Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Lightweight Utility for GPS Device Analysis By: Adam Schneider GCFE, ACE The TrackerCat Project.

Published byVirgil Powell Modified over 9 years ago

Similar presentations

Presentation on theme: "A Lightweight Utility for GPS Device Analysis By: Adam Schneider GCFE, ACE The TrackerCat Project."— Presentation transcript:

1 A Lightweight Utility for GPS Device Analysis By: Adam Schneider GCFE, ACE The TrackerCat Project

2 Table of Contents  What is TrackerCat?  What are GPX files?  What are KML files?  Why was TC created?  How is TC used?  KML Screenshots  What is the future of TC?  Research and Links

3 What is TrackerCat?  A Python utility for GPX file analysis.  A Github project created to improve TC’s features and functionality.  A heavily documented forensics project! … The Github project is also dedicated to R&D of new open source tools for GPS analysis.

4 What are GPX files?  GPS eXchange Format  An XML designed for recording GPS data (thousands of lines of code per file).  Contain trackpoints and waypoints.  Trackpoints are broken up into Active Logs.  Active Logs are historical logs of calculated “trips.”  Active Logs contain timestamps as do each trackpoint.  … They contain a LOT of data!

5 What are KML files?  Keyhole Markup Language format (really named the OpenGIS® KML Encoding Standard)  Originally designed by Keyhole, Inc. (acquired by Google).  Used to store geospatial information (coordinates, location placemarks, etc).  Designed to be imported into Google Earth.

6 Why was TC created?  To help infosec professionals explore GPX files if performing a manual analysis.  To provide analysts with a no-cost supplement to other forensic tools.  tc.py is an extremely simple but versatile program with the goal of eliminating some of the complexity of conducting GPS forensics.

7 How is TC used?  Recursive GPX Extraction : python tc.py –e [Path] Including all historically archived logs  GPX-to-KML Conversion : python tc.py –i [gpx file] –o [kml file]  Trackpoint Timestamp & Active Log Extraction: python tc.py –csv [gpx file]  Help /Feature Check: python tc.py –h

8 KML Screenshots GPX Active Log Sample (FTK Imager) … snip... KML Active Log (XML Spy) … snip... Trackpoint data in KMLs lack individual turn-by-turn timestamps. Each Active Log timestamp is preserved! Coordinates for Active Logs in KML are actually in a huge chunk!

9 Screenshots, Part II XSLT Converted KML; made by TrackerCat, Viewed in Google Earth

10 What is the future of TC? Github collaboration on TrackerCat means the possibility of advanced features like:  Extracting and dumping all times to body file format for the inclusion into case super timelines.  Mounting Image Files Directly  Master KML with all current & archived data … anything is possible!

11 Research and Links GPS Device Research Notes: fork() Forensics & Infosec Blog http://forensicsblog.org/research-gps-device- analysis/ TrackerCat Github Landing (Basic Info): http://irq8.github.io/trackercat/ TrackerCat on Github: http://git.io/qDVR-Q Contributors = progress!

Download ppt "A Lightweight Utility for GPS Device Analysis By: Adam Schneider GCFE, ACE The TrackerCat Project."

Similar presentations

Supplemental Data: Questions and Considerations Alexander ( Sasha ) Schwarzman Information Systems Analyst American Geophysical Union (AGU) Co-chair, TWG.

Supplemental Data: Questions and Considerations Alexander ( Sasha ) Schwarzman Information Systems Analyst American Geophysical Union (AGU) Co-chair, TWG.
DOCUMENT TYPES. Digital Documents Converting documents to an electronic format will preserve those documents, but how would such a process be organized?

DOCUMENT TYPES. Digital Documents Converting documents to an electronic format will preserve those documents, but how would such a process be organized?
Frank DeSimone Senior MicroStation Application Engineer

Frank DeSimone Senior MicroStation Application Engineer
Matthew Garrod GEOG 596A Capstone Project Proposal, 12/19/2012 My Race Pace: GIS Solution for Marathons 1.

