A Mobile Forensic Visualization Tool For Android Data Partition
Keywords:Android Data Partition, Mobile Digital Forensic Analysis, Visualization
In the 21th century, digital crimes would be one of the biggest challenges to government and public. Digital crime cases that involve mobile phones are on the rise, resulting in digital forensic analysis tools are on the demand. However, there are limitations in the current mobile forensic tool, such as lack of automation and visualization process, false positives are too high and performance of the analysis is low. This study therefore aims to design, develop and test a tool - MF Visualizer - to visualize the metadata from databases in the Android data partition. The android data partition is chosen as the scope of the project. MF Visualizer follows the mandatory requirements of the forensic tool and is compatible with suitable modules to accomplish the task. The tool is developed by adopting Object-Oriented Software Development Model and using .Net Windows Presentation Foundation (WPF) framework to develop. The findings show that the tools could extract metadata from android data partitions as well as visualize the data in different visualization forms such as Bar Chart, Word Cloud, Map, Pie Chart and the Timeline method. Functionality and users testing results indicate that MF Visualizer has achieved the project objectives. This further indicates that MF Visualizer is a promising tool to be used in a real world scenario with further improvements.