Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 20 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Forensic Examination of Mobile Devices (online only)

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Chapter 20 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Forensic Examination of Mobile Devices (online only)"— Presentation transcript:

1 Chapter 20 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Forensic Examination of Mobile Devices (online only)

2 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.1 A Nokia device with various identifiers, including its IMEI and part number. The bottom right shows a SIM card with the ICC-ID.

3 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.2 SIM cards of various sizes.

4 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.3 Details from GSMarena for iPhone 4.

5 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.4 SMS messages and other items from a Motorola V3 Razr acquired using BitPim.

6 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.5 Photographs acquired from a Windows Mobile device using XRY showing EXIF header information.

7 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.6 A file from an iPhone containing longitude and latitude of cellular tower locations used by the device.

8 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.7An EXIF header from a digital photograph showing the GPS coordinates of the originating device at the time the photograph was taken.

9 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.8 MobileSpy used to intercept text messages on a mobile device and post them to a Web server.

10 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.9 Amber ABC Converter used to view a Blackberry IPD file.

11 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.10 Flowchart of handling mobile devices.

12 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.12 iDEN backup.

13 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.13 Physical acquisition of broken mobile device using XACT.

14 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.14 XRY Interface showing data acquired from a mobile device.

15 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.15 Cellebrite UFED device.

16 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.16 Acquisition of iPhone using Ixam.

17 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.17 Twister Flasher box can connect to FBUS interface on Nokia device to acquire data using the Sarasoft program.

18 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.18 BitPim used to browse the file system on a Motorola CDMA device.

19 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.19 Examination of iPhone physical forensic duplicate using FTK.

20 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.20 File from an LG mobile device containing an MMS message with a video attachment that can be recovered even after the original video has been deleted from the file system.

21 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.21 Deleted photographs recovered from the reconstructed FAT file system in a physical memory dump of a Samsung mobile device.

22 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.22 Deleted MMS message being recovered from a physical memory dump of a Samsung device using Cellebrite Physical.

23 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.23 Deleted file being recovered from a Motorola device using XACT.

24 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.24 File system, including deleted items, reconstructed from a physical memory dump of a Sony Ericsson mobile device using DFF.

25 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.25A Records in a SQLite database viewed with browser. FIGURE 20.25B Raw record data in SQLite database viewed using a hex viewer.

26 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.26 Deleted SMS messages recovered from physical memory dump of Motorola Z3 device by keyword searching for a 7-bit encoded string.

27 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.27 Information extracted from a SIM card using Paraben Device Seizure.

28 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.28 Original documentation associated with SIM card contains PUK.

29 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 20.29 Waypoints extracted from a Garmin SatNav device plotted on a map using flags as markers.

Download ppt "Chapter 20 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Forensic Examination of Mobile Devices (online only)"

Similar presentations

Advanced Techniques in Forensic Examination of Smartphones (C) Oxygen Software, 2000-2010 2010.

Advanced Techniques in Forensic Examination of Smartphones (C) Oxygen Software,
Advanced Techniques in Forensic Examination of Smartphones 2012 (C) Oxygen Software, 2000-2012

Advanced Techniques in Forensic Examination of Smartphones 2012 (C) Oxygen Software,
Chapter 22 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Applying Forensic Science to Networks.

Chapter 22 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Applying Forensic Science to Networks.
Chapter 17 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Forensic Examination of Windows Systems.

Chapter 17 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Forensic Examination of Windows Systems.
Chapter 24 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Digital Evidence on Physical and Data-Link Layers.

Chapter 24 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Digital Evidence on Physical and Data-Link Layers.
Guide to Computer Forensics and Investigations Third Edition Chapter 13 Cell Phone and Mobile Devices Forensics.

Guide to Computer Forensics and Investigations Third Edition Chapter 13 Cell Phone and Mobile Devices Forensics.
Chapter 13 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.. Investigating Computer Intrusions.

Chapter 13 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.. Investigating Computer Intrusions.
Chapter 16 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Applying Forensic Science to Computers.

Chapter 16 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Applying Forensic Science to Computers.
Chapter 21 Network Basics for Digital Investigators ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.

Chapter 21 Network Basics for Digital Investigators ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.
Chapter 18 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Forensic Examination of UNIX Systems.

Chapter 18 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Forensic Examination of UNIX Systems.
Chapter 19 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Forensic Examination of Macintosh Systems.

Chapter 19 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Forensic Examination of Macintosh Systems.
Chapter 15 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Computer Basics for Digital Investigators.

Chapter 15 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Computer Basics for Digital Investigators.
10. Mobile Device Forensics Part 2. Topics Collecting and Handling Cell Phones as Evidence Cell Phone Forensic Tools GPS (Global Positioning System)

10. Mobile Device Forensics Part 2. Topics Collecting and Handling Cell Phones as Evidence Cell Phone Forensic Tools GPS (Global Positioning System)
©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.

©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.
Modeling Constraints with Parametrics

Modeling Constraints with Parametrics
©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.

©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.
Copyright © 2016 Elsevier Inc. All rights reserved.

Copyright © 2016 Elsevier Inc. All rights reserved.
Chapter 01 Foundations of Digital Forensics

Chapter 01 Foundations of Digital Forensics
©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.

©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.
Chapter 41 Work-Related Musculo-Skeletal Disorders

Chapter 41 Work-Related Musculo-Skeletal Disorders

Similar presentations

Ads by Google