Email this Article Email   

CHIPS Articles: NIST Releases Draft Guide for Digital Forensics

NIST Releases Draft Guide for Digital Forensics
By CHIPS Magazine - March 28, 2018
Digital diagnostics is an important investigative tool in criminal or civil law enforcement actions. With the proliferation of mobile devices, many individuals conduct a variety of business and personal communications and transactions exclusively on their cellphones and tablets.

The National Institute of Standards and Technology is releasing a guide that describes procedures for documenting and populating test data on a mobile device before testing a mobile forensic tool in the recovery and interpretation of data found on digital devices, NIST said in a release.

Draft NIST Special Publication (SP) 800-202, Quick Start Guide for Populating Mobile Test Devices, is to be used with Federated Testing, an expansion of the Computer Forensics Tool Testing (CFTT) program at NIST, which provides digital forensics investigators and labs with test materials for forensic tool testing. The goal of Federated Testing is to help digital forensics investigators to test tools used in their labs and to enable sharing of test results within the digital forensics community.

The objectives for this guide are: (1) provide guidance for how to place test data on a mobile device for use in forensic tool testing; and (2) provide guidance to select data elements for inclusion that ensure effective testing. The public comment period for this draft guide ends April 25, 2018, NIST said.

Data found on a suspect’s computer, cellphone or tablet may prove to be crucial evidence in a legal case. Data recovered from digital devices is often helpful in providing clues for incidents and potential criminal activity, but data extraction from mobile devices is tedious due to differences in data and formats among manufacturers and operating systems.

NIST has found a way to address these challenges with its Computer Forensics Tools Testing (CFTT) program which tests computer forensic tools to ensure that they produce accurate and objective results. These tests can be implemented by anyone, including the law enforcement community utilizing Federated Testing software.

NIST's Draft NIST Special Publication (SP) 800-202, Quick Start Guide for Populating Mobile Test Devices, should be used with Federated Testing, which is an expansion of CFTT.

The goal of Federated Testing is to help digital forensics investigators to test the tools that they use in their labs and to enable sharing of test results within the digital forensics community, according to NIST. The goals of this guide are to provide guidance on how to document and populate test data on a mobile device for use in forensic tool testing and provide guidance to select data elements for inclusion that ensure effective testing results.

Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer