To see the other types of publications on this topic, follow the link: Mobile forensics.
Dissertations / Theses on the topic 'Mobile forensics'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 39 dissertations / theses for your research on the topic 'Mobile forensics.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Bade, Hans, and Oscar Hedlund. "Anti-Forensik : Anti-forensiska metoder på mobila enheter." Thesis, Högskolan i Halmstad, Akademin för informationsteknologi, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-37701.
Full textAbstract:
Mobiltelefoner har blivit grundläggande för extrahering av digitala artefakter i fo-rensiska utredningar. Androids Linuxbaserade operativsystem medför större möj-ligheter för anti-forensiska metoder, detta gör att kunskap om anti-forensik äressentiell för dagens IT-forensiska utredare. I denna studie belyses effekten avanti-forensik i Androidbaserade mobila enheter samt så upplyses det om dagensanti-forensiska attack metoder mot forensiska verktyg. Genom experiment så vi-sas det hur man kan förhindra ett forensisk verktyg från att extrahera data medanvändning av ett simpelt script.Mobile phones have become essential for the extraction of digital artifacts in foren-sic investigations. Android’s Linux-based operating systems bring greater potentialfor anti-forensic methods, which means that knowledge of anti-forensics is essen-tial to today’s IT forensic investigators. In this study, the effect of anti-forensicson Android-based mobile devices is highlighted, as well as revealing today’s anti-forensic attack methods against forensic tools. By experiment, it is shown how toprevent a forensic tool from extracting data by using a simple script.
2
Andriotis, Panagiotis. "Towards task automation for mobile device forensics." Thesis, University of Bristol, 2015. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.690380.
Full textAbstract:
Our developed societies have experienced lately the invasion of mobile devices in people's lives. Smartphones, tablets and wearables are embedded in our personal and professional routines. The various smartphone applications take advantage of these devices' increased capabilities and assist users to communicate with other people, entertain themselves and complete several other tasks. These applications store a significant amount of information in the device's internal memory. These data can be used as evidence in court. Hence, the need for their extraction, analysis, presentation and preservation has established the Digital Forensics Community. The findings of this thesis can be helpful to Law Enforcement Agencies (LEA) and forensic analysts during triage and analysis assisting them to efficiently extract and visualise underlying patterns of the data. This thesis proposes concepts towards the direction of automating specific tasks related to forensic analyses on mobile devices. The basic theme of this thesis is the analysis of high level non-volatile data that exist in the internal memory of mobile devices. Thus, it studies three major categories of data (text, multimedia and social network relationships) proposing concepts towards content analysis automation. Therefore, it proposes a framework to assist forensic analysts to extract data from devices running the Android OS in a forensically sound fashion. Furthermore, it analyses human factors that dictate biased behaviour when users form graphical passwords in order to investigate if lightweight methodologies can bypass user authentication schemes such as the Android pattern lock screen. In addition, it investigates if text-mining tasks can be performed on short texts with a special focus on SMS sentiment analysis. Moreover, social network analysis tools are implemented aiming to depict relationships among the people that interact with the user of the device. Finally, the performance of a steganalysis tool is evaluated and a framework to describe and visualise data sharing and distribution among applications is proposed.
3
Uz, Ali. "The Effectiveness of Remote Wipe as a Valid Defense for Enterprises Implementing a BYOD Policy." Thèse, Université d'Ottawa / University of Ottawa, 2014. http://hdl.handle.net/10393/30376.
Full textAbstract:
In today’s work place where corporations allow employees to use their own smart phones to access their company’s network and sensitive data, it is essential to ensure the security of said data. When an employee smart phone is compromised, companies will rely on the remote wipe command that attempts to remove sensitive data.
In this thesis, we analyze the effectiveness of remote wipe commands on the Apple iPhone and Android model devices and demonstrate how data can be recovered following a remote wipe procedure. We conduct two experiments on each device to verify whether remote wipe is a viable defense mechanism or not. Furthermore, we touch on the subject of mobile forensics used by law enforcement and review methods and techniques used to recover data for use as evidence in criminal cases.
