US wants upper hand in battling high-tech bad guys

4G cell phone, cloud computing, VoIP forensics target of US Department of Justice call for action

The US Department of Justice this week said it was looking to boost the research and development of technology that could bring new forensic tools for digital evidence gathering.

The DoJ's research and development arm, the National Institute of Justice (NIJ) said it was particularly interested in tools targeting forensic tools for mobile cellular devices; cloud computing environments; VoIP communication and vehicle computer systems.

FBI details most difficult Internet scams

An article by my colleague Tim Greene earlier this year stated: Non-traditional communications devices such as smartphones and game consoles pose a particular problem to law enforcement agencies trying to milk them for forensic data that reveals criminal activity.  "Forensic tools for cell phones are in their infancy," says Stephen Riley, a forensic examiner with the FBI's Computer Analysis and Response Team. "There's lots of different carriers, different phones, different cables - just try to keep up."

Smartphones can communicate via SMS, MMS, mobile e-mail, mobile internet access, VoIP and traditional cellular voice networks, Riley says, making each machine a potential treasure trove of information but also a nightmare maze of possible proprietary technologies to unlock it.

That's where the need for these sorts of research projects come from.  In the DoJ's case, from its request document, the agency is looking for the following:

Forensic Tools for Mobile Cellular Devices: Digital forensic tools used to process evidence from cell phones acquire data from specific locations in the data storage space in the phone's subscriber identity module (SIM) card. Essentially, the tools are designed to "search" where data with forensic value is expected to be found. This is problematic from a forensic perspective, because data with forensic value can in fact be hidden in other file locations. This problem will grow more acute with the introduction of 4G cell phones. These phones will provide increased data storage capability, while maintaining or reducing the size of the phone, by maximizing the use of the available data storage space. As a result, some of the data storage areas that were not forensically relevant, and which current forensic tools ignore, may become forensically relevant. NIJ seeks proposals for research and technology development leading to the introduction into practice of forensic tools that can search all the file storage spaces of both 4G and earlier generation cell phones for data with forensic value.

Data Forensics in the Cloud Computing Environment: Internet-based or Cloud computing is a means of accessing computing resources with minimal infrastructure investment. The accessing of applications and storing of data through the Internet, rather than on the hard drive of a local computer or server, which is what characterizes Cloud computing, is challenging from a forensic perspective. One challenge is that if an application is accessed through the Internet, temporary files with forensic value that would traditionally have been stored on a computer hard drive will be stored within a virtual environment and lost when the user closes the application. With data residing on external servers, the ability to demonstrate that the data obtained is uncompromised also becomes more problematic. NIJ seeks proposals for research and technology development leading to the introduction into practice of forensic tools that can overcome the challenges of the Cloud computing environment. This includes proposals for the demonstration and evaluation of existing forensic tools that can overcome these challenges.

Forensic Tools for VoIP communications: There is a need for forensic tools to extract data with forensic value from computers used for Internet-based telephony, such as call-log data. NIJ seeks proposal for research and technology development leading to the introduction into practice of such tools. This includes proposals for the demonstration and evaluation of existing forensic tools that can meet this need.

Forensic Tools for Vehicle Computer Systems: Computers have become an integral component of motor vehicles, including event data recorders (EDRs), or "black boxes," which can be used for accident investigation. NIJ seeks proposals for research and technology development leading to the introduction into practice of forensic tools that can extract data with probative value for criminal justice purposes from the computer systems of vehicles with and without an EDR. This includes proposals for the demonstration and evaluation of existing forensic tools that currently address this need.

The NIJ said funding for research or development projects rarely exceeds $500,000 annually, though total funding for projects requiring multiple years to complete has exceeded $1 million in some cases.

Follow Michael Cooney on Twitter: nwwlayer8  

Layer 8 Extra

Check out these other hot stories:

SETI astronomers expand search for extraterrestrial communications

NASA takes cloud computing to Mars

Researchers tout unique automated firewall fault fixer

NASA wants more hypersonic spaceship research

Air Force bounces Windows XP, goes all-in for Windows 7

Watching orbital objects: Air Force Space Fence project moves forward

IBM, European Union team to swat electronic vampires

Ghosts of NASA satellite will haunt Johns Hopkins new data center

NASA to auction automated software code generation patents

Boeing adopts NASA software to boost airline fuel efficiency

NASA space telescope spots "starquakes"

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Take IDG’s 2020 IT Salary Survey: You’ll provide important data and have a chance to win $500.