Article
Digital Forensic Investigation of Two-Way Radio Communication Equipment and Services
Contribution Summary
This paper presents a comprehensive investigation of the digital forensic investigation of two-way radio communication equipment and services. The authors examine the increasing use of digital radio communication equipment and services, including the integration of smartphones and Push-To-Talk services. They identify the need for digital investigators to have knowledge about radio communication equipment, radio infrastructure, and associated services. The authors propose a workflow for radio device investigation and evaluate the possibility of using popular forensic tools to acquire artefacts from radio communication equipment. They also test their approach with different scenarios and propose a workflow for radio device investigation. The study highlights the importance of understanding the features and options of digital radio equipment, including radio-ID, talkgroups, zones, private calls, trunk or DMO operation, roaming, encryption, address books, status messages, short message services, radio check, emergency calls, lone worker, remote monitoring, password, remote enable/disable, call alert, rental, telemetry, GPS, keyboard lock, and covert mode.
Keywords: Digital radio; Forensic investigation; Two-way radio; Push-To-Talk; Digital forensics; Radio communication equipment; Radio infrastructure; Digital evidence
Abstract
Historically, radio-equipment has solely been used as a two-way analogue communication device. Today, the use of radio communication equipment is increasing by numerous organisations and businesses. The functionality of these traditionally short-range devices have expanded to include private call, address book, call-logs, text messages, lone worker, telemetry, data communication, and GPS. Many of these devices also integrate with smartphones, which delivers Push-To-Talk services that make it possible to setup connections between users using a two-way radio and a smartphone. In fact, these devices can be used to connect users only using smartphones. To date, there is little research on the digital traces in modern radio communication equipment. In fact, increasing the knowledge base about these radio communication devices and services can be valuable to law enforcement in a police investigation. In this paper, we investigate what kind of radio communication equipment and services law enforcement digital investigators can encounter at a crime scene or in an investigation. Subsequent to seizure of this radio communication equipment we explore the traces, which may have a forensic interest and how these traces can be acquired. Finally, we test our approach on sample radio communication equipment and services.
BibTeX
@article{kouwen2018radioforensics,
author={Kouwen, Arie and Scanlon, Mark and Choo, Kim-Kwang Raymond and Le-Khac, Nhien-An},
title="{Digital Forensic Investigation of Two-Way Radio Communication Equipment and Services}",
journal="{Digital Investigation}",
year=2018,
month=07,
volume="26",
number="S1",
pages = "S77 - S86",
publisher={Elsevier},
doi = "https://doi.org/10.1016/j.diin.2018.04.007",
url = "http://www.sciencedirect.com/science/article/pii/S174228761830183X",
keywords = "Digital radio, Ham, Push-to-Talk, Forensic process, Digital forensics",
abstract="Historically, radio-equipment has solely been used as a two-way analogue communication device. Today, the use of radio communication equipment is increasing by numerous organisations and businesses. The functionality of these traditionally short-range devices have expanded to include private call, address book, call-logs, text messages, lone worker, telemetry, data communication, and GPS. Many of these devices also integrate with smartphones, which delivers Push-To-Talk services that make it possible to setup connections between users using a two-way radio and a smartphone. In fact, these devices can be used to connect users only using smartphones. To date, there is little research on the digital traces in modern radio communication equipment. In fact, increasing the knowledge base about these radio communication devices and services can be valuable to law enforcement in a police investigation. In this paper, we investigate what kind of radio communication equipment and services law enforcement digital investigators can encounter at a crime scene or in an investigation. Subsequent to seizure of this radio communication equipment we explore the traces, which may have a forensic interest and how these traces can be acquired. Finally, we test our approach on sample radio communication equipment and services."
}