1 / 25

Challenges in Obtaining and Analyzing Communication Data from Mobile Devices for Criminal Investigations

This article discusses the challenges faced in obtaining and analyzing full communication information from mobile devices for use in criminal investigations. It highlights the features of the Oxygen Forensic Suite 2012 and its strong support for various operating systems. The article also explores the evolution of mobile forensics and the different sources of contact information. It concludes with the complexities of analyzing data from different platforms and the need for specialized tools.

heriberto
Download Presentation

Challenges in Obtaining and Analyzing Communication Data from Mobile Devices for Criminal Investigations

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Challenges in Obtaining and Analyzing Full Communication Information from Mobile Devices for Use in Criminal Investigations TechnoSecurity & Mobile Forensic Conference (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  2. Oxygen Software Company Founded in 2000 by Oleg Fedorov, CEO and Oleg Davydov, CTO 12 years of PC-to-mobile communication software development Oxygen Forensic Suite 2012 - Smart Forensics for Smart Phones Strong support for Android OS, Apple iOS, Symbian OS, Windows Mobile OS, Blackberry OS (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  3. SMS How it used to be some time ago Mobile Forensics was easy 10 years ago (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  4. How we use devices today • General phone information & SIM card data • Contacts (extended) • Event Log (calls, messages, GPRS, WiFi) • Calendar events, tasks and notes • Messages from standard and user folders • Camera snapshots, video clips and voice records • Documents and files • GPS & Location tagged information • Web browser cache, history and bookmarks • IM and social networks clients • 3rd party applications • And even more! (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  5. VS. (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  6. iDeviceexaminationroutine getting physical dump – you can do it with open source tools! iphone-dataprotection (code.google.com/p/iphone-dataprotection) decrypting physical dump into readable file system image (HFS) parsing processes and apps data (SQLite, plists, ...) (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  7. Whathappensintheworldofmobileapplications (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  8. Contacts: differentsources • SIM, internal phone memory – stored localy Contacts • Gmail, Facebook,Twitteraccounts- sync'dwithInternet • MessagingandVoIPclients - Skype, AOL, ICQ, MSN Social networks - Foursquare, LinkedIn Phone numbers and e-mail addresses from SMS and e-mail messages (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  9. Combiningthecontacts (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  10. Combiningactivity (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  11. Worldwide Mobile Phone Market Share Source: IDC (May 2012) (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  12. FreedomofcommunicationwithWiFi Calls (Skype, Viber) Chats (Whatsapp, Tiger Text) Social Networking (Facebook, Twitter) Web browsing (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  13. My TV cancallandchat! (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  14. KindleFire - yetanother e-bookreader?

  15. KindleFire - themostpopular Android tablet (fornow) Source: ComScore (February 2012) (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  16. KindleFire - full-fledged Android tablet (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  17. Android - theworldofunleashedfreedom - differentmanufacturersandform-factors - different OS versions (Linux OS kernel, Android OS, UI,custombuilds - CyanogenMod, MIUI, manufacturers) - Windows meansdrivers, drivers, drivers - dataprotection (Unixbasedfilesystem) - YAFFS2, EXT (upto EXT4), FAT, RFS (Samsung) - GooglePlaystore, Amazonappstore, independentappmarketplaces (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  18. Casestudy - KindleFire USB driver is not supplied with the device 6.0, 6.1, 6.2, 6.3firmwares; autoupdates; exploits Logicalvsphysical Amazon applications (preinstalled to Kindle Fire) Amazon shop Quickoffice Browser Kindle Facebook Appstore (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  19. Wecanbethewinnersherethough (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  20. Conclusions Each platform needs its own approach… … and sometimes each device model (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  21. Conclusions (continued) Logicalvsphysical– notaneasychoicenow (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  22. Conclusions (continued) Millions of applications different platforms and data formats, updates, encrypted files (various methods) Hundreds of new applications in various appstores every day (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  23. Conclusions (continued) Welcometoprogrammer'sworld– doyouwanttoknowhowtowritescriptstohandleappsdata? (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  24. Conclusions (continued) Just one tool for all that zoo? Unlikely... (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

  25. All for today but just a tiny piece of the iceberg Oxygen Forensic Suite 2012 www.oxygen-forensic.com +1 877 9-OXYGEN (USA) Oxygen Forensic Suite is the trademark of Oxygen Software. Oxygen Software LLC was founded in year 2000 and since that time our business is a PC-to-mobile communication. (C) Oxygen Software, 2000-2012 http://www.oxygen-forensic.com

More Related