Main Article Content
A forensic investigator or analyst should implement an appropriate digital forensic framework to acquire valid digital evidence to be presented at court. Choosing an unsuitable digital forensic framework with the investigation process may lead to failure at acquiring or maintaining complete digital evidence. Missing a step or turning a certain step into another irrelevant step may lead to unclear results and invalid conclusions. Digital evidence extracted from risky electronic evidence cannot be accepted by the court. Accordingly, a forensic investigator or forensic analyst should refer to a structuralized standard structure to perform well.
Several internal digital forensic frameworks are available, one of which is the Good Practice Guide for Computer-based Electronic Evidence , an English issuance by ACPO (Association of Chief Police Officers) in cooperation with 7Safe. The digital forensic framework is commonly called the digital forensic framework from ACPO or the ACPO Framework.
This research brings into focus the analysis of the percentage of success rate for using the ACPO digital forensic framework or the ACPO Framework in comparison with another digital forensic framework, i.e., NIST Framework. This research is also aimed at examining the performance of a mobile forensic tool, i.e., Cellebrite’s UFED Touch2 in comparison with another mobile forensic tool for digital evidence acquisition in smartphones.
The research objects were smartphones containing deleted WhatsApp messages. This research successfully implemented the ACPO Framework for digital evidence acquisition in smartphones using Cellebrite’s UFED Touch2 as the mobile forensic tool.