Skip to content

References: Cell Phone Analytics and Mobile Forensics

  1. Mobile device forensics - Wikipedia - Comprehensive overview of mobile forensic methods including SIM extraction, deleted data recovery, acquisition types (logical, physical, chip-off), and iOS vs Android toolchain differences. Core reference for the chapter's technical procedures.

  2. Cell site - Wikipedia - Explains cell tower infrastructure, signal coverage, handoff protocols, and how carrier data logs associate a device's IMEI with tower records over time; foundational to the chapter's CDR and triangulation content.

  3. Call detail record - Wikipedia - Covers the structure, content, and investigative uses of CDR data, including metadata fields (caller, recipient, timestamp, duration, tower ID) and the legal framework governing law enforcement access.

  4. Guidelines on Mobile Device Forensics (NIST SP 800-101, Rev. 1) - Richard Ayers, Sam Brothers, and Wayne Jansen - National Institute of Standards and Technology - Defines forensically sound acquisition, preservation, examination, and reporting procedures for mobile devices; the government standard referenced by courts when evaluating mobile evidence admissibility.

  5. Android Forensics: Simplifying Cell Phone Examinations - Jeff Lessard and Gary Kessler - Provides practical guidance on Android file system structure, SQLite database recovery, and acquisition workflows; essential companion for the chapter's coverage of Android forensic toolchains and deleted data recovery.

  6. NIST SP 800-101 Rev. 1: Guidelines on Mobile Device Forensics - NIST Computer Security Resource Center - Full text of the federal mobile forensics standard covering validation, preservation, acquisition, examination, analysis, and reporting; the authoritative procedural reference for investigators testifying about mobile evidence.

  7. EFF: Cell Phone Location Tracking - Electronic Frontier Foundation - Covers Fourth Amendment protections for location data, geofence warrants, IMSI catcher (Stingray) surveillance, and key court rulings; essential for the chapter's legal process and privacy law sections.

  8. SANS Digital Forensics and Incident Response - SANS Institute - Offers professional training curricula and resources for smartphone forensics (FOR585) and iOS/Mac forensics (FOR518), providing context for the toolchains and acquisition methods described in this chapter.

  9. INTERPOL Digital Forensics - INTERPOL - Describes international standards for handling digital evidence from smartphones, cloud accounts, and remote storage; relevant to the chapter's coverage of cross-border mobile evidence and chain-of-custody requirements.

  10. Digital Forensics Research Workshop (DFRWS) - DFRWS - The primary peer-reviewed conference and publication venue for mobile and digital forensics research, including Android acquisition tools, geolocation analysis, and emerging mobile evidence challenges directly relevant to this chapter's technical content.