mobile devices
play

Mobile Devices Villanova University Department of Computing - PowerPoint PPT Presentation

Feb 01, 2024 •654 likes •1.01k views

Mobile Devices Villanova University Department of Computing Sciences D. Justin Price Fall 2014 INTRODUCTION The field of computer forensics has long been centered on traditional media like hard drives. This is rapidly changing as

  1. Mobile Devices Villanova University – Department of Computing Sciences – D. Justin Price – Fall 2014

  2. INTRODUCTION The field of computer forensics has long been centered on traditional media like hard drives. This is rapidly changing as cell phones and specifically smartphone devices are so common that they have become the standard in today’s digital examinations. Villanova University – Department of Computing Sciences – D. Justin Price – Digital Forensics - Fall 2014

  3. CELL PHONE CAPABILITIES • Storage capacity increasing... • 128GB of data storage within the phone. • Removable media with 32GB data storage for cell phones (e.g. microSD cards) • Functionality increasing… • 10 megapixel camera and video capabilities. • WiFi and Internet access for data transfer. • Usage Increasing Worldwide • http://www.socialnomics.net/2013/03/25/ mobilenomics-video/ Villanova University – Department of Computing Sciences – D. Justin Price – Digital Forensics - Fall 2014

  4. CELL PHONE TECHNOLOGY • Two major Cellphone Technologies: GSM & CDMA • GSM - stands for Global System for Mobile communications. It is the world’s most widely used cell phone technology • Key features of GSM is the Subscriber Identity Module, commonly known as a SIM card. • The SIM is a detachable smart card containing the user's subscription information and some user data (potentially). • Uses a cell phone service carrier’s GSM network by searching for cell phone towers in the nearby area Villanova University – Department of Computing Sciences – D. Justin Price – Digital Forensics - Fall 2014

  5. CELL PHONE TECHNOLOGY • CDMA, or Code Division Multiple Access, is a competing cell phone service technology to GSM • CDMA uses a “spread-spectrum” technique whereby electromagnetic energy is spread to allow for a signal with a wider bandwidth • With CDMA technology, data and voice packets are separated using codes and then transmitted using a wide frequency range • The CDMA standard was originally designed by Qualcomm in the U.S. and is primarily used in the U.S. and portions of Asia by other carriers. Villanova University – Department of Computing Sciences – D. Justin Price – Digital Forensics - Fall 2014

  6. CELL PHONE TECHNOLOGY • Most CDMA phones do not use SIM Cards • Forensics can only be done on the phone itself • Relevant data is stored directly on the phone • Sprint, Virgin Mobile and Verizon Wireless use CDMA while T-Mobile and AT&T use GSM Villanova University – Department of Computing Sciences – D. Justin Price – Digital Forensics - Fall 2014

  7. BLACKBERRY • The Blackberry (RIM) device shares similarities to other smart phones • The Blackberry (RIM) device is always-on, and may be participating in some form of wireless push technology • The Blackberry (RIM) does not require some form of desktop synchronization like the original PDA’s did • It still can be manually backed up to the computer so this may be a source of evidence • *.ipd = Blackberry Backups Villanova University – Department of Computing Sciences – D. Justin Price – Digital Forensics - Fall 2014

  8. CELLULAR HANDLING • Most new cellular devices are not as “power dependent” as the older devices were. However they still can be sensitive to power. • However, you MUST control the wireless access to the device • Additionally, gather all potential accessories • Each cellular cable can be proprietary or unique to the device Villanova University – Department of Computing Sciences – D. Justin Price – Digital Forensics - Fall 2014

  9. SEIZING CELL PHONES • Secure the phone. Prevent the phone from being used. Capture any information on display. • Prevent phone’s access to the cellular network. • Faraday, airplane mode (radio off), jammer (legal issue), turn off (may engage password) • Collect related hardware, software, documentation, passwords, computers, interviews, and other information. • Transport seized materials to evidence storage, maintain chain of custody, and have phone analyzed by trained examiners. Villanova University – Department of Computing Sciences – D. Justin Price – Digital Forensics - Fall 2014

  10. ISSUES SEIZING CELL PHONES • Seizing and preserving cell phone data… • Isolating phone from network • Remotely delete user data. • Overwriting call logs, deleted data • Identifying related sources of evidence • Must know what data may exist and where. • Must recognize related media. • Search incident to arrest • Will change data on the phone. • Should be fully documented. • May encounter admissibility issues. Villanova University – Department of Computing Sciences – D. Justin Price – Digital Forensics - Fall 2014

