Mobile Device Forensics

Mobile forensic technology is very important because mobile devices are now easily being used as a crime measure.

Most of the apps used as a crime measure need to be analyzed for the investigation but most mobile forensics

software cannot support all these kinds of apps and devices such as non-global apps and devices.

For this reason, mobile forensic technology is necessary for Digital Forensic investigators to gain its own, exclusive

technology to analyze local mobile apps and devices.

Many Investigators have to depend on tools, they can’t explain how to get the result of Analysis from tools.

ARGOS DFAS Mobile is a mobile forensic software, which consists of ARGOS DFAS Mobile Data Acquisition and

Analysis.

With this software, you can acquire data from mobile devices and analyze the data by parsing app data and

carving files from free space. Regarding app data parsing, you can parse app data even if the ARGOS DFAS

Mobile and other global mobile forensic vendors do not support your own apps.

Search Storage

Media ApplicationKeyword File Web Mail

Monitoring Control Audit

Features

Processing information

New trends of Crime

Investigation oriented to

Mobile Devices

Rapid changes of mobile

environment

Mobile Forensic Solution

Venders don’t reveal

their technology

Fails on analysis of

updated or unknown

devices

Core Technologies

Support Both physical and logical acquisition with Simple User Interface

Special Acquisition technology from Korean NSRI(National Security Research Institute)

Fully customizable plug-ins which support immediately analysis and update for Apps

File Carving Engine (Advanced Technology from the Tool of Korean Prosecution Office)

Special app data parsing with Visualized Data Mining

When existing version of an app changes its database structure or encryption key.

When a new app is just released.

Customize the app data parsing plug-in to analyze unknown apps.

If other mobile forensic solutions are

unable to analyze existing or unknown apps

Use ARGOS DFAS Mobile to analyze them

or direct support from Duzon

tel. +82-2-6233-2075 fax. +82-2-6233-2099 mail. forensic@duzon.com

Forensic Division 16F, 412, Teheran-ro, Gangnam-gu, Seoul, South Korea www.dforensic.com

Copyright ⓒ DOUZONE.CO.LTD. All rights reserved

Features

File System Parser

Visualized DataMining

Logical / Physical

Data Aquisition

File Carving

Engine

NSRI Technology

Avanced Technolgy

From KPO Tool

Foresnsically Sound

Report

Report

Intensive Record Level

Recovery

Regardless of device types, ARGOS DFAS Mobile find its database file and

analyze with SQLite parsing script.

Fully customizable plug-in for immediate support and update.

Special app data parsing with Visualized Data Mining.

Visualized Data Mining can be used without programming skill.

Major Features : SQLite Parsing Script

File carving is a repair method to be used if the file system is cleared META

information. Files that found by carving has not file system meta information,

so it can't find the original folder location. Therefore ARGOS DFAS MOBILE

classify the files by the file types.

Deleted File (Meta)

Deleted File (Carving)

Major Features : File Recovery (Meta and Carving)

SQLite Recovery

Engine

Bookmark of the ARGOS DFAS MOBILE can bookmark and report the file,

records and search result. These bookmarked information will help to

analyze and the evidence.

Major Features : Bookmark and Reports

If search result is exist, then ARGOS DFAS MOBILE will build the result

folder to the current selected tree. ARGOS DFAS MOBILE supports the file

information search(Name, date), file contents search(string ASCII, Unicode,

UTF 8) and database records.

Major Features : Search

DEVICE-1

WhatsApp

DEVICE-2

DEVICE-3