Smartphone forensic
22
Smartphone Forensic Smartphone Forensic SungKyong Un ETRI 2011.11.24
-
date post
21-Oct-2014 -
Category
Technology
-
view
2.174 -
download
1
description
Presented in 2011 Symposium of Advanced Forensics
Transcript of Smartphone forensic
Smartphone ForensicSmartphone Forensic
SungKyong UnETRI
2011.11.24
What is Smartphone Forensic?
■ To get clues and/or evidences from smartphones
source: Archigraphs@iconarhive source: samsum.com
2
Why?
source: http://www.asymco.com3
Difference
4
Difference - Dummy vs. SmartItem Dummy Smart
Target Models >1,000/Year >10/YearOS Symbian, Qualcomm iOS, Android, Windows
Mobile, BlackberryOSMobile, BlackberryOSInterface Various USB
Acquisition Logical, Physical Logical, Physical,Backup
Data Phone book, Call history, SMS, Photo, Schedule
+ Email, Web History, Map, Location, SNS,
Message, App, ID/PWDB Format Various SqliteDB Format Various Sqlite
3rd Party App - App Market
5
Which?
source: http://www.asymco.com
6
Difference - iOS vs. AndroidItem iOS Android
Phone Manufacturer Apple Samsung, HTC, Motorola, ...
App Market iTunes App Store Android, Amazon, SKT, App Market iTunes App Store Android, Amazon, SKT, KT, Samsung, ...
Security Sandbox, App Screening, App Singing, Passcode Lock, Location Finder,Remote Lock, Remote Wipe, File Encryption,
Encrypted Backup
Sandbox, Permission, App Singing, PatternScreen Lock, Remote Wipe, File Encryption
Backup PC, iCloud -Backup PC, iCloud -Expansion Storage No Yes
Multitasking Limited Yes
7
Difference - iOS vs. Android
8
Difference - iOS vs. Android
9
Difference - iOS vs. Android
10
source: http://www.androidcentral.com source:http://http://forums.appleinsider.com/showthread.php?s=&threadid=124611
Tools
AcquisitionAcquisition
Analysis
11
Analysis - Timeline
source: ETRI
12
Analysis - Relationship
source: ETRI
13
Analysis - Web Browsing
source: ETRI14
Analysis - Location
source: ETRI15
Analysis - Location
source: http://radar.oreilly.com/2011/04/apple-location-tracking.html16
Analysis - AppCategory App
Phone Call Skype, Viber, Google Voice, ...
Message Cacao Talk, iMessage, Twitter DM, Facebook Message, ...
SNS Twitter, Facebook, me2day, ...
Storage Dropbox, uCloud, SugarSync, Box.net, iCloud, ...
Key DataVault, 1Password, Strip, ...
17
Analysis - Communication Network
source: http://www.i2group.com/documents/video/ANB8_5_US.flv
18
Analysis - Social Network
source: http://www.youtube.com/watch?v=Q3rhx9MtUro
19
Challenge
source: http://theunderstatement.com20
Challenge■ Apple
• 425,000 Apps• 15B Downloads
■ Google■ Google• 200,000 Apps• 0.5B Downloads
July, 2011
source: http://readwriteweb.com 21
Architecture
Backup Files
Analysis Request
Analysis Result
Presentation
SW orWeb Browser
USB Connection
22
