SlideShare a Scribd company logo

Mobile Forensics

Download as PPTX, PDF
P
primeteacher32

Mobile Forensics

Career
1 of 14
MOBILE DEVICE FORENSICS
Understanding Mobile Device Forensics  People store a wealth of information on cell phones and mobile devices  People don’t think about securing their mobile devices  Items stored on mobile devices:  Incoming, outgoing, and missed calls  Text and Short Message Service (SMS) messages  E-mail  Instant-messaging (IM) logs  Web pages  Pictures  Personal calendars  Address books  Music files  Voice recordings  GPS data  Investigating cell phones and mobile devices is one of the most challenging tasks in digital forensics
Understanding Cellular Connected Mobile Devices  A Mobile Switching Center(MSC) is the switching system for the cellular network. The MSC is also responsible for communications between mobile and landline phones.  The Base Transceiver Station(BTS) is the part of the cellular network responsible fro communications between mobile phone and network switching systems.  The Home Location Register is a database used by the MSC that contains subscriber and service information.  It is related to the VLR for roaming status.
Inside Mobile Devices  IMEI and IMSI  International Mobile Equipment Identifier  International Mobile Subscriber Identifier  Also MEID (Mobile Equipment Identifier) or ESN (electronic serial number)  Phones store system data in electronically erasable programmable read-only memory (EEPROM)  Enables service providers to reprogram phones without having to physically access memory chips  OS is stored in ROM  Nonvolatile memory
Inside Mobile Devices  Subscriber identity module (SIM) cards  Found most commonly in GSM(Global System for Mobile Communications) devices  GSM refers to mobile phones as “mobile stations” and divides a station into two parts:  The SIM card and the mobile equipment (ME)  Portability of information makes SIM cards versatile  Integrated Circuit Card Identifier(ICCID)  Identifies the subscriber to the network  Stores service-related information  PIN – unlock the device  PUK – reset the PIN  Wipes phone is incorrectly entered > 10 time  Cipher Algorithm
Mobile Device Forensic Analysis Process  Biggest challenge is dealing with constantly changing models of cell phones  When you’re acquiring evidence, generally you’re performing two tasks:  Acting as though you’re a PC synchronizing with the device (to download data)  Reading the SIM card  First step is to identify the mobile device  Question: Why is this important?
Understanding Acquisition Procedures for Cell Phones and Mobile Devices  The main concerns with mobile devices are loss of power and synchronization with PCs  All mobile devices have volatile memory  Making sure they don’t lose power before you can retrieve RAM data is critical  Mobile device attached to a PC via a cable or cradle/docking station should be disconnected from the PC immediately  Communication or system messages might be received on the mobile device after seizure  Isolate the device from incoming (RF)signals  The drawback to using these isolating options is that the mobile device is put into roaming mode, which accelerates battery drainage
Data Acquisition Procedures for Cell Phones and Mobile Devices  Check these areas in the forensics lab :  Internal memory  SIM card  file system is a hierarchical structure  Removable or external memory cards  Information that can be retrieved:  Service-related data, such as identifiers for the SIM card and the subscriber  Call data, such as numbers dialed  Message information  Location information  If power has been lost, PINs or other access codes might be required to view files.  Encryption
Access Methods (6 types according to NIST)  Manual Extraction  looking at pages of info directly on the device  Logical Extraction  filesystem dump  Hex dumping and JTAG  can work on damaged devices and bypass lock screens. Reads directly from RAM/ROM  Chip off  unsolder or cut flash memory from circuit board  Micro read  use a SEM to view data
Don’t ignore useful properties When was the last time this phone was at 2SP?
Poke around and you will find… Encoded Secrets This has been truncated, the app stores your password
Application Data  Found in plists or sqlite files  Apps continue to change formats  Looking primarily for location and message data
Rooting  Usually an alternate OS (may be command injection)  Removes built-in restrictions on access to data  Removes or makes possible to add 3rd party applications  Consumers do it for functionality  Investigators do it for access to data  Manufacturers are making this more challenging
Summary  People store a wealth of information on their cell phones  Various generations of mobile phones  Data can be retrieved from several different places in phones  As with computers, proper search and seizure procedures must be followed for mobile devices  To isolate a mobile device from incoming messages, you can place it in a specially treated paint can, a wave- blocking wireless evidence bag, or eight layers of antistatic bags  SIM cards store data in a hierarchical file structure

Recommended

Mobile Forensics
Mobile Forensics Mobile Forensics
Mobile Forensics abdullah roomi
 
Mobile forensics
Mobile forensicsMobile forensics
Mobile forensicsnoorashams
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 
Mobile forensic
Mobile forensicMobile forensic
Mobile forensicDINESH KAMBLE
 
Collecting and preserving digital evidence
Collecting and preserving digital evidenceCollecting and preserving digital evidence
Collecting and preserving digital evidenceOnline
 
computer forensic tools-Hardware & Software tools
computer forensic tools-Hardware & Software toolscomputer forensic tools-Hardware & Software tools
computer forensic tools-Hardware & Software toolsN.Jagadish Kumar
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsyash sawarkar
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber ForensicsKathirvel Ayyaswamy
 

Recommended

Mobile Forensics
Mobile Forensics Mobile Forensics
Mobile Forensics abdullah roomi
 
Mobile forensics
Mobile forensicsMobile forensics
Mobile forensicsnoorashams
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 
Mobile forensic
Mobile forensicMobile forensic
Mobile forensicDINESH KAMBLE
 
Collecting and preserving digital evidence
Collecting and preserving digital evidenceCollecting and preserving digital evidence
Collecting and preserving digital evidenceOnline
 
computer forensic tools-Hardware & Software tools
computer forensic tools-Hardware & Software toolscomputer forensic tools-Hardware & Software tools
computer forensic tools-Hardware & Software toolsN.Jagadish Kumar
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsyash sawarkar
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber ForensicsKathirvel Ayyaswamy
 
05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - NotesKranthi
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic toolsParsons Corporation
 
04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - Notes04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - NotesKranthi
 
Cybercrime investigation
Cybercrime investigationCybercrime investigation
Cybercrime investigationProf. (Dr.) Tabrez Ahmad
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Windowsforensics
WindowsforensicsWindowsforensics
WindowsforensicsSantosh Khadsare
 
Data Acquisition
Data AcquisitionData Acquisition
Data Acquisitionprimeteacher32
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1Manu Mathew Cherian
 
Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2Manu Mathew Cherian
 
E-mail Investigation
E-mail InvestigationE-mail Investigation
E-mail Investigationedwardbel
 
Anti forensic
Anti forensicAnti forensic
Anti forensicMilap Oza
 
Network forensic
Network forensicNetwork forensic
Network forensicManjushree Mashal
 
Introduction to filesystems and computer forensics
Introduction to filesystems and computer forensicsIntroduction to filesystems and computer forensics
Introduction to filesystems and computer forensicsMayank Chaudhari
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsRamesh Ogania
 
Forensics Analysis and Validation
Forensics Analysis and Validation Forensics Analysis and Validation
Forensics Analysis and Validation Jyothishmathi Institute of Technology and Science Karimnagar
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsSCREAM138
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
Email investigation
Email investigationEmail investigation
Email investigationAnimesh Shaw
 
Mobile Phone Seizure Guide by Raghu Khimani
Mobile Phone Seizure Guide by Raghu KhimaniMobile Phone Seizure Guide by Raghu Khimani
Mobile Phone Seizure Guide by Raghu KhimaniDr Raghu Khimani
 
811719104102_Tamilmannavan S.pptx
811719104102_Tamilmannavan S.pptx811719104102_Tamilmannavan S.pptx
811719104102_Tamilmannavan S.pptxDEVIKAS92
 
Cell Phone and Mobile Devices Forensics
Cell Phone and Mobile Devices ForensicsCell Phone and Mobile Devices Forensics
Cell Phone and Mobile Devices ForensicsArthyR3
 

More Related Content

What's hot

05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - NotesKranthi
 
04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - Notes04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - NotesKranthi
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 
E-mail Investigation
E-mail InvestigationE-mail Investigation
E-mail Investigationedwardbel
 
Anti forensic
Anti forensicAnti forensic
Anti forensicMilap Oza
 
Introduction to filesystems and computer forensics
Introduction to filesystems and computer forensicsIntroduction to filesystems and computer forensics
Introduction to filesystems and computer forensicsMayank Chaudhari
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsSCREAM138
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
Email investigation
Email investigationEmail investigation
Email investigationAnimesh Shaw
 
Mobile Phone Seizure Guide by Raghu Khimani
Mobile Phone Seizure Guide by Raghu KhimaniMobile Phone Seizure Guide by Raghu Khimani
Mobile Phone Seizure Guide by Raghu KhimaniDr Raghu Khimani
 

What's hot (20)

05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic tools
 
04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - Notes04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - Notes
 
Cybercrime investigation
Cybercrime investigationCybercrime investigation
Cybercrime investigation
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
 
Windowsforensics
WindowsforensicsWindowsforensics
Windowsforensics
 
Data Acquisition
Data AcquisitionData Acquisition
Data Acquisition
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2
 
E-mail Investigation
E-mail InvestigationE-mail Investigation
E-mail Investigation
 
Anti forensic
Anti forensicAnti forensic
Anti forensic
 
Network forensic
Network forensicNetwork forensic
Network forensic
 
Introduction to filesystems and computer forensics
Introduction to filesystems and computer forensicsIntroduction to filesystems and computer forensics
Introduction to filesystems and computer forensics
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Forensics Analysis and Validation
Forensics Analysis and Validation Forensics Analysis and Validation
Forensics Analysis and Validation
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensic
 
Email investigation
Email investigationEmail investigation
Email investigation
 
Mobile Phone Seizure Guide by Raghu Khimani
Mobile Phone Seizure Guide by Raghu KhimaniMobile Phone Seizure Guide by Raghu Khimani
Mobile Phone Seizure Guide by Raghu Khimani
 

Similar to Mobile Forensics

811719104102_Tamilmannavan S.pptx
811719104102_Tamilmannavan S.pptx811719104102_Tamilmannavan S.pptx
811719104102_Tamilmannavan S.pptxDEVIKAS92
 
Cell Phone and Mobile Devices Forensics
Cell Phone and Mobile Devices ForensicsCell Phone and Mobile Devices Forensics
Cell Phone and Mobile Devices ForensicsArthyR3
 
SOK:An overview of data extraction techniques from mobile phones
SOK:An overview of data extraction techniques from mobile phonesSOK:An overview of data extraction techniques from mobile phones
SOK:An overview of data extraction techniques from mobile phonesAshish Sutar
 
ContentsMobile Forensic3Introduction3What It Is3How I.docx
ContentsMobile Forensic3Introduction3What It Is3How I.docxContentsMobile Forensic3Introduction3What It Is3How I.docx
ContentsMobile Forensic3Introduction3What It Is3How I.docxrichardnorman90310
 
Mobile and SIM Forensics
Mobile and SIM ForensicsMobile and SIM Forensics
Mobile and SIM ForensicsYugal Pathak
 
Mobile_Forensics- General Introduction & Software.pptx
Mobile_Forensics- General Introduction & Software.pptxMobile_Forensics- General Introduction & Software.pptx
Mobile_Forensics- General Introduction & Software.pptxgouriuplenchwar63
 
Les 10 risques liés aux applications mobiles
Les 10 risques liés aux applications mobilesLes 10 risques liés aux applications mobiles
Les 10 risques liés aux applications mobilesBee_Ware
 
Conceptual Study of Mobile Forensics
Conceptual Study of Mobile ForensicsConceptual Study of Mobile Forensics
Conceptual Study of Mobile Forensicsijtsrd
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate ITPeter Wood
 
IT Security Presentation - IIMC 2014 Conference
IT Security Presentation - IIMC 2014 ConferenceIT Security Presentation - IIMC 2014 Conference
IT Security Presentation - IIMC 2014 ConferenceJeff Lemmermann
 
Mobile cloning modified with images and bettermented
Mobile cloning modified with images and bettermentedMobile cloning modified with images and bettermented
Mobile cloning modified with images and bettermentedSai Srinivas Mittapalli
 
chapter1-171214041210 (1).pdf
chapter1-171214041210 (1).pdfchapter1-171214041210 (1).pdf
chapter1-171214041210 (1).pdfHardikH1
 
Introduction to Embedded Systems I : Chapter 1
Introduction to Embedded Systems I : Chapter 1Introduction to Embedded Systems I : Chapter 1
Introduction to Embedded Systems I : Chapter 1Moe Moe Myint
 
Big data, Security, or Privacy in IoT: Choice is Yours
Big data, Security, or Privacy in IoT: Choice is YoursBig data, Security, or Privacy in IoT: Choice is Yours
Big data, Security, or Privacy in IoT: Choice is YoursDilum Bandara
 
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative CompaniesAll the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative CompaniesMEDICI admin
 

Similar to Mobile Forensics (20)

811719104102_Tamilmannavan S.pptx
811719104102_Tamilmannavan S.pptx811719104102_Tamilmannavan S.pptx
811719104102_Tamilmannavan S.pptx
 
Cell Phone and Mobile Devices Forensics
Cell Phone and Mobile Devices ForensicsCell Phone and Mobile Devices Forensics
Cell Phone and Mobile Devices Forensics
 
