Advanced Techniques in Forensic Examination of Smartphones (C) Oxygen Software, 2000-2010 2010.

Slides:



Advertisements
Similar presentations
Aspire Vertical Markets Executive Suite Solution.
Advertisements

Blackberry Curve 2 User Training Take Life with you!
Activate BlackBerry on Verizon Wireless Network Activate Perform OTA activation (*228 send option 1) > Perform test call Test data services > Select Browser.
Voice and Data Encryption over mobile networks July 2012 IN-NOVA TECNOLOGIC IN-ARG SA MESH VOIP.
Mobile Computing Advantages and limitations of mobile computing
Omni GroupWise Mobility Suite Aldo Zanoni CEO Omni Technology Solutions Ph: Omni GroupWise Mobility Suite Omni Mobile.
Mobil game : A mobile game is a video game played on a mobile phone, smartphone, PDA, handheld computer or portable media player Type of language writing.
(C) Oxygen Software, Oxygen Forensic Suite – Premium Mobile Examination Extracting.
Mobile forensic analysis for smartphones (C) Oxygen Software, ISS World Europe 2008.
New in Oxygen Forensic Suite 2011 (C) Oxygen Software,
Ozeki Informatics Ltd. | | info.ozekiphone.com | Ozeki Informatics Ltd. | | +36.
Page 1 of 29 Net-Scale Technologies, Inc. Network Based Personal Information and Messaging Services Urs Muller Beat Flepp
Hong-Kong, Mar Mobile Data in Legal Proceedings and methods for Extraction, Analysis and Delivering Yuval Ben-Moshe Forensics Technical Director.
What is the Internet? Internet: The Internet, in simplest terms, is the large group of millions of computers around the world that are all connected to.
Chan pak lim chau ho chit cheung tak ching yip pak ho g2
Student Name: Group.  Developed by Microsoft  Alliance with Nokia in 2011  4 main functions:  Outlook Mobile  Windows Media Player for Windows Mobile.
IT’s Gone Mobile: How to do your Job Anywhere Jason Hand IT Specialist, Central NM Electric Cooperative Jason Hand Cell:
1 of 13 Back to Start Working Remotely Your company’s Windows SBS computer network makes it easy for you and your coworkers to work remotely—and to stay.
Smartphones. Lesson Objectives To understand and demonstrate an understanding of Smartphones.
Advanced Techniques in Forensic Examination of Smartphones 2012 (C) Oxygen Software,
Copyright © 2002 ACNielsen a VNU company Key Features and Benefits of the 3CX PBX for Windows Server.
» Explain the way that electronic mail ( ) works » Configure an client » Identify message components » Create and send messages.
Python for S60 SmartPhones PostPC Workshop Fall 2006 Amnon Dekel.
We will begin soon…. Before starting… Let me tell you Do’s Don’t.
Guide to Computer Forensics and Investigations Fourth Edition Chapter 12 Investigations.
Development in Mobile Technologies Mobile Technology is a collective term used to describe the various types of cellular communication technology.
1 Outlook Lesson 1 Outlook Basics and Microsoft Office 2010 Introductory Pasewark & Pasewark.
Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 12 Electronic Mail.
Outlook Lesson 5 Managing Contacts Microsoft Office 2010 Advanced Cable / Morrison 1.
The School District of Philadelphia Office of Information Technology Division of Technology Services Gary Brookstein Carmen Verrilli “Collaboration
A brief history, Smart Phones, Tablets, and Wearable Technology.
What is the Internet? Internet: The Internet, in simplest terms, is the large group of millions of computers around the world that are all connected to.
Managing Information Using Outlook Appendix Microsoft Office 2003 Illustrated Introductory.
Computer and Information Science Ch1.3 Computer Networking Ch1.3 Computer Networking Chapter 1.
Guide to Computer Forensics and Investigations Third Edition Chapter 13 Cell Phone and Mobile Devices Forensics.
Chapter 9 Sending and Attachments. 2Practical PC 5 th Edition Chapter 9 Getting Started In this Chapter, you will learn: − How works − How.
NETWORK HARDWARE AND SOFTWARE MR ROSS UNIT 3 IT APPLICATIONS.
“A mobile market researcher wants a smartphone capable of shooting quality video, playing their music, browsing the web and running a range of applications”.
Kuliah Pengantar Teknologi Informasi Coky Fauzi Alfi cokyfauzialfi.wordpress.com Internet (2)
FriendFinder Location-aware social networking on mobile phones.
1 REMOTE CONTROL SYSTEM V7 2 Introduction.
The Benefits of Indigo SMS Aumne, Inc. Tel: Fax: Commerce Ct Suite 200, Lisle, IL USA.
Enterprise Messaging & Collaboration. e-Interact Modules.
Copyright © 2002 Pearson Education, Inc. Slide 3-1 Internet II A consortium of more than 180 universities, government agencies, and private businesses.
and Internet Explorer.  The transmission of messages and files via a computer network  Messages can consist of simple text or can contain attachments,
Chapter 9 Sending and Attachments. Sending and Attachments FAQs: – How does work? – How do I use local ? – How do I use Web-based.
COM: 111 Introduction to Computer Applications Department of Information & Communication Technology Panayiotis Christodoulou.
Mobile Phone Forensics Michael Jones. Overview Mobile phones in crime The mobile phone system Components of a mobile phone The challenge of forensics.
Mobile Device Collection More Than Just a Phone. More than just a phone… Cell phone Address book Planner & Organizer Messenger Photo & Video camera GPS.
Mobile Device Data Population for Tool Testing Rick Ayers.
Websms Offers Professional Messaging Solutions via Web, , Gateway or Directly Out of Excel (Online) on the Microsoft Office 365 Platform OFFICE 365.
Mobile Device Security Management Leyna Belinsky.
1 Seminar: Pervasive Computing 2004 Automatic mobile device configuration: Status & open challenges Stefan Hoferer Supervisor: Andreas Fasbender.
How to Sync Android Phone to Computer (PC/Mac)? Are you a person that always has your Android phone in your hands? Nowadays, a cell phone is not just for.
18-1 PRENTICE HALL ©2008 Pearson Education, Inc. Upper Saddle River, NJ FORENSIC SCIENCE An Introduction By Richard Saferstein.
Page 1 Mobile Dialer – Highly Reputed VoIP Dialer with fully customized Softphone Call Us
10. Mobile Device Forensics Part 2. Topics Collecting and Handling Cell Phones as Evidence Cell Phone Forensic Tools GPS (Global Positioning System)
WorkDiff Mobile, Scenario-Based Collaboration Solution WorkDiff Allows Users to Work Differently While Using Familiar Functions of Microsoft Office 365.
Application area Events Conferences Exhibitions
Internet Business Associate v2.0
StreetSmart Mobile Workforce App Incorporates Microsoft Office 365 Outlook Add-In for Improved Field Worker Scheduling and Streamlined Invoicing OFFICE.
5 Ways WebRTC Will Boost The Power of Contact Center
Advanced Techniques in Forensic Examination of Smartphones
Managing Information Using Outlook
Mobile APP Date: 01,10 ,
Get Enterprise-Grade Call Handling and Control for Microsoft Office 365 and Skype for Business with the Bridge Boss-Admin Executive Console OFFICE 365.
InLoox PM Web App product presentation
The Jamespot for Office 365 Application Attaches Business Processes to Docs and Syncs Them to OneDrive to Simplify Collaboration and Sharing OFFICE 365.
HC Hyper-V Module GUI Portal VPS Templates Web Console
Yooba File Sync: A Microsoft Office 365 Add-In That Syncs Sales Content in SharePoint Online to Yooba’s Sales Performance Management Solution OFFICE 365.
Presentation transcript:

