[转载]Cellular/Mobile Phone Forensics
信息来源:邪恶八进制信息安全团队([url]www.eviloctal.com[/url])<BR><BR><P>Links to materials related to this topic...Click <B><A href="http://www.e-evidence.info/cellular.html#articles">HERE</A></B> for articles. <BR>Links are organized in alphabetical for the moment. <BR>No recommendations are made or implied!
<HR color=black>
<P><B><A href="http://groups.yahoo.com/group/phoneforensics/" target=_blank>Cell Phone Forensics - Yahoo Group</A></B> <BR>Mobile phone forensics. Training, procedures, software, hardware and best forensic practices.
<P><B><A href="http://mobileforensics.info/" target=_blank>Mobile Forensics.Info</A></B> <BR>Excellent Resource for Mobile Phone Forensics [Registration Required]
<P>
<HR color=black>
<FONT size=4><U><B>Hardware & Software</B></U> </FONT>
<P><B><A href="http://bitpim.sourceforge.net/" target=_blank>BitPim</A></B> [Open source]
<P>Allows you to view and manipulate data on LG VX4400/VX6000 and many Sanyo Sprint cell phones. This includes the PhoneBook, Calendar, WallPapers, RingTones (functionality varies by phone) and the Filesystem for most Qualcomm CDMA chipset based phones.
<P><B><A href="http://www.forensischinstituut.nl/" target=_blank>Cards4Labs</A></B>
<P>Software package, Law Enforcement only
<P><B><A href="http://home.tiscali.be/chipit/Chipit.html" target=_blank>ChipIt</A></B> [Free]
<P>Explores GSM Sim Cards; Save, Load, Edit or Copy the Phone Book
<P><B><A href="http://www.bkforensics.com/product" target=_blank>Couros Enterprises, LTD</A></B> [Commercial]
<P>Forensic SIM Card Reader, Chippy Forensic IrDA <BR>FREE Forensic Card Reader Analysis Software
<P><B><A href="http://www.susteen.com/" target=_blank>DataPilot</A></B> [Commercial]
<P>Data transfer software
<P><B><A href="http://www.evidencetalks.com/forensic_toolsets/mobile_phone_forensics.php" target=_blank>Evidence Talks ForensicSIM</A></B> [Commercial]
<P>Allows operators to easily clone a SIM card and examine it without any chance of damaging the evidence. It even allows you to examine the phone memory without any possibility of accidental connection to the phone network.
<P><B><A href="http://www.softpedia.com/get/Mobile-Phone-Tools/Sony-Ericsson/Float-MobileAgent-for-Sony-Ericsson.shtml" target=_blank>Float MobileAgent 0.1.1.16 for Sony-Ericsson</A></B> [Free]
<P>FMA allows easy management of Phonebook (both SIM and Phone memory), SMS, Profiles, and Files stored on the phone.
<P><B><A href="http://www.futuredial.com/FDCart/ProductDetails.aspx?pid=123&cid=30" target=_blank>FutureDial抯 SnapMedia</A></B> [Commercial]
<P>Lets you extract pictures from your camera phone to store on your PC
<P><B><A href="http://www.mobiledit.com/forensic/" target=_blank>MOBILedit! Forensic Report</A></B> [Commercial]
<P>Gathers all possible data from the mobile phone, then generates an extensive report that can be stored or printed.
<P><B><A href="http://www.mobiledit.com/forensic/" target=_blank>Motorola iDEN Companion Pro</A></B> [Free]
<P>This PC based software application enables you to retrieve and or/modify call lists and set up ergonomic preferences in your Motorola iDEN phone
<P><B><A href="http://www.nokia.com/nokia/0,,54691,00.html" target=_blank>Nokia PC Suite</A></B> [Free]
<P>Lets you synchronize, edit, and back up many of your phone's files on a compatible PC through a wireless or cable connection.
<P><B><A href="http://www.orate.co.uk/Mobiles/Forensics.html" target=_blank>Orate's Forensic SIM card reader</A></B> [Commercial]
<P>No writing to the SIM concerned, so it leaves the SIM completely unchanged.
<P><B><A href="http://www.opm-2.com/forensic/" target=_blank>Oxygen Phone Manager II - special Forensic version</A></B> [Free]
<P>Allows data to be read from the phone, save it to a file, or export into any of supported formats. But no data is changed.
<P><B><A href="http://www.paraben-forensics.com/catalog/product_info.php?cPath=25&products_id=98" target=_blank>Paraben Forensics Cell Seizure</A></B> [Commercial]
<P>Allows forensic acquisition of user entered data and portions of unallocated storage on some devices.
<P><B><A href="http://www.zone-h.org/en/download/category=15/" target=_blank>PDAZap</A></B> [Free]
<P>Saves an image of the flash memory of a Sony Ericsson P800 mobile phone on a memory stick.