SOK:An overview of data extraction techniques from mobile phones
SOK:An overview of data extraction techniques from mobile phonesSOK:An overview of data extraction techniques from mobile phones
SOK:An overview of data extraction techniques from mobile phones
 
ContentsMobile Forensic3Introduction3What It Is3How I.docx
ContentsMobile Forensic3Introduction3What It Is3How I.docxContentsMobile Forensic3Introduction3What It Is3How I.docx
ContentsMobile Forensic3Introduction3What It Is3How I.docx
 
File000151
File000151File000151
File000151
 
Mobile and SIM Forensics
Mobile and SIM ForensicsMobile and SIM Forensics
Mobile and SIM Forensics
 
Mobile_Forensics- General Introduction & Software.pptx
Mobile_Forensics- General Introduction & Software.pptxMobile_Forensics- General Introduction & Software.pptx
Mobile_Forensics- General Introduction & Software.pptx
 
M Commerce
M CommerceM Commerce
M Commerce
 
111 01 intro
111 01 intro111 01 intro
111 01 intro
 
Smartcard
SmartcardSmartcard
Smartcard
 
Les 10 risques liés aux applications mobiles
Les 10 risques liés aux applications mobilesLes 10 risques liés aux applications mobiles
Les 10 risques liés aux applications mobiles
 
Conceptual Study of Mobile Forensics
Conceptual Study of Mobile ForensicsConceptual Study of Mobile Forensics
Conceptual Study of Mobile Forensics
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate IT
 
Test
TestTest
Test
 
IT Security Presentation - IIMC 2014 Conference
IT Security Presentation - IIMC 2014 ConferenceIT Security Presentation - IIMC 2014 Conference
IT Security Presentation - IIMC 2014 Conference
 
Mobile cloning modified with images and bettermented
Mobile cloning modified with images and bettermentedMobile cloning modified with images and bettermented
Mobile cloning modified with images and bettermented
 
chapter1-171214041210 (1).pdf
chapter1-171214041210 (1).pdfchapter1-171214041210 (1).pdf
chapter1-171214041210 (1).pdf
 
Introduction to Embedded Systems I : Chapter 1
Introduction to Embedded Systems I : Chapter 1Introduction to Embedded Systems I : Chapter 1
Introduction to Embedded Systems I : Chapter 1
 
Big data, Security, or Privacy in IoT: Choice is Yours
Big data, Security, or Privacy in IoT: Choice is YoursBig data, Security, or Privacy in IoT: Choice is Yours
Big data, Security, or Privacy in IoT: Choice is Yours
 
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative CompaniesAll the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
 

More from primeteacher32

Software Development Life Cycle
Software Development Life CycleSoftware Development Life Cycle
Software Development Life Cycleprimeteacher32
 
Introduction to GUIs with guizero
Introduction to GUIs with guizeroIntroduction to GUIs with guizero
Introduction to GUIs with guizeroprimeteacher32
 
Introduction to Repetition Structures
Introduction to Repetition StructuresIntroduction to Repetition Structures
Introduction to Repetition Structuresprimeteacher32
 
Intro to Python with GPIO
Intro to Python with GPIOIntro to Python with GPIO
Intro to Python with GPIOprimeteacher32
 
Variables and Statements
Variables and StatementsVariables and Statements
Variables and Statementsprimeteacher32
 
Variables and User Input
Variables and User InputVariables and User Input
Variables and User Inputprimeteacher32
 
Hardware vs. Software Presentations
Hardware vs. Software PresentationsHardware vs. Software Presentations
Hardware vs. Software Presentationsprimeteacher32
 

More from primeteacher32 (20)

Software Development Life Cycle
Software Development Life CycleSoftware Development Life Cycle
Software Development Life Cycle
 
Variable Scope
Variable ScopeVariable Scope
Variable Scope
 
Returning Data
Returning DataReturning Data
Returning Data
 
Intro to Functions
Intro to FunctionsIntro to Functions
Intro to Functions
 
Introduction to GUIs with guizero
Introduction to GUIs with guizeroIntroduction to GUIs with guizero
Introduction to GUIs with guizero
 
Function Parameters
Function ParametersFunction Parameters
Function Parameters
 
Nested Loops
Nested LoopsNested Loops
Nested Loops
 
Conditional Loops
Conditional LoopsConditional Loops
Conditional Loops
 
Introduction to Repetition Structures
Introduction to Repetition StructuresIntroduction to Repetition Structures
Introduction to Repetition Structures
 
