Mobile Data Triage, Ingest, and Search Tool

Focus Area: Digital and Multimedia Forensics

Description: The mobile data triage, ingest, and search tool is a forensic intelligence tool which automatically extracts and ingests all data and reports from other forensic for cell phones and other mobile devices. The system automatically stores the hashes and the metadata of the extracted information. An operator has the capability to update and permanently store any images and data which has been ingested. The tool normalizes the data and systematically stores it in a searchable repository which provides instant triage reports and alerts. The system automatically ingests report files from commonly used forensic tools. The triage reports and alerts include notifications about: a) calls, contracts, chats, and Bluetooth connections to numbers that already exist in the database; b) images found on devices that are already in the repository, especially those that suggest steganography usage; c) flagged keywords or phrases and d) indications about any device having been inside a specified area of interest.

Project Cost: $630,190

Project Duration: 18 months

Operational Impact: The system automatically provides actionable intelligence from data extracted from cell phones and immediately links names, addresses, phone numbers, and events.

Deliverable: A fully operational cell phone and mobile device extraction and analysis tool that provides immediate alerts and intelligence by linking and associating multiple data parameters.

Performer: SyTech, Inc.

End Users: Customs and Border Protection

Transition: Distributed to CBP and commercially available from the developer for DoD and other government users.