<P><B><A href="http://www.phonebase.info/index.html" target=_blank>PhoneBase2</A></B> [Commercial]
<P>Mobile phone analysis system which gives law enforcement agencies a full report on the contents of SIM cards and phone memories
<P><B><A href="http://www.radio-tactics.com/products.htm" target=_blank>Radio Tactics Limited</A></B> [Commercial]
<P>ForensicSIM Toolkit - recovers digital evidence from GSM SIM and USIM devices <BR>ForensicMobile Toolkit will give Law Enforcement Agencies the capability to safely and conveniently recover relevant digital evidence from GSM and 3G Mobile Phone devices.
<P><B><A href="http://www.txsystems.com/sim-manager.html" target=_blank>Sim-Manager Pro</A></B> [Commercial]
<P>Gives access to a GSM card of a mobile phone from a PC
<P><B><A href="http://www.simcon.no/" target=_blank>SIMCon</A></B> [Commercial]
<P>Allows the user to securely image all files on a GSM SIM card to a computer file with a standard smart card reader.
<P><B><A href="http://vidstrom.net/otools/simquery/" target=_blank>SIMQuery</A></B> [Free]
<P>SIMQuery is a tool that retrieves the ICCID and IMSI from a GSM SIM card.
<P><B><A href="http://users.net.yu/%7Edejan/" target=_blank>SIMScan [& other software]</A></B> [Free]
<P>Allows functionality analysis of Yours GSM SIM smart card
<P><B><A href="http://www.nobbi.com/download.htm" target=_blank>SIMSpy & PDUSpy</A></B> [Free]
<P>With a smartcard reader which is supported by Microsofts SmartCard API, you may read out some interesting things from your SIM, change and unblock your PIN
<P><B><A href="http://tulp2g.sourceforge.net/" target=_blank>TULP2G</A></B> [Open source]
<P>Telephone Extraction Program, 2nd Generation - forensic framework for extracting and decoding data <BR><A href="http://www.msab.com/archive/index.html" target=_blank>Video - Introduction to .XRY</A>
<P><B><A href="http://vidstrom.net/stools/undeletesms/" target=_blank>UndeleteSMS</A></B> [Free]
<P>UndeleteSMS can recover deleted SMS messages from a GSM SIM card
<P><B><A href="http://www.msab.com/en/product.jsp?categoryId=25&productId=25" target=_blank>.XRY</A></B> [Commercial]
<P>Using Bluetooth or Infrared, all the information stored on a mobile telephone can be retrieved quickly and securely. <BR><B>NOTE:</B> Very expensive! <BR>Quote from email, "The first year fee would be around USD 10,000 including all upgrades that will come during next 12 month period, also including support. Additional year would be half price"
<P>
<P>
<HR color=black>
<A target=_blank name=articles></A><FONT size=4><U><B>Articles/Whitepapers</B></U> </FONT>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>Binns, Roger</B></FONT> (Developer of BitPim)
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://bitpim.sourceforge.net/papers/baypiggies/bitpim-piggies.pdf" target=_blank>BitPim - An application in Python</A></B> [PDF Presentation] July 2004
<P></P>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.rogerbinns.com/vx4400/vx4400faq.html" target=_blank>LG VX4400 Frequently Asked Questions (FAQ)</A></B>
<P></P>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.rogerbinns.com/vx4400/datapilot-review.html" target=_blank>Susteen Datapilot Review</A></B> March 2003
<P></P>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://bitpim.sourceforge.net/papers/phonespecs/" target=_blank>Where do I download cell phone specifications?</A></B> Updated August 2004 </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>Cheung, Humphrey</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.tomshardware.com/hardnews/20050321_085650.html" target=_blank>Crime Fighters solve crimes by examining cell phones</A></B> March 2005 </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>Desai, Stavan</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.indianexpress.com/full_story.php?content_id=59385" target=_blank>BJP抯 Naroda MLA says she wasn抰 at riot site, cellphone records say she was there</A></B> November 2004 </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>Duijnmayer, David</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://europa.eu.int/idabc/en/document/3675/470" target=_blank>Netherlands Forensic Institute develops and publishes open source software</A></B> December 2004 </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>Forensic Science Northern Ireland</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.fsni.gov.uk/pdfs/AR%20pdfs/FSNI%20Annual%20Report%2002-03.pdf" target=_blank>Mobile Phones Provide the Evidence</A></B> [PDF - See pages 14 & 17] 2003 </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>ForensicFocus</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.forensicfocus.com/index.php?name=Forums&file=viewtopic&t=93" target=_blank>Mobile phones & pda's</A></B> [Listserv Thread] </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>Goode, Amanda</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.iee.org/oncomms/sector/communications/Articles/Download/09C65D8E-6B83-4F15-BC15FB921247754E" target=_blank>Forensic extraction of electronic evidence from GSM mobile phones</A></B> [PDF Presentation] 2001 </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>GSM-Security.net</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.gsm-security.net/" target=_blank>[url]http://www.gsm-security.net/[/url]</A></B> <BR>Portal to the world of GSM Security </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>Hilton, Kelvin</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.soc.staffs.ac.uk/kch1/teaching/postgraduate/miei/schedule/lectures/miei_lec_3.ppt" target=_blank>An Example of Mobile Forensics</A></B> [PP Presentation] 2005