4
Shakir, Amer, Muhammad Hammad, and Muhammad Kamran. "Comparative Analysis & Study of Android/iOS MobileForensics Tools." Thesis, Högskolan i Halmstad, Akademin för informationsteknologi, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-44797.
Full textAbstract:
This report aims to draw a comparison between two commercial mobile forensics and recovery tools, Magnet AXIOM and MOBILedit. A thorough look at previously done studies was helpful to know what aspects of the data extractions must be compared and which areas are the most important ones to focus upon. This work focuses on how the data extracted from one tool compares with another and provides comprehensive extraction based on different scenarios, circumstances, and aspects. Performances of both tools are compared based on various benchmarks and criteria. This study has helped establish that MOBILedit has been able to outperform Magnet AXIOM on more data extraction and recovery aspects. It is a comparatively better tool to get your hands on.
5
Al, Tawqi Masoud. "Architecture and design of Process Based Framework for Mobile Forensics (PBFMF)." Thesis, University of Surrey, 2018. http://epubs.surrey.ac.uk/845660/.
Full textAbstract:
Over the last two decades, the world has witnessed a vast increase in smart phones devices usage, where mobile phone devices have become an integral part of our daily routine. As a result, this has created security issues and lead to an increased dependency on smartphone usage, criminal activities and/or illegal practices. This increase in crimes committed by or via smartphones has made it a necessity for digital forensics experts to come up with reliable tools that can be used to help in extracting data from those smart phones. Currently mobile forensics work is fragmented and although attempts have been made to develop conceptual frameworks for mobile devices in the past few years, there is however, no common framework adopted to date that meets the needs of the ever changing and expanding world of mobile devices. A comprehensive survey of mobile forensics frameworks in this research revealed that current frameworks tend to focus on targeting specific operating systems, responding to specific issues, or use complicated steps that make it difficult for users to follow. Some are also based on desktop and non-mobile device models. Also, tools analysis was carried out benefitting from NIST guidelines, where areas in which each tool should be tested and how the test should be conducted are specified. The results of the Tools Analysis were not encouraging, and quite surprising that many challenges that existed at the advent of the mobile devices have not been solved. Without the existence of a generalized Process Based Framework for Mobile Forensics (PBFMF) to provide the appropriate guidelines, steps and procedures to be followed during the digital forensic phases, it will not be as simple as it might appear to extract data in an appropriate way from smart-phones even with the utilisation of the most popular tools. Based on the research and analysis in this thesis, it was clear that there is a need for a set of effective methods to ensure that extracted and examined information from mobile phones devices are not tampered with, accepted by a court of law, or can be relied upon as an undisputed means of proving that something has or has not taken place. A new PBFMF that is platform independent, open architecture, extensible and capable of integrating newer mobile device technologies is presented in this thesis. It formulates a better understanding of the barriers to using forensics tools effectively and appropriately. Key words: Processed Base Framework, Mobile Forensics Tools, Digital Forensics, Operating Systems, Smart Phones.
6
Homem, Irvin. "Towards Automation in Digital Investigations : Seeking Efficiency in Digital Forensics in Mobile and Cloud Environments." Licentiate thesis, Stockholms universitet, Institutionen för data- och systemvetenskap, 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:su:diva-130742.