  11. ISSUES SEIZING CELL PHONES Villanova University – Department of Computing Sciences – D. Justin Price – Digital Forensics - Fall 2014

  12. RECOGNIZING EVIDENCE SD Cards SIM Cards Removable media such as MicroSD, Subscriber Identity Module. MiniSD or regular SD cards (shown above) can be found inside or outside Phone number is tied to the SIM. the phone. SIM can hold phonebook, last This media can be used to transfer data dialed numbers, text messages, last between a computer and cell phone. cell tower, and other information. They are easily overlooked. Villanova University – Department of Computing Sciences – D. Justin Price – Digital Forensics - Fall 2014

  13. SOURCES OF EVIDENCE • Network Provider • User data • Locations (cell tower, GPS) • Computers for sync or backup files. • Phone backup files (e.g. Blackberry, iPhone) • Transfer data to/from phone • People/Subscriber • Passwords • Usage information Villanova University – Department of Computing Sciences – D. Justin Price – Digital Forensics - Fall 2014

  14. CELL PHONE FORENSICS • Handheld devices are unique in that most have their own proprietary operating systems, file systems, file formats, and methods of communication • Dealing with this creates unique problems for examiners • Performing a forensic exam on a cell phone takes special software and special knowledge of the way these devices work, as well as where possible evidence could be stored • Multiple tools may be necessary to complete the exam of a single phone. • http://www.csc.villanova.edu/~dprice/9010sp14/ resources.html Villanova University – Department of Computing Sciences – D. Justin Price – Digital Forensics - Fall 2014

  15. CELL PHONE FORENSICS • Three main methods of acquiring a mobile device: • Logical • Extracts common artifacts: contacts, call logs, SMS, MMS, audio, graphic and video files. • Filesystem Extraction • Copies all files and folders found within the filesystem • Physical • Bit for bit image of the entire physical device. • Captures free space, file slack and deleted data. Villanova University – Department of Computing Sciences – D. Justin Price – Digital Forensics - Fall 2014

  16. ISSUES WITH EXAMINATION • Issue regarding technology... • Proprietary hardware, cables, and connectors. • Propriety operating systems, file systems for data storage methods, and applications. • Password cracking and encryption. • Methodologies for recovery of deleted data Villanova University – Department of Computing Sciences – D. Justin Price – Digital Forensics - Fall 2014

  17. EXAMINATION AND EXTRACTION • We call it cell phone forensics, but is it? • Hash value verification of digital data. • Hash values change • Device cannot be write-blocked • Are results reproducible? • If data are changing, then not only hash value, but even final results may change • Different tools produce different results • Nature of flash memory • Rewrite/refresh of pages in memory may overwrite deleted data • Lack of artifacts – like file slack or residual data Villanova University – Department of Computing Sciences – D. Justin Price – Digital Forensics - Fall 2014

  18. ISSUES WITH EXAMINATION • Manually, by using photography or video as data is displayed on the cell phone. • Possibility of destroying data • May miss evidence (i.e. deleted data) • Extracting Active Data from the cell phone. • Requires multiple tools (hardware & software) • Cellebrite, XRY, Paraben, Oxygen,… • Extracting and Analyzing cell phone physical memory • Requires more skills and tools • Not even an option for all phones Villanova University – Department of Computing Sciences – D. Justin Price – Digital Forensics - Fall 2014

  19. ANDROID DEVICES • Linux Platform • Can contain several different partitions • User Data • \data • SQLite Databases • Stores all user data: SMS, Emails, Contacts, Call Logs, Social Media Artifacts, Internet Artifacts • System Data • \app • Preinstalled Applications • Cache Records • Swap Partition on a Linux System • Temporary location for downloaded files / apps • Apps downloaded from Google Store, etc. Villanova University – Department of Computing Sciences – D. Justin Price – Digital Forensics - Fall 2014

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Localization ocalization of mobile devices of mobile devices L Seminar: Mobile Computing IFW

Localization ocalization of mobile devices of mobile devices L Seminar: Mobile Computing IFW

Localization ocalization of mobile devices of mobile devices L Seminar: Mobile Computing IFW C42 Tuesday, 29th May 2001 Roger Zimmermann Overview Overview Introduction Why Technologies Absolute Positioning Relative

314 views • 30 slides
Threats to Mobile Devices Possible attack threats to mobile devices Network exploit

Threats to Mobile Devices Possible attack threats to mobile devices Network exploit

Threats to Mobile Devices Possible attack threats to mobile devices Network exploit Hackers takes advantage of vulnerability or flaw of users web browser on mobile device in WiFi communication to attack victims. Hackers send

