When Data Overwhelms You, Cellebrite Pathfinder Empowers You With Actionable Insights
As the variety of digital devices, cloud sources, and data types increases, investigators need an all-encompassing solution that can pinpoint and leverage digital evidence quickly. Cellebrite Pathfinder does just this by automating the analysis of unmanageable amounts of digital data to resolve investigations faster.
Features like “Graph” highlight key communications between people in databases and further identify the people they share in common. This is especially helpful in cases that need to identify organized criminal and drug trafficking networks.
“Optical Character Recognition (OCR)” search is built into Cellebrite Pathfinder to assist examiners uncovering keywords in graphics. This can help determine illicit contracts, screenshots of conversations, and road signs to place an individual at a location or in a certain context.
If an image of a person of interest or of a background relevant to an investigation is loaded, “Media Analytics” scans the database and within seconds surfaces images and videos that contain frames with similar faces and surroundings.
Watch the webinar “Opioid Crisis in America: From Digital Clues to a Murder Conviction,” co-sponsored by the FBINAA to get an overview of the impact that the opioid epidemic is having in the United States and how law enforcement is using Cellebrite Pathfinder to combat drug dealers and other criminals.
When you find you’re overwhelmed in your data sets, take a deep breath and know that you’re not alone. Most of us end up feeling this way from time to time, but there is a way out.
In the sample case I’m about to show you, I only have three phones to worry about. Some of you work cases where you have 50 phones involved. Imagine mass investigations or terrorist cases where you might have so many devices you just don’t know where to start. This blog will show you some tricks I use to get to the evidence I need quickly while keeping my stress level at a minimum.
Starting From Square One
When you begin a new investigation involving multiple devices, you could hop through different versions of Cellebrite Physical Analyzer and try to find things in common, but the easiest way to begin is by using Cellebrite Pathfinder.
In the example below, I took the three different devices in my sample series and put them all into Cellebrite Pathfinder. This is where it gets interesting.
If I click on the graph, I can see who these people are talking to and what people they have in common.
So, all I need to find is a phone number or something of interest that jumps out at me that I haven’t seen before.
In this case, little lizzlelemon (at) yahoo.com looks like someone that they all have in common. I might never have seen this if I had not actually been looking at these graphs in a certain way. Digging further, we see Liz Lemon, has had a conversation with a background investigator, that’s interesting.
Would that connection have jumped out at you, if you weren’t looking at it in this view? Probably not.
But what if you need to put people in the same location at the same time? What if you’re working a case where you believe people are conspiring to commit a crime together? What if it’s some type of IP theft investigation where people ran off with the data or they’re storing it at a commonplace? The map view could help you.
OCR (Optical Character Recognition) searching is huge in the eDiscovery business world. You can choose to have OCR on all of these graphics. If you do an OCR search, it will actually find pictures that are included in graphics, which is something that we cannot currently do with Cellebrite Physical Analyzer.
The following example shows a drug investigation. Here I’ve found a picture of money.
Next, I can opt in to load similar images, so I’m going to select that. Now the search delivers more pictures of money and I can start looking for similarities.
Now, let’s say you’re working a possible kidnapping case and you wonder if the person is doing serial kidnappings and targeting their victims. If you realize that the case you’re working on has a grocery store in the background and other women may have been kidnapped from a grocery store, start searching for similar things by asking yourself questions like this:
- Is it a specific grocery store?
- Is it a different chain of grocery stores?
- Can you possibly find shopping carts in the pictures?
By using OCR in this way, all of these things may lead you down the path to solve your investigation faster.