Input Validation
Input ValidationInput Validation
Input Validation
 
Windows File Systems
Windows File SystemsWindows File Systems
Windows File Systems
 
Nesting Conditionals
Nesting ConditionalsNesting Conditionals
Nesting Conditionals
 
Conditionals
ConditionalsConditionals
Conditionals
 
Intro to Python with GPIO
Intro to Python with GPIOIntro to Python with GPIO
Intro to Python with GPIO
 
Variables and Statements
Variables and StatementsVariables and Statements
Variables and Statements
 
Variables and User Input
Variables and User InputVariables and User Input
Variables and User Input
 
Intro to Python
Intro to PythonIntro to Python
Intro to Python
 
Raspberry Pi
Raspberry PiRaspberry Pi
Raspberry Pi
 
Hardware vs. Software Presentations
Hardware vs. Software PresentationsHardware vs. Software Presentations
Hardware vs. Software Presentations
 
Block chain security
Block chain securityBlock chain security
Block chain security
 

Recently uploaded

Ethics of Animal Research Laika mission.ppt
Ethics of Animal Research Laika mission.pptEthics of Animal Research Laika mission.ppt
Ethics of Animal Research Laika mission.pptShafqatShakeel1
 
办理学位证(纽伦堡大学文凭证书)纽伦堡大学毕业证成绩单原版一模一样
办理学位证(纽伦堡大学文凭证书)纽伦堡大学毕业证成绩单原版一模一样办理学位证(纽伦堡大学文凭证书)纽伦堡大学毕业证成绩单原版一模一样
办理学位证(纽伦堡大学文凭证书)纽伦堡大学毕业证成绩单原版一模一样umasea
 
定制(ECU毕业证书)埃迪斯科文大学毕业证毕业证成绩单原版一比一
定制(ECU毕业证书)埃迪斯科文大学毕业证毕业证成绩单原版一比一定制(ECU毕业证书)埃迪斯科文大学毕业证毕业证成绩单原版一比一
定制(ECU毕业证书)埃迪斯科文大学毕业证毕业证成绩单原版一比一fjjwgk
 
tools in IDTelated to first year vtu students is useful where they can refer ...
tools in IDTelated to first year vtu students is useful where they can refer ...tools in IDTelated to first year vtu students is useful where they can refer ...
tools in IDTelated to first year vtu students is useful where they can refer ...vinbld123
 
定制(UQ毕业证书)澳洲昆士兰大学毕业证成绩单原版一比一
定制(UQ毕业证书)澳洲昆士兰大学毕业证成绩单原版一比一定制(UQ毕业证书)澳洲昆士兰大学毕业证成绩单原版一比一
定制(UQ毕业证书)澳洲昆士兰大学毕业证成绩单原版一比一lvtagr7
 
Kindergarten-DLL-MELC-Q3-Week 2 asf.docx
Kindergarten-DLL-MELC-Q3-Week 2 asf.docxKindergarten-DLL-MELC-Q3-Week 2 asf.docx
Kindergarten-DLL-MELC-Q3-Week 2 asf.docxLesterJayAquino
 
定制英国克兰菲尔德大学毕业证成绩单原版一比一
定制英国克兰菲尔德大学毕业证成绩单原版一比一定制英国克兰菲尔德大学毕业证成绩单原版一比一
定制英国克兰菲尔德大学毕业证成绩单原版一比一z zzz
 
Protection of Children in context of IHL and Counter Terrorism
Protection of Children in context of IHL and Counter TerrorismProtection of Children in context of IHL and Counter Terrorism
Protection of Children in context of IHL and Counter TerrorismNilendra Kumar
 
办理学位证(UoM证书)北安普顿大学毕业证成绩单原版一比一
办理学位证(UoM证书)北安普顿大学毕业证成绩单原版一比一办理学位证(UoM证书)北安普顿大学毕业证成绩单原版一比一
办理学位证(UoM证书)北安普顿大学毕业证成绩单原版一比一A SSS
 
原版定制卡尔加里大学毕业证(UC毕业证)留信学历认证
原版定制卡尔加里大学毕业证(UC毕业证)留信学历认证原版定制卡尔加里大学毕业证(UC毕业证)留信学历认证
原版定制卡尔加里大学毕业证(UC毕业证)留信学历认证diploma001
 
VIP High Profile Call Girls Jamshedpur Aarushi 8250192130 Independent Escort ...
VIP High Profile Call Girls Jamshedpur Aarushi 8250192130 Independent Escort ...VIP High Profile Call Girls Jamshedpur Aarushi 8250192130 Independent Escort ...
VIP High Profile Call Girls Jamshedpur Aarushi 8250192130 Independent Escort ...Suhani Kapoor
 
