All Articles

Helping law enforcement hunt evil

Author: Zach Clemens

ECpE professor Yong Guan has developed a mobile device forensic tool dubbed EviHunter that will help law enforcement officials quickly and accurately search seized smart phones for evidence.

Guan serves as the Cyber Forensic Coordinator for the Center for Statistic and Applications in Forensic Evidence (CSAFE). It was through CSAFE that Guan and his team developed EviHunter. This software can analyze a smart phone’s apps for evidence relating to a crime, and it is automatic and can speed up the investigation process by shortening the time to only 20-30 minutes per device.

Guan started with an Android operating system, with 3.14 million apps on the Google Play Store. There are over 65 other app stores worldwide, with a total of over 8.93 million Android apps available across the globe. With an average of 40 to 80 apps per device, investigations take 1-2 days per device, which has created backlogs in all crime labs. EviHunter can assist the search of a device automatically, taking out human error and find vital information to prove a suspect associated with a crime, or reduce the wrongly accused.

EviHunter generates a report from apps on a searched device that law enforcement officials can localize the app-generated evidence they are looking for, like locations, encrypted messages, and photos. Guan and his team are building a database of forensic artifacts generated by Android apps and where investigators can get quick access to these evidential information with a quality assurance guarantee.

EviHunter has been demoed to the FBI and their operational technology division, crime labs, as well as forensic units in Europe. Guan will work with those crime investigation agencies to make EviHunter available for use. He also presented EviHunter to the DSI Digital Forensics for National Security Symposium in Washington, D.C., and annual meetings of American Academy of Forensic Sciences (AAFS) and International Association for Identification (IAI).