Comparative Study on the Effect of Different Forensics Systems in Recovering Deleted Chat Records of Mobile Phone WeChat
In the process of cracking down on new types of network-related crimes,the collection of data from suspects'mobile phones is a key part in obtaining evidence,while in actual cases,the WeChat records in the mobile phone,which have vital clues and evidence,are usually deleted.How to quickly and efficiently restore the deleted WeChat records in the suspects'mobile phones is an urgent problem to be solved in the investigation of related cases.This paper used the latest version of the four most commonly used forensics systems to collect WeChat data twice from more than thirty models of mainstream Huawei and Apple cell phones.The data was collected directly without any operation on the mobile phone,and then the data was collected again after the old version of the operating system was upgraded.In this way,we could compare and analyze the effect of different forensic systems to restore the deleted chat records of Huawei and Apple mobile phones.This paper can provide a reference for the selection of forensic tools in the investigation of related cases.
digital forensicnew type of network-related crimeforensics systemWeChat chat recordsdata recovery
国家科技期刊平台
NSTL
万方数据