Advanced Techniques in Forensic Examination of Smartphones (C) Oxygen Software,

Smartphones market growth Data provided by FutureSource Consulting Smartphones market is growing even while general mobile phones market falling (C) Oxygen Software,

Cell phone Address book Planner & Organizer Messenger Photo & Video camera GPS navigator Web client Platform for 3 rd party apps (C) Oxygen Software, Smartphone is a small PC

(C) Oxygen Software, Smartphone as: Cell phone IMEI Hardware & Software revision Network information Basic Information Incoming, outgoing, missed calls history Sent & received messages history GPRS & Wi-Fi sessions log Event log IMSI Phone numbers* SMS messages* SIM card * - Usually these features are not utilized by smartphones

(C) Oxygen Software, Smartphone as: Address book Name fields: first, middle, last, nickname, prefix, suffix, joint name Photo and personal ringing tone Phone numbers: general, mobile, fax, video, pager, VoIP, push-to-talk Postal addresses Web pages and addresses Company, department, job title Text notes Private info: birthday, spouse, children Custom field labels Multiple fields of the same type Last modification date & time Contacts information List of caller groups & belonging contacts Caller groups List of assigned speed dials Speed dials

(C) Oxygen Software, Smartphone as: Planner Meetings, reminders and anniversaries Start date & time Finish date & time Alarm date & time Recurrence Last modification date & time Calendar events Task description Deadline Priority Alarm date & time Completion date & time Tasks Note text & date Notes

(C) Oxygen Software, Smartphone as: Messenger Text messages (SMS) Multimedia messages (MMS) messages with attached files BIO messages: vCard, vCal, configuration and others Beamed messages: files sent via Bluetooth, IR or USB Standard message folders Custom message folders Date & time Service center timestamp Information about deleted SMS messages Messaging system

(C) Oxygen Software, Smartphone as: GPS navigator Last fixed GPS coordinates Search history Routes history Last displayed map Saved maps List of favorite places GPS Navigator GPS coordinates in camera snapshots* Cell coordinates in camera snapshots* Cell coordinates for camera snapshots** Cell coordinates for video records** Cell coordinates for SMS messages** Location tagger * - Available in EXIF header for many new models ** - Available in smartphones with Nokia LifeBlog application installed

