Sharpening the focus for smartphone-based evidence
- By Susan Miller
- Oct 20, 2021
The amount of digital exhaust the average American produces is increasing exponentially. For criminal investigators, having to sift through personal data from smartphones, fitness trackers, laptops, home security systems and municipal security cameras for relevant text, images, video, social media and location data can be overwhelming, especially following a mass incident involving many victims and witnesses.
“Today, it could be 500 terabytes in an incident with thousands of people using smart phones, security cameras in the areas,” said Umit Karabiyik, an assistant professor in computer and information technology in the Purdue Polytechnic Institute at Purdue University. “It’s like trying to find a needle in a needle stack rather than a hay stack,” he told Purdue News. “Which needles are you interested in? Which one specific item is the piece of data you need?”
Currently, digital forensic investigation tools allow for only a mass transfer of all information, such as dumping all the photos from a phone rather than a curated selection. Not only does that make it hard for law enforcement to find what they’re looking for, but witnesses may be reluctant to give investigators access to all their phone’s data.
Karabiyik is part of a team that has spent the last five years working on a faster way for people to share data with law enforcement while preserving their security and privacy.
The researchers developed a smartphone app that helps victim or witness bookmark potentially relevant data on their phones and displays a consent form -- which must be signed by both the investigator and the phone’s owner -- before data is downloaded. Nothing is shared with law enforcement unless specific consent is given on specific data from the person via the app, Karabiyik said.
Once the user has chosen what will be shared with law enforcement and signed the app’s consent form, the targeted (selective) data extract system enables quick, effective extraction with proper chain-of-custody support. TDES connects to a smartphone that already has the targeted data extraction app running. Filtering metadata for specific times and locations, the system can find the relevant data while excluding non-relevant data and preserving privacy.
Keyword text searching is used to find matches in native text storage. Machine learning algorithms that have been trained to search images to identify weapons, vehicles, drugs, skins exposure, for example, helps filter the photos further.
In addition to uploading selected data from victim or witness smartphones, the TDES system also supports a backend analysis system for law enforcement, according to a paper on the technology.
“I believe there has to be a balance between national security and personal privacy,” Karabiyik said. “This helps establish a trust between the public and the law enforcement agency so the public can share their data in a secured-manner situation.”
Susan Miller is executive editor at GCN.
Over a career spent in tech media, Miller has worked in editorial, print production and online, starting on the copy desk at IDG’s ComputerWorld, moving to print production for Federal Computer Week and later helping launch websites and email newsletter delivery for FCW. After a turn at Virginia’s Center for Innovative Technology, where she worked to promote technology-based economic development, she rejoined what was to become 1105 Media in 2004, eventually managing content and production for all the company's government-focused websites. Miller shifted back to editorial in 2012, when she began working with GCN.
Miller has a BA and MA from West Chester University and did Ph.D. work in English at the University of Delaware.
Connect with Susan at [email protected] or @sjaymiller.