open source mobile forensics tools for legitimate use in computer science curriculum, support advancement of mobile forensics education and subsequently prepare students to become mobile forensics experts for the workforce.
This research addresses the need for mobile forensics educational materials by increasing the availability of resources and giving students practical mobile forensic experience at an affordable price. Laboratory assignments will be generated based on the Santoku-Linux, a Linux distribution created specifically for mobile forensics, mobile malware analysis, and mobile security testing. This version of Linux is dedicated to mobile forensics and will provide students with an open source platform to execute the real life scenarios that will be presented in the proposed laboratory guide. Santoku-Linux will provide the basic tools to give students the ability to analyze data, conduct data recovery, and seize digital evidence. In order to validate the usefulness of the proposed guided laboratory material, experimental trials will be conducted with university students. It is expected that this research will verify that the Santoku-Linux open source suite is viable for use in mobile forensics curriculum and to address how to bridge the gaps that are found, if any.
Research of past educational materials in digital and mobile forensics reveals that there is a significant need for this research and suggests that improvements can be made in mobile forensics’ educational material. Research is currently underway to test the tools available with the Santoku-Linux suite and to collect and survey a group of additional open source mobile forensic tools to produce a comprehensive laboratory packet that introduces users to the use and capabilities of these tools. Future work will add essential documentation for some of these open source tools. The educational materials will be validated and results will be used to create a guide to learning mobile forensics. Finally, the laboratory assignments will be uploaded to a website where lab directions can be downloaded for distribution.