The Association of Digital Forensics, Security and Law (ADFSL)
In conducting criminal investigations it is quite common that forensic examiners need to recover evidentiary data from smartphones used by offenders. However, examiners encountered difficulties in acquiring complete memory dump from MTK Android phones, a popular brand of smartphones, due to a lack of technical knowledge on the phone architecture and that system manuals are not always available. This research will perform tests to capture data from MTK Android phone by applying selected forensic tools and compare their effectiveness by analyzing the extracted results. It is anticipated that a generic extraction tool, once identified, can be used on different brands of smartphones equipped with the same CPU chipset.
Kidnapping & extortion: Police ecstatic over toys to tackle cell phone crime, published in The Express Tribune, October 19, 2012, http://tribune.com.pk/story/453569/kidna pping-extortion-police-ecstatic-over-toys-to- tackle-cell-phone-crime/
Investigating and analyzing the web-based contents on Chinese Shanzhai mobile phones, IEEE/SADFE 2012, http://hub.hku.hk/bitstream/10722/18964 8/1/Content.pdf Det.
Cynthia A. Murphy , Developing Process for Mobile Device Forensics, http://www.mobileforensicscentral.com/mf c/documents/Mobile%20Device%20Forensi c%20Process%20v3.0.pdf
MediaTek from Wikipedia, http://en.wikipedia.org/wiki/ MediaTek Top 140 quad-core MT6582 dual sim phones listed with specifications, GizChina.com, March 3, 2014, http://www.gizchina.com/2014/03/03/top- 140-quad-core-mt6582-dual-sim-phoneslisted-specifications/
Persistent Challenges with Smartphone Forensics, Digital Forensic Investigator, February 8, 2013, http://www.dfinews.com/articles/2013/02/ 6-persistent-challenges-smartphoneforensics
J. Sylve et al., Android Memory Capture and Applications for Security and Privacy, University of New Orleans Theses and Dissertations. Paper 1400, 2011, http://scholarworks.uno.edu/cgi/viewconte nt.cgi?article=2348&context=td
Joseph T. Sylve, Android Memory Capture and Applications for Security and Privacy, University of New Orleans Theses and Dissertations, 2011, http://scholarworks.uno.edu/cgi/viewconte nt.cgi?article=2348&context=td Ismael
Valenzuela, Acquiring volatile memory from Android based devices with LiME Forensics Part I, Ismael Valenzuela, April 23, 2012, http://blog.opensecurityresearch.com/2012 /04/acquiring-volatile-memory-from- android.html
Lessard J, Kessler G.C.,Android Forensics: Simplifying Cell Phone Examinations, ECU Publications Pre.2011, http://ro.ecu.edu.au/cgi/viewcontent.cgi?a rticle=7480&context=ecuworks
Vidas, Zhang & Christin, 2011, Toward a general collection methodology for Android devices, http://www.dfrws.org/2011/proceedings/07 -339.pdf
Vijith Vijayan, Android Forensic Capability and Evaluation of Extraction Tools, April 2012, http://www.academia.edu/1632597/Androi d_Forensic_Capability_and_Evaluation_ of_Extraction_Tools)
Digital Forensic on MTK-based Shanzhai Mobile Phone with NAND Flash, ICDFI, Beijing, China 2012, http://secmeeting.ihep.ac.cn/paper/Paper _Mengfei_He_ICDFI2012.pdf FlashTool V3.1004.00
Application Note, MediaTek, January 27,2009, http://www.mtk2000.ucoz.ru/FlashTool_V 3.1004.00_Application_Note.pdf
UFED Touch Ultimate, Cellebrite, https://www.cellebrite.com/images/stories /brochures/UFED-Touch-Ultimate- ENGLISH-web.pdf
SP Flash Tool + MediaTek MT65XX Drivers Download and Installation Guide including Bricked Devices, updated July 31, 2014, http://laurentiumihet.ro/sp-flash-tool- mediatek-mt65xx-drivers-download-andinstallation-guide-including-bricked- devices/
Volcano Box, http://www.volcano- box.com/features.html X-Ways Forensics, http://www.x- ways.net/forensics/
UFED Physical Analyzer, Cellebrite, http://www.cellebrite.com/mobileforensics/products/applications/ufed- physical-analyzer
"Data Extraction on MTK-based Android Mobile Phone Forensics,"
Journal of Digital Forensics, Security and Law: Vol. 10
, Article 3.
Available at: http://commons.erau.edu/jdfsl/vol10/iss4/3