464 views • 30 slides
Mobile Devices Mobile Devices NAGTRI Webinar Series NCJRL / NAAG Objectives Objectives

Mobile Devices Mobile Devices NAGTRI Webinar Series NCJRL / NAAG Objectives Objectives

Mobile Devices Mobile Devices NAGTRI Webinar Series NCJRL / NAAG Objectives Objectives Identify mobile devices Identify mobile devices Learn how mobile devices obtain and transmit information transmit information Identify

863 views • 68 slides
devices Im going to be talking about how we hold and interact our mobile devices And how

devices Im going to be talking about how we hold and interact our mobile devices And how

Im going to be introducing you to ergonomics More specifically ergonomics in terms of designing touch interfaces for mobile devices Im going to be talking about how we hold and interact our mobile devices And how you can use

1.12k views • 62 slides
Tutorial: Development of Interactive Applications for Mobile Devices 7th International Conference

Tutorial: Development of Interactive Applications for Mobile Devices 7th International Conference

Tutorial: Development of Interactive Applications for Mobile Devices 7th International Conference on Human Computer Interaction with Mobile Devices and Services (Mobile HCI 2005) Enrico Rukzio (Media Informatics Group, University of Munich )

641 views • 24 slides
Characteristics of Mobile Web Content Felix Nwaobasi Text Block #3 Contact, Department, or

Characteristics of Mobile Web Content Felix Nwaobasi Text Block #3 Contact, Department, or

Characteristics of Mobile Web Content Felix Nwaobasi Text Block #3 Contact, Department, or Other Information Background 2 Worcester Polytechnic Institute Mobile vs. Non-Mobile Devices Non-mobile devices Mobile devices Great

333 views • 20 slides
MOBILE DEVICES USING WIFI NETWORK JOAQUIN BERENGUER 30 MINUTES IMAGES OF IOT CONTENT

MOBILE DEVICES USING WIFI NETWORK JOAQUIN BERENGUER 30 MINUTES IMAGES OF IOT CONTENT

SERVER FOR IOT DEVICES AND MOBILE DEVICES USING WIFI NETWORK JOAQUIN BERENGUER 30 MINUTES IMAGES OF IOT CONTENT Environment Architecture Server Functionality Security IoT Devices Mobile and Desktop Devices Events

904 views • 23 slides
Smart Mobile Devices Registration System THE PURPOSES OF THE SYSTEM To detect illegally imported

Smart Mobile Devices Registration System THE PURPOSES OF THE SYSTEM To detect illegally imported

Smart Mobile Devices Registration System THE PURPOSES OF THE SYSTEM To detect illegally imported and/or uncertifjed To detect and prevent usage of mobile devices 1 5 devices within mobile operator network in with cloned and/or invalid

241 views • 10 slides
Interaction Devices Mobile Keyboard Animation, Speech and Displays

Interaction Devices Mobile Keyboard Animation, Speech and Displays

Interaction Devices Mobile Keyboard Animation, Speech and Displays Small Pointing Novel device image, and Layouts auditory and Large Devices devices display s video interfaces

194 views • 7 slides
Using Mobile Devices Meeting 2012 with RIS Workflow Richard Bulmer 1 Is there a need for

Using Mobile Devices Meeting 2012 with RIS Workflow Richard Bulmer 1 Is there a need for

UK Imaging Informatics Spring Using Mobile Devices Meeting 2012 with RIS Workflow Richard Bulmer 1 Is there a need for mobile devices with RIS? Pros Ease of use Portability Being able to reduce paper/paperless department workflow

507 views • 13 slides
Mobile Communications Original design motivation was not so much mobility support Mobility

Mobile Communications Original design motivation was not so much mobility support Mobility

Motivation Mobility support needed to be able to use mobile devices in the Internet Mobile devices need IP address for their communication Applications would like to communicate while being on the move DHCP Mobile Communications

217 views • 8 slides
Mobile Health Monitoring health and well-being using mobile devices, wearable sensors, and smart

Mobile Health Monitoring health and well-being using mobile devices, wearable sensors, and smart

6.808: Mobile and Sensor Computing aka IoT Systems Lecture 11: Mobile Health Mobile Health Monitoring health and well-being using mobile devices, wearable sensors, and smart environments Applications: What do we want to measure? And why?