(C) Oxygen Software, Smartphone as: Web client Web cache files Bookmarks Pages view history Last opened URLs Search history Cookies Web browser IP, Login (UID, ) and password* Contacts list Chat history Calls history IM client * - Available for some IM clients

(C) Oxygen Software, Camera snapshots Video clips Voice records Sounds and Podcasts Wi-Fi networks list Paired Bluetooth devices list Activated SIM cards list VPN profiles Operating System apps List of installed applications Office documents Application logs & data files 3 rd party apps Smartphone as: PC

There are 2 standard ways to get forensic information from smartphones: logical and physical analysis (C) Oxygen Software, Standard extraction methods Data extracted using common PC-to-mobile communication protocols: AT, OBEX, SyncML Smartphone connected to PC with a standard cable (or Bluetooth/IR adapter) Logical analysis Data extracted using direct memory reading (hex dump) Smartphone (or its memory chip only) connected to special hardware Physical analysis

(C) Oxygen Software, Logical analysis for smartphones General phone information Contacts (simple), calls*, SMS, settings* AT+ General phone information Nokia FBUS General phone information Files* OBEX General phone information Contacts, calendar, notes, settings*, bookmarks, messages* SyncML 1) The information extracted by all logical protocols is only the top of the iceberg 2) All logical protocols were developed for data synchronization General phone information Contacts* Calendar Notes Calls history Messages* Files* Settings* Bookmarks * - Available data set is restricted and depends highly on manufacturer implementation Caller groups Custom field labels Speed dials Messages from custom folders Event log Deleted messages information Service center timestamps GPS information Location tagged data Web browser data IM client data 3 rd party apps

(C) Oxygen Software, Physical analysis for smartphones How to deal with gigabytes of that?

(C) Oxygen Software, Standard extraction methods: Summary Physical analysis All information can be extracted Hard to perform Very hard to analyze Expensive software, special hardware needed Logical analysis Few information can be extracted Easy to perform Easy to analyze Affordable software, no special hardware needed

In 2002 Oxygen Software invented the 3rd way - analysis using a special agent application working inside smartphone OS (C) Oxygen Software, How to extract data without a headache? Physical analysis All information can be extracted Hard to perform Very hard to analyze Expensive software, special hardware needed Analysis using Agent application Most of the information can be extracted* Easy to perform Easy to analyze Affordable software, no special hardware needed Logical analysis Few information can be extracted Easy to perform Easy to analyze Affordable software, no special hardware needed * - Agent can extract all the information available for native OS applications

(C) Oxygen Software, Agent application usage General phone information & SIM card data Contacts with all fields and custom field labels Caller groups & Speed dials Event Log Calendar events Tasks & Notes Messages from standard and custom folders Deleted messages information Service center timestamp Camera snapshots, video clips and voice records File system GPS & Location tagged information Web browser cache & bookmarks IM clients data 3 rd party applications with their information - Protected operating system files - Memory dump

(C) Oxygen Software, Afraid of writing to device? Comparison of phone content changes when performing analysis using different approaches SyncML protocol usage Setting up sync parametersInstalling extra sync add-ons*Running SyncML server SyncML server generates synchronization log files Agent application usage Loading Agent to deviceInstalling AgentRunning AgentUninstalling Agent** * - Extra sync add-ons installation may be needed to extract some additional information (e.g. MMS) ** - Agent does not generate any log files Unlike Agent, SyncML server is not a forensically designed app and is out of full control from examiner. In addition - it makes more data modifications than Agent.

(C) Oxygen Software, Summary Smartphones is a considerable part of mobile device market FutureSource Consulting forecasts that, between 2008 and 2013, annual sales of smartphones will rise by 95% to over 300 million. It will be around 37% of all new mobile phones, up from 13% in Smartphones store much more important forensic information than plain cell phones Being a multiple-in-one device and having OS with open API smartphones are turning into small PCs with big memory sizes, wide set of preinstalled applications and huge number of available 3 rd party applications. Standard extraction methods are less effective for smartphones All logical protocols were developed for sync purposes, thus they can only extract a top of the iceberg. Physical analysis of gigabyte hex dumps takes a lot of time. Agent application usage is the golden mean The Agent application approach, introduced by Oxygen Software in 2002, almost achieves the completeness of data extracted by physical methods. At the same time it works via standard cables and adaptors and allows to present the extracted data in readable and user-friendly format that is more peculiar to logical analysis.

Oxygen Forensic Suite Oxygen Forensics for iPhone (0) (UK) OXYGEN (USA) Oxygen Forensic Suite and Oxygen Forensic Suite 2010 a the trademarks of Oxygen Software. Oxygen Software LLC was founded in year 2000 and since that time our business is a PC-to-mobile communication. (C) Oxygen Software, Interested in more details? £499 Standard £899 Professional

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.