Digital Forensics and Hand Held Devices Robert Trimble COSC 480 2-12-2007.

Slides:

Advertisements

Similar presentations

Electronic Evidence Joe Kashi. Todays Program Types of Electronically stored information Types of Electronically stored information Accessibility and.

Advertisements

Computer Terminology 4 th Grade TECOS Created by: Kathy Landman.

Basic Computer Vocabulary

Information Systems Today: Managing in the Digital World

Term 2, 2011 Week 1. CONTENTS Sending and receiving devices Mobile devices connected to networks – Smart phones – Personal digital assistants – Hand-held.

Digital Audio 1.

Mobile Computing Advantages and limitations of mobile computing

Lesson 01: The Digital Experience  Transition from traditional devices to multipurpose digital devices. Wired phones move to cell phones and now smart.

Computer Basics I Course Outline 1: What is a computer? 2: What is an operating system? Using a Desktop Computer 3: What are the basic parts of a desktop.

David Abarca, Instructor Del Mar College Computer Science and Information Technology Department Computer Corner Computer Corner.

The next generation in digital forensics Mobile Phones A New Frontier in Digital Forensics BK Forensics.

2 Language of Computer Crime Investigation

An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.

Essential Introduction to Computers. What is a Computer? An electronic device, operating under the control of instructions stored in its own memory, that.

Computer Basics Dayton Metro Library Place photo here May 20, 2015.

Computer Forensics Principles and Practices by Volonino, Anzaldua, and Godwin Chapter 5: Data, PDA, and Cell Phone Forensics.

Computer Forensics Principles and Practices by Volonino, Anzaldua, and Godwin Chapter 5: Data, PDA, and Cell Phone Forensics.

Computing ESSENTIALS     Copyright 2003 The McGraw-Hill Companies, Inc CHAPTER Information Technology, the Internet, and You computing ESSENTIALS.

Technology in Organisations How are technological components used together in systems? All images drawn by Christopher Ashwood.

Hardware of Personal Computers

CS 0008 Day 2 1. Today Hardware and Software How computers store data How a program works Operators, types, input Print function Running the debugger.

Digital Technology Basics Digital Technology Basics includes two lessons:  Lesson 1: The Modern Digital Experience  Lesson 2: Digital Technology & Career.

COEN 252 Computer Forensics Forensic Duplication of Hard Drives.

Introduction to computers. What is a personal computer? Capacity: Large hard disks combined with a large working memory (RAM) Speed: Fast. Normally measured.

Microsoft Office 2010 Introduction to Computers and How to Purchase Computers and Mobile Devices.

WINDOWS APPLICATIONS by Jane Cable Also called Accessories Also called Components.

Introduction to Computers

Introduction to Computers

Assistive Technology Marla Roll, MS, OTR December 15, 2010 Denver Options.

Damien Leake. Definition To examine digital media to identify and analyze information so that it can be used as evidence in court cases Involves many.

Essential Computer Concepts

Ch Review1 Review Chapter Microcomputer Systems Hardware, Software, and the Operating System.

What Is a Computer? How is a computer defined?

Living in a Digital World Discovering Computers Fundamentals, 2010 Edition.

Chapter 1 1.  The computer system consists of: 1. Hardware: Physical Components, like the system unit,monitor,keyboard, mouse, camera, printer … etc.

A brief history, Smart Phones, Tablets, and Wearable Technology.

Microsoft Office 2007 Essential Introduction to Computers.

Software Writer:-Rashedul Hasan Editor:- Jasim Uddin.

Week 1 Review of Computer Concepts. Objectives Recognize the importance of computer literacy Define the term, computer Identify the components of a computer.

Chapter 8: Mobile Computing BY Chasity Cummings Cummings 1.

Computer Forensics Principles and Practices

Eng.Abed Al Ghani H. Abu Jabal Introduction to computers.

IT Introduction to Information Technology CHAPTER 01.

What is a Computer? Computer generally means a programmable machine. The two principal characteristics of a computer are: it responds to a specific set.

11 CHAPTER INFORMATION TECHNOLOGY, THE INTERNET, AND YOU.

The Operating System ICS3M.  The operating system (OS) provides a consistent environment for other software programs to execute commands.  It gives.

Chapter 2 Understanding Computer Investigations Guide to Computer Forensics and Investigations Fourth Edition.

What’s a mobile app? A mobile app is a software program you can download and access directly using your phone or another mobile device, like a tablet.

1 Title: Introduction to Computer Instructor: I LTAF M EHDI.

 Forensics  Application of scientific knowledge to a problem  Computer Forensics  Application of the scientific method in reconstructing a sequence.

Computer Forensics Presented By:  Anam Sattar  Anum Ijaz  Tayyaba Shaffqat  Daniyal Qadeer Butt  Usman Rashid.

Created for Pharr South Continuing Education Presented by Henk & Linda Sluis 1.

Introduction to Computers in General By: Dr. Emelda Ntinglet-Davis Oracle DBA Class.

By: Jeremy Henry. Road Map  What is a cybercrime?  Statistics.  Tools used by an investigator.  Techniques and procedures used.  Specific case.