Full textAbstract:
Cybercrime and related malicious activity in our increasingly digital world has become more prevalent and sophisticated, evading traditional security mechanisms. Digital forensics has been proposed to help investigate, understand and eventually mitigate such attacks. The practice of digital forensics, however, is still fraught with various challenges. Some of the most prominent of these challenges include the increasing amounts of data and the diversity of digital evidence sources appearing in digital investigations. Mobile devices and cloud infrastructures are an interesting specimen, as they inherently exhibit these challenging circumstances and are becoming more prevalent in digital investigations today. Additionally they embody further characteristics such as large volumes of data from multiple sources, dynamic sharing of resources, limited individual device capabilities and the presence of sensitive data. These combined set of circumstances make digital investigations in mobile and cloud environments particularly challenging. This is not aided by the fact that digital forensics today still involves manual, time consuming tasks within the processes of identifying evidence, performing evidence acquisition and correlating multiple diverse sources of evidence in the analysis phase. Furthermore, industry standard tools developed are largely evidence-oriented, have limited support for evidence integration and only automate certain precursory tasks, such as indexing and text searching. In this study, efficiency, in the form of reducing the time and human labour effort expended, is sought after in digital investigations in highly networked environments through the automation of certain activities in the digital forensic process. To this end requirements are outlined and an architecture designed for an automated system that performs digital forensics in highly networked mobile and cloud environments. Part of the remote evidence acquisition activity of this architecture is built and tested on several mobile devices in terms of speed and reliability. A method for integrating multiple diverse evidence sources in an automated manner, supporting correlation and automated reasoning is developed and tested. Finally the proposed architecture is reviewed and enhancements proposed in order to further automate the architecture by introducing decentralization particularly within the storage and processing functionality. This decentralization also improves machine to machine communication supporting several digital investigation processes enabled by the architecture through harnessing the properties of various peer-to-peer overlays. Remote evidence acquisition helps to improve the efficiency (time and effort involved) in digital investigations by removing the need for proximity to the evidence. Experiments show that a single TCP connection client-server paradigm does not offer the required scalability and reliability for remote evidence acquisition and that a multi-TCP connection paradigm is required. The automated integration, correlation and reasoning on multiple diverse evidence sources demonstrated in the experiments improves speed and reduces the human effort needed in the analysis phase by removing the need for time-consuming manual correlation. Finally, informed by published scientific literature, the proposed enhancements for further decentralizing the Live Evidence Information Aggregator (LEIA) architecture offer a platform for increased machine-to-machine communication thereby enabling automation and reducing the need for manual human intervention.
7
Nordin, Anton, and Felix Liffner. "Forensiska Artefakter hos Mobila Applikationer : Utvinning och Analys av Applikationen Snapchat." Thesis, Högskolan i Halmstad, Akademin för informationsteknologi, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-40207.
Full textAbstract:
Today's smartphones and tablets use different applications and software for all sorts of purposes: communication, entertainment, fitness, to share images with each other, to keep up to date with the news and lots of different daily tasks. With the heavy usage of all these apps, it is no wonder that it comes with a few issues. Private data is stored in large quantities both on the local device and on the app-creators' servers. It is no wonder that applications advertising user secrecy and transient storage of user data. One of these applications is Snapchat, with over 500 million downloads on Google Play store, at the time of writing. Snapchat is a communication application with the niched feature that the images and messages sent, disappear once opened or after 24 hours have passed. With the illusion of privacy behind Snapchats niche it has become a breeding ground for criminal activity. The niche itself translates to a troublesome hurdle for law enforcement trying to retrieve evidence from devices of Snapchat users. This paper is aimed to investigate these issues and perform a methodology to retrieve potential evidence on a device using Snapchat to send images and messages. By performing a physical acquisition on a test device and analyzing to find artifacts pertaining to Snapchat and the test-data that was created. The method is performed on a Samsung Galaxy S4 with Android 5.0.1 running Snapchat version 10.52.3.0. Test data such as different images and messages were created and attempted to be retrieved at three points in time. First one being right after data creation. Second one after a restart and 24 hours after the data was created. And the third with 48 hours passed and the Snapchat user logged out at the time of acquisition. The acquisition resulted in the extraction of several sent images and a full text conversation between the experimental device and another party. A full video which was uploaded by the receiving user was able to be extracted even though the experimental device never actually viewed the video. The second acquisition which was made when 24h had passed gave the same results as the first one. This meant that time at least up to a day after the initial creation of the data did not have any effect on the evidence. However, when the Snapchat user was logged out from the application, the data was then unobtainable and had disappeared. Presumably Snapchat has a function which deletes personal data about the user when logged out from the application. This function might become a hurdle in law enforcement investigations where the application Snapchat is involved.
8
Zhao, Xiwei. "Foundational Forensic Techniques for Cellular and Ad Hoc Multi-hop Networks." FIU Digital Commons, 2008. http://digitalcommons.fiu.edu/etd/23.
