Mobile Network Forensics: Emerging Challenges and Opportunities

Mobile Network Forensics: Emerging Challenges and Opportunities

Copyright: © 2019 |Pages: 22
DOI: 10.4018/978-1-5225-5855-2.ch008

Abstract

Mobile networks are evolving towards the fifth generation, with radical changes in the delivery of user services. To take advantage of the new investigative opportunities, mobile network forensics need to address several technical, legal, and implementation challenges. The future mobile forensics need to adapt to the novelties in the network architecture, establish capabilities for investigation of transnational crimes, and combat clever anti-forensics methods. At the same time, legislation needs to create an investigative environment where strong privacy safeguards exist for all subjects of investigation. These are rather complex challenges, which, if addressed adequately, will ensure investigative continuity and keep the reputation of mobile network forensics as a highly effective discipline. In this context, this chapter elaborates the next-generation of mobile network forensics.
Chapter Preview
Top

Introduction

This chapter discusses the future of mobile network forensics as of the emerging challenges and investigative opportunities. The complete redesign of the 5G network architecture with new deployment scenarios, control and user plane separation, and flexibility for network slicing bring a whole new layer of complexity for implementation of the mobile network forensics mechanisms. The cross-border investigations are also discussed as a unique challenge that warrants joint utilization of interception mechanisms from operators belonging to different jurisdictions. Mobile network forensic investigations are effective in yielding evidence with high probative value that criminals and attackers are trying to diminish or eliminate completely. The anti-forensics challenges and opportunities for detection are also discussed as of the types, tools, and common actions taken to preserve the normal acquisition, analysis and interpretation of potential mobile network evidence. Lastly, the privacy protection by design for LI and LALS is discussed to prevent illicit and unauthorized use of mobile network data.

Key Terms in this Chapter

mMTC: Massive machine type communication.

SSL: Secure socket layer.

CUPS: Control and user plane separation.

GTP: Gateway tunneling protocol.

NSI: Network slice instance.

LTE: Long-term evolution.

RSTD: Received signal time difference.

S-GW-C: Serving gateway-control.

NFV: Network function virtualization.

PCRF: Policy charging rules function.

LEA: Law enforcement agency.

HI2: Handover interface 2.

IMS: Interception management system.

HI3: Handover interface 3.

TDF: Traffic detection function.

LCS: Location services.

LALS: Lawful access location services.

IMEI: International mobile equipment identity.

MSC: Mobile switching center.

HI1: Handover interface 1.

ICE: Interception control element.

GPS: Global positioning service.

IP: Internet protocol.

GMLC: Gateway mobile location centers.

RES: Remote-control equipment subsystem.

ITU: International Telecommunication Union.

LWIP: LTE WLAN radio level integration with IPsec tunnel.

LI: Lawful interception.

T-IMSI: Temporary IMSI.

TBS: Terrestrial beacon systems.

IRI: Interception-related information.

OA&M: Operations, administration, and maintenance.

EUTRAN: Evolved UMTS terrestrial radio access network.

5G: 5 th generation of mobile networks. Still in standardization phase, the first 5G deployments are envisioned for 2020.

PFCP: Packet forwarding control plane.

SDN: Software-defined networking.

LWA: LTE-WLAN aggregation.

VOIP: Voice-over-internet protocol.

WLAN: Wireless local area network.

B2C: Business-to-consumer.

UMTS: Universal mobile telecommunication system.

B2B2X: Business-to-business-to-business/customer.

Cc: Content-of-communication.

SMS: Short message service.

P-GW-C: Packet gateway-control.

AMDF: Administration function.

P-GW: Packet gateway.

DF2: Delivery function 2.

VoLTE: Voice over LTE.

eNB: Evolved node B.

RAN: Radio access network.

IoT: Internet-of-things.

LEMF: Law enforcement monitoring facility.

IMT-2020: International mobile telecommunications-2020 requirements.

RAT: Ratio access type.

UDP: User datagram protocol.

NSSI: Network slice subnet instance.

S-GW-U: Serving gateway-user.

ECPA: Electronic Communications Privacy Act.

LIID: Lawful interception identifier.

DF3: Delivery function 3.

CSP: Communication service providers.

LMU: Location measurement units.

3GPP: 3 rd generation partnership project.

TEID: Tunnel endpoint identifier.

S-GW: Serving gateway.

FISA: Foreign Intelligence Surveillance Act.

B2B: Business-to-business.

P-GW-U: Packet gateway-user.

QoE: Quality-of-experience.

TTFX: Time-to-first-fix.

OCCSSA: Omnibus Crime Control and Safe Streets Act.

PS: Packet switched traffic.

Complete Chapter List

Search this Book:
Reset