Matthew Garrod GEOG 596A Capstone Project Proposal, 12/19/2012 My Race Pace: GIS Solution for Marathons 1.
Goggle Maps and Goggle Earth GIS for the Rest of Us Doug Gann and Mat Devitt Center for Desert Archaeology 6/22/2010.

Goggle Maps and Goggle Earth GIS for the Rest of Us Doug Gann and Mat Devitt Center for Desert Archaeology 6/22/2010.
Media & Collaboration Tools Amanda Hickman OSI Information Program Copyright 2006, Amanda B Hickman. This work is licensed under.

Media & Collaboration Tools Amanda Hickman OSI Information Program Copyright 2006, Amanda B Hickman. This work is licensed under.
By Jim Graham May, 2008. 1. How GoogleEarth Works 2. Display Excel Data in GoogleEarth 3. Creating KML Files for GoogleEarth.

By Jim Graham May, How GoogleEarth Works 2. Display Excel Data in GoogleEarth 3. Creating KML Files for GoogleEarth.
Information Retrieval in Practice

Information Retrieval in Practice
MCC MONROE COMMUNITY COLLEGE The XML saga (a different kind of Oz) Dorothy Hoskins XML publishing workflow consulting Textenergy LLC 585 750-3118.

MCC MONROE COMMUNITY COLLEGE The XML saga (a different kind of Oz) Dorothy Hoskins XML publishing workflow consulting Textenergy LLC
Alon Blich A.B.C.  Printer Languages (Escape Codes) ◦ PCL, PostScript, Canon etc.  ActiveX/OLE Automation Server  PDF Utilities ◦ PDFInclude, PDFlib.

Alon Blich A.B.C.  Printer Languages (Escape Codes) ◦ PCL, PostScript, Canon etc.  ActiveX/OLE Automation Server  PDF Utilities ◦ PDFInclude, PDFlib.
Title Computer Science 767W Fall 2007 Interactive Data Visualization Lecture #03 12-Sep-2007 Colin Ware Kurt Schwehr.

Title Computer Science 767W Fall 2007 Interactive Data Visualization Lecture #03 12-Sep-2007 Colin Ware Kurt Schwehr.
XML Introduction What is XML –XML is the eXtensible Markup Language –Became a W3C Recommendation in 1998 –Tag-based syntax, like HTML –You get to make.

XML Introduction What is XML –XML is the eXtensible Markup Language –Became a W3C Recommendation in 1998 –Tag-based syntax, like HTML –You get to make.
By S. Lee Podcast is an audio or video content being transferred over the internet. Podcast means a series of episodes (audio or video) in MP3 or MP4.

By S. Lee Podcast is an audio or video content being transferred over the internet. Podcast means a series of episodes (audio or video) in MP3 or MP4.
1 Introduction to OBIEE: Learning to Access, Navigate, and Find Data in the SWIFT Data Warehouse Lesson 8: Printing and Exporting an OBIEE Analysis This.

1 Introduction to OBIEE: Learning to Access, Navigate, and Find Data in the SWIFT Data Warehouse Lesson 8: Printing and Exporting an OBIEE Analysis This.
Tutorial 8 Sharing, Integrating and Analyzing Data

Tutorial 8 Sharing, Integrating and Analyzing Data
Time resource co-ordination and profit maximisation in real time Time Intelligence

Time resource co-ordination and profit maximisation in real time Time Intelligence
Overview of Search Engines

Overview of Search Engines
Advance evidence collection and analysis of web browser activity by Junhoon Oh David Rivera 11/7/2013 Digital Forensics.

Advance evidence collection and analysis of web browser activity by Junhoon Oh David Rivera 11/7/2013 Digital Forensics.
Collections Management Museums Reporting in KE EMu.

Collections Management Museums Reporting in KE EMu.
How do you locate your coordinates? How do you document the location? How do you map of the area so that the information is useful to you and others? Set.

How do you locate your coordinates? How do you document the location? How do you map of the area so that the information is useful to you and others? Set.

Similar presentations

Ads by Google