Mobile Phone Forensics Michael Jones. Overview Mobile phones in crime The mobile phone system Components of a mobile phone The challenge of forensics.

How to Recover Deleted Photos from Android Cell Phone? Android is keeping on improving their products and make sure to provide the best software service.

Mobile Device Collection More Than Just a Phone. More than just a phone… Cell phone Address book Planner & Organizer Messenger Photo & Video camera GPS.

Computer Forensics By Chris Brown. Computer Forensics Defined Applying computer science to aid in the legal process Utilization of predefined set of procedures.

Photo recovery from water damaged XD memory card recovery-from-water-damaged-xd-memory-card.

By Jason Swoyer.  Computer forensics is a branch of forensic science pertaining to legal evidence found in computers and digital storage mediums.  Computer.

Discovering Computers 2009 Chapter 1 Introduction to Computers.

Hardware/Software Unit

Computer Basics: Parts of a Computer? Part I

Computer Hardware and Software

Technology Literacy Hardware.

Dayton Metro Library Computer Basics September 19, 2018

CHFI & Digital Forensics [Part.1] - Basics & FTK Imager

Dayton Metro Library Place photo here Computer Basics December 8, 2018.

Digital Literacy 1.00 Computer Basics

Windows Operating System

Presentation transcript:

Digital Forensics and Hand Held Devices Robert Trimble COSC

Road Map  Introduction  PDA Forensics  IPod Forensics  Tracking by Cell Phones  Legal Requirements  Conclusion  Discussion

Introduction  The science of applying technologies to legal questions.  90% of all data created today is in electronic format.  Consists of mining Hardware Hardware Software Software  It is estimated that 85% of all crimes committed contain a digital signature.  With new technology such as cell phones, PDAs, and MP3 players, criminal activity is not limited to a computer or network.

PDA Forensics  Still in the infant stage  Few tools limited to popular items  Problems Two consecutive scans would be different Two consecutive scans would be different Frequent garbage collection and memory organization Frequent garbage collection and memory organization Power Requirements Power Requirements No standardization No standardization  Return to company for analysis

Music Player Forensics  Very popular in today's society  Holds Data as well as Music  Can also be used to load additional OS Linux Linux “Live CD” “Live CD” Boot Disk Boot Disk

IPOD Features  GB Data Storage  Stored Data Music Music Data Data Voice Voice Video Video  Calendar  Contacts

IPOD Forensics  File Structure Apple HFS+ Apple HFS+ Windows FAT32 Windows FAT32  VCard format for contacts and Calendar  Music MP3 MP3 AAC AAC others others

IPOD Forensics (cont)  When found at crime scene: Document location Document location Determine Connectivity Determine Connectivity What format What format Possible Trap Possible Trap  Storage is same as other components  Power Concerns

Testing and Results  Testing Tests done with both file formats Tests done with both file formats Full system restore tests as well Full system restore tests as well  Results EnCase EnCase Full System Restore ≠ Erased Completely Full System Restore ≠ Erased Completely Initialization record Initialization record HFS+.trashes.trashes/501 HFS+.trashes.trashes/501 FAT32 deletion FAT32 deletion.trashes evidence corruption.trashes evidence corruption

Cell Phone Forensics  SIM Card  Cell phones can track people’s location  When a cell phone is turned on Constant scanning Constant scanning Tower routes Tower routes Triangulation Triangulation GPS GPS  Data is collected and stored by phone provider

Cell Phone Forensics (cont)  At least three cases, the government was unsuccessful in acquiring data  Successful attempts unknown.  Records sealed.  Phone Companies cooperate and treated as ISPs

Legal Requirements  Pen Register Record of calls Record of calls Time of each call Time of each call Duration Duration  Requirements No expectation of privacy No expectation of privacy Certification records are relevant Certification records are relevant

Legal Requirements (cont)  Communication and Subscriber records SMS SMS Customer information from account Customer information from account  Requirements Minimal explanation that records are relevant Minimal explanation that records are relevant Transmissions not in route or at destination Transmissions not in route or at destination

Legal Requirements (cont)  Tracking Devices Location of people Location of people Location of things Location of things CarCar BoatBoat  Requirements Show that this would likely reveal a crime Show that this would likely reveal a crime Target unaware Target unaware

Legal Requirements (cont)  Full interception of transmissions Includes details from previous three Includes details from previous three Voice Voice Electronic Electronic  Requirements Probable cause Probable cause Executive Order Executive Order

Conclusion  Criminal Activity with hand held devices is increasing.  PDA Forensics is still young and poses complications  IPods forensics is a necessary part of each investigation  Cell Phones = No Privacy WE KNOW WHERE YOU ARE. WE KNOW WHERE YOU ARE. WE KNOW WHO YOU CALLED LAST SUMMER. WE KNOW WHO YOU CALLED LAST SUMMER.

Discussion

 Discussion question: Open source digital forensic software; Can it be trusted?

 Discussion Question: Should the government have that much power in tracking a cell phone? Should the government have that much power in tracking a cell phone?