办理学位证(Massey证书)新西兰梅西大学毕业证成绩单原版一比一
办理学位证(Massey证书)新西兰梅西大学毕业证成绩单原版一比一办理学位证(Massey证书)新西兰梅西大学毕业证成绩单原版一比一
办理学位证(Massey证书)新西兰梅西大学毕业证成绩单原版一比一A SSS
 
Application deck- Cyril Caudroy-2024.pdf
Application deck- Cyril Caudroy-2024.pdfApplication deck- Cyril Caudroy-2024.pdf
Application deck- Cyril Caudroy-2024.pdfCyril CAUDROY
 
Black and White Minimalist Co Letter.pdf
Black and White Minimalist Co Letter.pdfBlack and White Minimalist Co Letter.pdf
Black and White Minimalist Co Letter.pdfpadillaangelina0023
 
Gray Gold Clean CV Resume2024tod (1).pdf
Gray Gold Clean CV Resume2024tod (1).pdfGray Gold Clean CV Resume2024tod (1).pdf
Gray Gold Clean CV Resume2024tod (1).pdfpadillaangelina0023
 
原版快速办理MQU毕业证麦考瑞大学毕业证成绩单留信学历认证
原版快速办理MQU毕业证麦考瑞大学毕业证成绩单留信学历认证原版快速办理MQU毕业证麦考瑞大学毕业证成绩单留信学历认证
原版快速办理MQU毕业证麦考瑞大学毕业证成绩单留信学历认证nhjeo1gg
 
办理(Hull毕业证书)英国赫尔大学毕业证成绩单原版一比一
办理(Hull毕业证书)英国赫尔大学毕业证成绩单原版一比一办理(Hull毕业证书)英国赫尔大学毕业证成绩单原版一比一
办理(Hull毕业证书)英国赫尔大学毕业证成绩单原版一比一F La
 
定制(SCU毕业证书)南十字星大学毕业证成绩单原版一比一
定制(SCU毕业证书)南十字星大学毕业证成绩单原版一比一定制(SCU毕业证书)南十字星大学毕业证成绩单原版一比一
定制(SCU毕业证书)南十字星大学毕业证成绩单原版一比一z xss
 
Escorts Service Near Surya International Hotel, New Delhi |9873777170| Find H...
Escorts Service Near Surya International Hotel, New Delhi |9873777170| Find H...Escorts Service Near Surya International Hotel, New Delhi |9873777170| Find H...
Escorts Service Near Surya International Hotel, New Delhi |9873777170| Find H...nitagrag2
 

Recently uploaded (20)

Ethics of Animal Research Laika mission.ppt
Ethics of Animal Research Laika mission.pptEthics of Animal Research Laika mission.ppt
Ethics of Animal Research Laika mission.ppt
 
办理学位证(纽伦堡大学文凭证书)纽伦堡大学毕业证成绩单原版一模一样
办理学位证(纽伦堡大学文凭证书)纽伦堡大学毕业证成绩单原版一模一样办理学位证(纽伦堡大学文凭证书)纽伦堡大学毕业证成绩单原版一模一样
办理学位证(纽伦堡大学文凭证书)纽伦堡大学毕业证成绩单原版一模一样
 
定制(ECU毕业证书)埃迪斯科文大学毕业证毕业证成绩单原版一比一
定制(ECU毕业证书)埃迪斯科文大学毕业证毕业证成绩单原版一比一定制(ECU毕业证书)埃迪斯科文大学毕业证毕业证成绩单原版一比一
定制(ECU毕业证书)埃迪斯科文大学毕业证毕业证成绩单原版一比一
 
tools in IDTelated to first year vtu students is useful where they can refer ...
tools in IDTelated to first year vtu students is useful where they can refer ...tools in IDTelated to first year vtu students is useful where they can refer ...
tools in IDTelated to first year vtu students is useful where they can refer ...
 
