Difference between pages "Tools:Visualization" and "Cell Phone Forensics"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
m (Other Resources)
 
(Links)
 
Line 1: Line 1:
Although not strictly for forensic purposes, visualization tools such as the ones discussed here can be very useful for visualizing large data sets. As forensic practitioners need to process more and more data, it is likely that some of the techniques implemented by these tools will need to be adopted.
+
== Guidelines ==
  
 +
# If on, switch it off. If off, leave off. Note only under exceptional circumstances should the handset be left switched on and in any case every precaution to prevent the handset connecting with the Communication Service Provider should be made. Consider use of a Faraday Bay (Shielded Bag).
 +
# Collect and preserve other surrounding and related devices. Be especially careful to collect the power charger. The phone's battery will only last a certain amount of time. When it dies, much of the data on the device may go too!
 +
# Plug the phone in, preferably in the evidence room, as soon as possible.
 +
# Retain [[search warrant]] (if necessary - [[LE]]).
 +
# Return device to forensic lab if able.
 +
# Use [[forensically sound]] tools for processing.
  
=Open Source Visualization Toolkits=
+
== Notes ==
  
; [http://public.kitware.com/VTK/ The Visualizaiton Toolkit]
+
Expand on 5 as to what to collect:
: C++ multi-platform with interfaces available for Tcl/Tk, Java and Python. Professional support provided by [http://www.kitware.com/ Kitware].
+
  
; [http://www.graphviz.org/ Graphviz and Neato]
+
* [[ESN]],
: Originally developed by the [http://public.research.att.com/areas/visualization/ AT&T Information Visualization Gorup], designed for drawing connected graphs of nodes and edges. Neato is a similar system but does layout based on a spring model. Can produce output as PostScript, PNG, GIF, or as an annotated graph file with the locations of all of the objects---ideal for drawing in a GUI. Runs from the command line on Unix, Windows and Mac, although there is also a [http://www.pixelglow.com/graphviz/ MacOS GUI version].
+
* [[IMEI]],
 +
* [[Carrier]],
 +
* Model Number,
 +
* Color, and
 +
* Other information related to [[Cell Phone]] and [[SIM Card]].
  
; [http://www.opendx.org/ OpenDX]
+
Process:
: Based on IBM's Visualizaiton Data Explorer, runs on Unix/X/Motif.
+
  
 +
# Research the [[Cell Phone]]. Visit PhoneScoop.com for more information
 +
#
 +
#
 +
#
  
; [http://www.ssec.wisc.edu/~billh/visad.html#intro VisAD]
+
== Links ==
: A Java component library for interactive and collaborative visualization.
+
*[http://www.Phone-Forensics.com]
 
+
*[http://www.PhoneScoop.com PhoneScoop.com]
=Commercial Tools=
+
*[http://www.mobileforensics.com MobileForensics.com]
 
+
*[http://www.SmartPhoneForensics.com SmartPhoneForensics.com]
; [http://www.aisee.com/ aiSee Graph Layout Software]
+
: Supports15 layout algorithms, recursive graph nesting, and easy printing. Runs on Windows, Linux, Solaris, NetBSD, and MacOS. 30-day trial and free registered versions available. Academic pricing available.
+
 
+
 
+
; [http://www.geomantics.com/ Geomantics]
+
: Geographical, Visualization and Graphics software. Runs on Windows.
+
 
+
; [http://www.3dnature.com/ 3D Nature]
+
: Landscape visualization software
+
 
+
=Other Resources=
+
; [http://www.palgrave-journals.com/ivs/index.html Information Visualization Journal]
+
 
+
 
+
;[http://www.msi.umn.edu/user_support/scivis/scivis-list.html Scientific Visualization at the Supercomputing Institute]
+

Revision as of 17:55, 18 September 2006

Guidelines

  1. If on, switch it off. If off, leave off. Note only under exceptional circumstances should the handset be left switched on and in any case every precaution to prevent the handset connecting with the Communication Service Provider should be made. Consider use of a Faraday Bay (Shielded Bag).
  2. Collect and preserve other surrounding and related devices. Be especially careful to collect the power charger. The phone's battery will only last a certain amount of time. When it dies, much of the data on the device may go too!
  3. Plug the phone in, preferably in the evidence room, as soon as possible.
  4. Retain search warrant (if necessary - LE).
  5. Return device to forensic lab if able.
  6. Use forensically sound tools for processing.

Notes

Expand on 5 as to what to collect:

Process:

  1. Research the Cell Phone. Visit PhoneScoop.com for more information

Links