ABSTRACT
Digital forensics is a branch of forensic science mainly focusing on retrieving and investigating the raw data residing in digital devices. The aim of the process is to extract and recover digital data from a digital device without altering the data present on the device. Over the years, the digital forensics domain has grown, along with the rapid development of digital technology. There are various sub-domains of digital forensics based on the type of digital device involved, which include computer forensics, database forensics, network forensics, memory forensics, mobile forensics, and so on. Mobile forensics is a branch of digital forensics related to the recovery of digital evidence from mobile devices. Mobile devices have become an essential part of everyone’s life which makes criminal activities or being a part of a crime. No other computing devices like mobile devices handle a massive amount of sensitive information. Mobile devices hold a huge repository of user data like event logs, messages, contact lists, credit, and debit card numbers, memos, calendars, and so on. These handheld devices are used to communicate with others across the globe, sharing photos and videos, being connected to social blogs, and much more. Since technology is developing, the mobile device becomes data carries as the network is available, they can keep track of all movements. With the rapid development of technology in mobile computing, criminals commit advanced crimes like hacking, malware attacks, phishing, and many more. In the majority of illicit drug peddler’s cases, a mobile device has been used as a medium to contraband across borders. Major criminal organizations and terrorists use mobile devices to coordinate criminal activities and share information to commit the crime in a well-organized manner. Digital investigators can gain valuable insights from their mobile phones. Nowadays, social media networks like Facebook, Instagram, and many more users are selling drugs illegally. This information on mobile phones can help the experts to find out the whole network. The objective of this chapter is to contribute the full introduction, basic fundamentals of mobile forensics, and also the detection technique of suspicious activities from mobile device data with the aim of mobile forensics data analysis. The proposed model works with greater utility when there is a variety of digital evidence that can infer the actions of offenders/victims. This chapter demonstrates a brief study about how digital evidence plays an important role in mobile devices for investigation and also aimed to investigate the applicability of machine learning and deep learning algorithms in identifying digital evidence. Data will be extracted using forensics tools and then feed to various algorithms. The performance of such algorithms was compared based on evaluation metrics. The implementation of ML and DL techniques on mobile forensics artifacts helps to analyze the digital evidence. The classification algorithms are used to train the ML models, which predict whether a given data is potential evidence or not. For implementing the DL model, Keras is used as a framework, TensorFlow as backend, trained with 100 epochs, and Adam as an optimizer. The dataset has been divided into training and testing with 80:20 ratios. The performance measures are calculated by Mean Square Error (MSE) and Root Mean Square Error (RMSE).