定制(UQ毕业证书)澳洲昆士兰大学毕业证成绩单原版一比一
定制(UQ毕业证书)澳洲昆士兰大学毕业证成绩单原版一比一定制(UQ毕业证书)澳洲昆士兰大学毕业证成绩单原版一比一
定制(UQ毕业证书)澳洲昆士兰大学毕业证成绩单原版一比一
 
Kindergarten-DLL-MELC-Q3-Week 2 asf.docx
Kindergarten-DLL-MELC-Q3-Week 2 asf.docxKindergarten-DLL-MELC-Q3-Week 2 asf.docx
Kindergarten-DLL-MELC-Q3-Week 2 asf.docx
 
定制英国克兰菲尔德大学毕业证成绩单原版一比一
定制英国克兰菲尔德大学毕业证成绩单原版一比一定制英国克兰菲尔德大学毕业证成绩单原版一比一
定制英国克兰菲尔德大学毕业证成绩单原版一比一
 
Protection of Children in context of IHL and Counter Terrorism
Protection of Children in context of IHL and Counter TerrorismProtection of Children in context of IHL and Counter Terrorism
Protection of Children in context of IHL and Counter Terrorism
 
办理学位证(UoM证书)北安普顿大学毕业证成绩单原版一比一
办理学位证(UoM证书)北安普顿大学毕业证成绩单原版一比一办理学位证(UoM证书)北安普顿大学毕业证成绩单原版一比一
办理学位证(UoM证书)北安普顿大学毕业证成绩单原版一比一
 
原版定制卡尔加里大学毕业证(UC毕业证)留信学历认证
原版定制卡尔加里大学毕业证(UC毕业证)留信学历认证原版定制卡尔加里大学毕业证(UC毕业证)留信学历认证
原版定制卡尔加里大学毕业证(UC毕业证)留信学历认证
 
VIP High Profile Call Girls Jamshedpur Aarushi 8250192130 Independent Escort ...
VIP High Profile Call Girls Jamshedpur Aarushi 8250192130 Independent Escort ...VIP High Profile Call Girls Jamshedpur Aarushi 8250192130 Independent Escort ...
VIP High Profile Call Girls Jamshedpur Aarushi 8250192130 Independent Escort ...
 
办理学位证(Massey证书)新西兰梅西大学毕业证成绩单原版一比一
办理学位证(Massey证书)新西兰梅西大学毕业证成绩单原版一比一办理学位证(Massey证书)新西兰梅西大学毕业证成绩单原版一比一
办理学位证(Massey证书)新西兰梅西大学毕业证成绩单原版一比一
 
Application deck- Cyril Caudroy-2024.pdf
Application deck- Cyril Caudroy-2024.pdfApplication deck- Cyril Caudroy-2024.pdf
Application deck- Cyril Caudroy-2024.pdf
 
Black and White Minimalist Co Letter.pdf
Black and White Minimalist Co Letter.pdfBlack and White Minimalist Co Letter.pdf
Black and White Minimalist Co Letter.pdf
 
FULL ENJOY Call Girls In Gautam Nagar (Delhi) Call Us 9953056974
FULL ENJOY Call Girls In Gautam Nagar (Delhi) Call Us 9953056974FULL ENJOY Call Girls In Gautam Nagar (Delhi) Call Us 9953056974
FULL ENJOY Call Girls In Gautam Nagar (Delhi) Call Us 9953056974
 
Gray Gold Clean CV Resume2024tod (1).pdf
Gray Gold Clean CV Resume2024tod (1).pdfGray Gold Clean CV Resume2024tod (1).pdf
Gray Gold Clean CV Resume2024tod (1).pdf
 
原版快速办理MQU毕业证麦考瑞大学毕业证成绩单留信学历认证
原版快速办理MQU毕业证麦考瑞大学毕业证成绩单留信学历认证原版快速办理MQU毕业证麦考瑞大学毕业证成绩单留信学历认证
原版快速办理MQU毕业证麦考瑞大学毕业证成绩单留信学历认证
 
办理(Hull毕业证书)英国赫尔大学毕业证成绩单原版一比一
办理(Hull毕业证书)英国赫尔大学毕业证成绩单原版一比一办理(Hull毕业证书)英国赫尔大学毕业证成绩单原版一比一
办理(Hull毕业证书)英国赫尔大学毕业证成绩单原版一比一
 
定制(SCU毕业证书)南十字星大学毕业证成绩单原版一比一
定制(SCU毕业证书)南十字星大学毕业证成绩单原版一比一定制(SCU毕业证书)南十字星大学毕业证成绩单原版一比一
定制(SCU毕业证书)南十字星大学毕业证成绩单原版一比一
 
Escorts Service Near Surya International Hotel, New Delhi |9873777170| Find H...
Escorts Service Near Surya International Hotel, New Delhi |9873777170| Find H...Escorts Service Near Surya International Hotel, New Delhi |9873777170| Find H...
Escorts Service Near Surya International Hotel, New Delhi |9873777170| Find H...
 