<P></P>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.soc.staffs.ac.uk/kch1/teaching/undergraduate/mc/schedule/lectures/week_11/mcfr_2003_4_1.ppt" target=_blank>Fraud in Mobile Technologies</A></B> [PP Presentation] 2005 </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>IOCE</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://ncfs.org/documents/ioce2000/reports/electronicDevices.pdf" target=_blank>Good Practices for Seizing Electronic Devices - Mobile Telephones</A></B> [PDF] 2000 </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>Janes Police Review</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.janes.com/press/pc041001_1.shtml" target=_blank>Forensic Telecoms' Revolution is Turning Mobile Phones Against Their Criminal Owners</A></B> October 2004 </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>Mellars, Barrie</B></FONT> <IMG src="http://www.e-evidence.info/new3.gif">
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.compseconline.com/digitalinvestigation/tableofcontents.htm" target=_blank>Forensic examination of mobile phones</A></B> [PDF] 2004 <BR>Volume 1 Issue 4 - Registartion required </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>Miller, Christa</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>Law Enforcement Technology Magazine <BR><A href="http://www.msab.com/en/news.jsp?id=38" target=_blank>Helping Investigators Lift Evidence from Cell Phones</A></B> [PDF] July 2004 </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>Naavi</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.naavi.org/cl_editorial_04/edit_nov_22_04_01.htm" target=_blank>Mobile Forensics..A New Challenge</A></B> November 2004
<P></P>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.naavi.org/cl_editorial_04/edit_dec_04_04_01.htm" target=_blank>Mobile Forensics..Understanding the Technology of GSM Vs CDMA</A></B> December 2004 </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>Poropudas, Timo</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.mobilemonday.net/mm/presentation.php?id=3972" target=_blank>How the victims of Soham murders were found</A></B> December 2004 <BR>Page also includes a link to PP Presentation given by Peter Uglow on Cell Site Analysis </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>Robinson, Graham and Gregory Smith</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.ilexjournal.com/special_features/article.asp?theid=284&themode=2" target=_blank>Evidence from mobile phones</A></B> July 2001 </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>Slashdot</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://developers.slashdot.org/article.pl?sid=04/12/02/1556256&tid=100&tid=185&tid=8" target=_blank>Cellphone Forensic Software Open Sourced</A></B> December 2004 </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>Summers, Chris</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://news.bbc.co.uk/1/hi/uk/3303637.stm" target=_blank>Mobile phones - the new fingerprints</A></B> December 2003 </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>The Economist</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://snarfed.org/space/2004-01-13/economist_cell_phone_forensics.html" target=_blank>Trial and triangulation</A></B> December 2003 <BR>Mobile phones are increasingly useful as forensic evidence in trials </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>The Guardian</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.guardian.co.uk/online/story/0,3605,1133025,00.html" target=_blank>Eyes on the child</A></B> <BR>The Soham murder trial highlighted the use of mobile phone tracking. </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>Thompson, Tony</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.guardian.co.uk/mobile/article/0,2763,1283512,00.html" target=_blank>Mobiles leave no hiding places</A></B> August 2004 </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>Vogon's Forensic Bulletin ?The Smoking Gun</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.vogon-international.com/sg/71/mobile-forensics.htm" target=_blank>Mobile Forensics?</A></B> January 2005 </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>Westra, Derek</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://newsnet.byu.edu/story.cfm/54610" target=_blank>Hilton hacking sparks concern</A></B> March 2005 </LI></UL>
<P><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B>Willassen, Svein Y.</B></FONT>
<P>
<UL>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.willassen.no/msl/" target=_blank>A method for implementing Mobile Station Location in GSM</A></B> 1998
<P></P>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.mobileforensics.com/" target=_blank>Evidence in Mobile Phone Systems</A></B> 2003
<P></P>
<LI><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2 ALIGN="left"><B><A href="http://www.ijde.org/docs/03_spring_art1.pdf" target=_blank>Forensics and the GSM Mobile Telephone system</A></B> [PDF] Spring 2003 </FONT></LI></FONT></FONT></UL></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT></FONT>
页:
[1]