1.09k views • 73 slides
Mobile Devices Smartphones, tablets and other devices Design considerations Android as a

Mobile Devices Smartphones, tablets and other devices Design considerations Android as a

Mobile Devices Smartphones, tablets and other devices Design considerations Android as a platform Design What makes mobile design different? Touch Interfaces In this course, we have mostly discussed the development of computer interfaces,

366 views • 33 slides
Mobile App Development Mara Gmez Software Engineering Course - Summer Semester 2017 Mobile

Mobile App Development Mara Gmez Software Engineering Course - Summer Semester 2017 Mobile

Mobile App Development Mara Gmez Software Engineering Course - Summer Semester 2017 Mobile Market Today Growth of mobile devices Mobile Market Today Growth of mobile devices >1 million new Android devices are activated every day

937 views • 74 slides
Attack vectors on mobile devices Tam Hanna aka @tamhanna About /me Tam HANNA

Attack vectors on mobile devices Tam Hanna aka @tamhanna About /me Tam HANNA

Attack vectors on mobile devices Tam Hanna aka @tamhanna About /me Tam HANNA CEO, Tamoggemon Ltd. Runs web sites about mobile computing Starting thoughts Different user perceptions Mobile phones are always on the

923 views • 74 slides
Mobile security: Tips and tricks for securing your iPhone, Android and other mobile devices

Mobile security: Tips and tricks for securing your iPhone, Android and other mobile devices

Mobile security: Tips and tricks for securing your iPhone, Android and other mobile devices Presented by Michael Harris [MS, CISSP, WAPT] Systems Security Analyst University of Missouri Overview What data needs to be protected, what

407 views • 18 slides
Lecture no: 9 Multiple access and cellular systems Ove Edfors, Department of Electrical and

Lecture no: 9 Multiple access and cellular systems Ove Edfors, Department of Electrical and

RADIO SYSTEMS ETIN15 Lecture no: 9 Multiple access and cellular systems Ove Edfors, Department of Electrical and Information Technology Ove.Edfors@eit.lth.se 2012-05-02 Ove Edfors - ETIN15 1 Contents Background Interference and

519 views • 40 slides
Multiplexing ITS323: Introduction to Data Communications CSS331: Fundamentals of Data

Multiplexing ITS323: Introduction to Data Communications CSS331: Fundamentals of Data

ITS323/CSS331 Multiplexing Multiplexing Multiple Access Multiplexing ITS323: Introduction to Data Communications CSS331: Fundamentals of Data Communications Sirindhorn International Institute of Technology Thammasat University Prepared by

471 views • 16 slides
Cryptography Cryptography secret- -key and and public key and and public- -key technologies

Cryptography Cryptography secret- -key and and public key and and public- -key technologies

Cryptography Cryptography secret- -key and and public key and and public- -key technologies key technologies secret September 4, 2020 Administrative getting VM files getting VM files Administrative new Administrative

1.1k views • 63 slides
Machine-Level Programming I: Basics 15-213/18-213:

Machine-Level Programming I: Basics 15-213/18-213:

Carnegie Mellon Machine-Level Programming I: Basics 15-213/18-213: Introducon to Computer Systems 5 th Lecture, Sep. 15, 2015 Instructors: Randal

721 views • 44 slides
Replica method: a statistical mechanics approach to probability-based information processing

Replica method: a statistical mechanics approach to probability-based information processing

bg=black!2 Introduction Limiting eigenvalue distribution of random matrices Digital communication Bibliography Replica method: a statistical mechanics approach to probability-based information processing Toshiyuki Tanaka tt@i.kyoto-u.ac.jp

1.14k views • 41 slides
CS 8803 - Cellular and Mobile Network Security: GSM - In Detail Professor Patrick Traynor

CS 8803 - Cellular and Mobile Network Security: GSM - In Detail Professor Patrick Traynor

CS 8803 - Cellular and Mobile Network Security: GSM - In Detail Professor Patrick Traynor 10/2/18 Florida Institute for Cybersecurity (FICS) Research Cellular Telecommunications Architecture Background Air Interfaces Network

831 views • 39 slides
Contents Contents Mobile Phones Generations Hardware Requirements for Hardware Requirements

Contents Contents Mobile Phones Generations Hardware Requirements for Hardware Requirements

Contents Contents Mobile Phones Generations Hardware Requirements for Hardware Requirements for Common Hardware Backbone Hardware Requirements for Actual Cellular Cellular Processors Cellular Processors Processors The Ideal

745 views • 4 slides
1 Wireless standards Path Loss Phenomena Wireless standards Path Loss Phenomena Open

1 Wireless standards Path Loss Phenomena Wireless standards Path Loss Phenomena Open

Outline Outline What is wireless? Overview Wireless parameters Cellular architecture Wireless Networks Wireless Networks Media multiple access Wireless LAN 802.11 MANET Mobile Ad-hoc NETworks Amnon Jonas

525 views • 13 slides

More recommend