Mobile Forensics

  • 2. Understanding Mobile Device Forensics  People store a wealth of information on cell phones and mobile devices  People don’t think about securing their mobile devices  Items stored on mobile devices:  Incoming, outgoing, and missed calls  Text and Short Message Service (SMS) messages  E-mail  Instant-messaging (IM) logs  Web pages  Pictures  Personal calendars  Address books  Music files  Voice recordings  GPS data  Investigating cell phones and mobile devices is one of the most challenging tasks in digital forensics
  • 3. Understanding Cellular Connected Mobile Devices  A Mobile Switching Center(MSC) is the switching system for the cellular network. The MSC is also responsible for communications between mobile and landline phones.  The Base Transceiver Station(BTS) is the part of the cellular network responsible fro communications between mobile phone and network switching systems.  The Home Location Register is a database used by the MSC that contains subscriber and service information.  It is related to the VLR for roaming status.
  • 4. Inside Mobile Devices  IMEI and IMSI  International Mobile Equipment Identifier  International Mobile Subscriber Identifier  Also MEID (Mobile Equipment Identifier) or ESN (electronic serial number)  Phones store system data in electronically erasable programmable read-only memory (EEPROM)  Enables service providers to reprogram phones without having to physically access memory chips  OS is stored in ROM  Nonvolatile memory
  • 5. Inside Mobile Devices  Subscriber identity module (SIM) cards  Found most commonly in GSM(Global System for Mobile Communications) devices  GSM refers to mobile phones as “mobile stations” and divides a station into two parts:  The SIM card and the mobile equipment (ME)  Portability of information makes SIM cards versatile  Integrated Circuit Card Identifier(ICCID)  Identifies the subscriber to the network  Stores service-related information  PIN – unlock the device  PUK – reset the PIN  Wipes phone is incorrectly entered > 10 time  Cipher Algorithm
  • 6. Mobile Device Forensic Analysis Process  Biggest challenge is dealing with constantly changing models of cell phones  When you’re acquiring evidence, generally you’re performing two tasks:  Acting as though you’re a PC synchronizing with the device (to download data)  Reading the SIM card  First step is to identify the mobile device  Question: Why is this important?
  • 7. Understanding Acquisition Procedures for Cell Phones and Mobile Devices  The main concerns with mobile devices are loss of power and synchronization with PCs  All mobile devices have volatile memory  Making sure they don’t lose power before you can retrieve RAM data is critical  Mobile device attached to a PC via a cable or cradle/docking station should be disconnected from the PC immediately  Communication or system messages might be received on the mobile device after seizure  Isolate the device from incoming (RF)signals  The drawback to using these isolating options is that the mobile device is put into roaming mode, which accelerates battery drainage
  • 8. Data Acquisition Procedures for Cell Phones and Mobile Devices  Check these areas in the forensics lab :  Internal memory  SIM card  file system is a hierarchical structure  Removable or external memory cards  Information that can be retrieved:  Service-related data, such as identifiers for the SIM card and the subscriber  Call data, such as numbers dialed  Message information  Location information  If power has been lost, PINs or other access codes might be required to view files.  Encryption
  • 9. Access Methods (6 types according to NIST)  Manual Extraction  looking at pages of info directly on the device  Logical Extraction  filesystem dump  Hex dumping and JTAG  can work on damaged devices and bypass lock screens. Reads directly from RAM/ROM  Chip off  unsolder or cut flash memory from circuit board  Micro read  use a SEM to view data
  • 10. Don’t ignore useful properties When was the last time this phone was at 2SP?
  • 11. Poke around and you will find… Encoded Secrets This has been truncated, the app stores your password
  • 12. Application Data  Found in plists or sqlite files  Apps continue to change formats  Looking primarily for location and message data
  • 13. Rooting  Usually an alternate OS (may be command injection)  Removes built-in restrictions on access to data  Removes or makes possible to add 3rd party applications  Consumers do it for functionality  Investigators do it for access to data  Manufacturers are making this more challenging
  • 14. Summary  People store a wealth of information on their cell phones  Various generations of mobile phones  Data can be retrieved from several different places in phones  As with computers, proper search and seizure procedures must be followed for mobile devices  To isolate a mobile device from incoming messages, you can place it in a specially treated paint can, a wave- blocking wireless evidence bag, or eight layers of antistatic bags  SIM cards store data in a hierarchical file structure

Editor's Notes

  1. Question: It is harder nowadays but what was so great back in the day with SIM cards and phones?
  2. Need software and know how to recover the sim card
  3. Remote Wipe