archives

Research

This category contains 25 posts

Samsung Galaxy Android 4.3 Jelly Bean acquisition using Joint Test Action Group (JTAG)

There have been some issues during data acquisitions with Samsung Galaxy having the Android 4.3, Jelly Bean as the operating system even if using the recommended steps for Logical File Dump, File System, or Physical Acquisitions for Cellebrite UFED Touch, Classic, and UFED4PC. All were unable to connect even if the mobile device was in … Continue reading

Forensic analysis of the ESE database in Internet Explorer 10

———————————————————— Due to me not being able to reformat our thesis in a good way I strongly suggest you look at the whole paper in PDF format here: http://hh.diva-portal.org/smash/get/diva2:635743/FULLTEXT02.pdf /Philip ———————————————————— Forensic analysis of the ESE database in Internet Explorer 10 Bachelor thesis June 2013 Authors: Bonnie Malmström & Philip Teveldal Bachelor thesis School of Information … Continue reading

OS X Mavericks Metadata

Apple recently released the newest version of their desktop operating system, Mac OS X Mavericks.  As a free update to all supported Apple desktops and laptops, a wide adoption rate was expected, and in fact it was estimated that within the first 24 hours, 5.5% of all Mac laptops and desktops were already running the … Continue reading

Analysis Of iOS Notes App

As part of my third year studying Digital Security,Forensics & Ethical Hacking at GCU, I took part in a group research project to study the artifacts created when using the notes app on an iPad Mini, and if they could be used as evidence. This post is really just going to explain what I did, … Continue reading

ForGe – Computer Forensic Test Image Generator

Introduction Creating test material for computer forensic teaching or tool testing purposes has been a known problem. I encountered the issue in my studies of Computer Forensics at the University of Westminster. We were assigned a task to compare computer forensic tools and report results. Having already analysed test images by Brian Carrier (http://dftt.sourceforge.net) over … Continue reading

Cyber Security Challenge in Scotland

Towards the end of August, I was part of the team who were offered to help out and participate at an exciting event held at Glasgow Caledonian University. The event ran over five days with each day varied in content and different challenges. In this post I aim to give a rough breakdown of each … Continue reading

Detecting Forged (Altered) Images

Are digital images submitted as court evidence genuine or have the pictures been altered or modified? We developed a range of algorithms performing automated authenticity analysis of JPEG images, and implemented them into a commercially available forensic tool. The tool produces a concise estimate of the image’s authenticity, and clearly displays the probability of the … Continue reading

Catching the ghost: how to discover ephemeral evidence with Live RAM analysis

Oleg Afonin and Yuri Gubanov, contact@belkasoft.com © Belkasoft Research, 2013 Belkador Dali. “Losing volatile Evidence”. All rights reserved.  Ephemeral Evidence Until very recently, it was a standard practice for European law enforcement agencies to approach running computers with a “pull-the-plug” attitude without recognizing the amount of evidence lost with the content of the computer’s volatile … Continue reading

Geo-tagging & Photo Tracking On iOS

As you may already know, Apple has always been criticized for using their extremely popular devices to track users and use this information to expand their own databases. This tutorial assumes that you have already jailbroken your device and you know how to navigate your way through iOS menus, if you don’t then check out our other articles … Continue reading

KS – an open source bash script for indexing data

KS – an open source bash script for indexing data ABSTRACT:  This is a keywords searching tool working on the allocated, unallocated data and the slackspace, using an indexer software and a database storage . Often during a computer forensics analysis we need to have all the keywords indexed into a database for making many … Continue reading

Categorization of embedded system forensic collection methodologies

There are many classifications as far as forensic data collection is concerned, but much of it is still a de facto and Wild West when it comes to naming convention. This is especially true in the embedded system area. When I refer to embedded systems, I think of specialized devices, sometimes in a larger system … Continue reading

What are ‘gdocs’? Google Drive Data

As “the Cloud” (a varied mix of internet based services ranging from web-based email accounts, on-line storage and services that synchronise data across multiple computers) becomes more relevant and the dominance of the PC or tablet as the exclusive “home” for data reduces, the days when simply taking a snapshot of a computer to capture … Continue reading

Why SSD Drives Destroy Court Evidence, and What Can Be Done About It

by Yuri Gubanov yug@belkasoft.com, Oleg Afonin aoleg@voicecallcentral.com Belkasoft Ltd. http://belkasoft.com Abstract Solid State drives (SSD) introduced dramatic changes to the principles of computer forensics. Forensic acquisition of computers equipped with SSD storage is very different of how we used to acquire PCs using traditional magnetic media. Instead of predictable and highly possible recovery of information the … Continue reading

The Role of Cyber Terrorism in the Future

By Michael Chance University of New Haven M.S. National Security ABSTRACT Since the events of September 11, 2001 terrorism has been an issue at the forefront of National Security.  This paper will explore the more specific threat of cyberterrorism that exists and why we are in danger, examine incidents of cyberterrorism and our response, and … Continue reading

Mobile Phone Forensic Challenges

Introduction A great number of the mobile phones used worldwide every second require special knowledge and skills from forensic experts.  More often it is not enough to be an experienced expert in computer forensics to understand all the peculiarities and difficulties of the mobile forensics. This article describes technical problems encountered by specialists in mobile … Continue reading

Follow

Get every new post delivered to your Inbox.

Join 2,043 other followers