Full textAbstract:
The Internet has become an integral part of our nation's critical socio-economic infrastructure. With its heightened use and growing complexity however, organizations are at greater risk of cyber crimes. To aid in the investigation of crimes committed on or via the Internet, a network forensics analysis tool pulls together needed digital evidence. It provides a platform for performing deep network analysis by capturing, recording and analyzing network events to find out the source of a security attack or other information security incidents. Existing network forensics work has been mostly focused on the Internet and fixed networks. But the exponential growth and use of wireless technologies, coupled with their unprecedented characteristics, necessitates the development of new network forensic analysis tools. This dissertation fostered the emergence of a new research field in cellular and ad-hoc network forensics. It was one of the first works to identify this problem and offer fundamental techniques and tools that laid the groundwork for future research. In particular, it introduced novel methods to record network incidents and report logged incidents. For recording incidents, location is considered essential to documenting network incidents. However, in network topology spaces, location cannot be measured due to absence of a 'distance metric'. Therefore, a novel solution was proposed to label locations of nodes within network topology spaces, and then to authenticate the identity of nodes in ad hoc environments. For reporting logged incidents, a novel technique based on Distributed Hash Tables (DHT) was adopted. Although the direct use of DHTs for reporting logged incidents would result in an uncontrollably recursive traffic, a new mechanism was introduced that overcome this recursive process. These logging and reporting techniques aided forensics over cellular and ad-hoc networks, which in turn increased their ability to track and trace attacks to their source. These techniques were a starting point for further research and development that would result in equipping future ad hoc networks with forensic components to complement existing security mechanisms.
9
Surrao, Alicia M. "Advancing Column Chromatography by Improving Mobile Phase Chemistry for the Separation of Trace Uranium, Plutonium, Strontium, and Barium." University of Cincinnati / OhioLINK, 2017. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1529666911529026.
Full text
10
Cinti, Mariagrazia. "Metodologie e tecniche per l'analisi forense di dispositivi di telefonia mobile." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2014. http://amslaurea.unibo.it/6677/.
Full textAbstract:
Studio che approfondisce e compare le diverse metodologie e tecniche utilizzabili per l'analisi di dispositivi di telefonia cellulare, in particolar modo smartphone, nel contesto di indagini di mobile device forensics
11
Oskarsson, Tim. "Digital incursion: Breaching the android lock screen and liberating data." Thesis, Högskolan i Halmstad, Akademin för informationsteknologi, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-44939.
Full textAbstract:
Android is the most used operating system in the world, because of this the probability of an android device being acquired in an investigation is high. To begin to extract data from an android device you first need to gain access to it. Mechanisms like full system encryption can make this very difficult. In this paper, the advantages and disadvantages of different methods of gaining access and extracting data from an android device with an unlocked bootloader are discussed. Many users unlock the bootloader of their android device to gain a much greater level of control over it. Android forensics on a device without a unlocked bootloader is very limited. It is therefore interesting to study how you can extract data from an android device that doesn’t have this limitation to android forensics. A literature study is done on previous related research to gather methods for gaining access and extracting data. The methods collected are then tested by performing experiments on a Oneplus 3 android 9 and Oneplus 8 android 11. The research of this paper found that it is possible to perform a brute force attack within a reasonable time against a PIN of length 4-5 or pattern of length 4-6 on the lock screen of an android device. It found that you can optimise the attack by performing a dictionary attack by using public lists of the most used PIN codes. A list of all possible pattern combinations sorted and optimised for a dictionary attack is generated based on statistics of pattern starting location and length. A proof of concept is made by creating a copy of a fingerprint with common cheap materials to gain access through the fingerprint sensor. A device image were able to be extracted by using a root shell through Android Debug Bridge and common command-line tools. Memory forensics were performed by using Frida and was able to extract usernames, passwords, and emails from Google Chrome and Gmail. The custom recovery image TWRP was used to boot the device, gain root access, and was able to extract a full device image with common command-line tools. The results of the TWRP backup feature is also analysed. The results of the data extraction is then analysed manually and with Autopsy.
12
Mattsson, Emil, and Marcus Albrektsson. "Mobil strömförsörjning med hjälp av HotPlug : Examensarbete på programmet IT-forensik och informationssäkerhet, 120p." Thesis, Halmstad University, School of Information Science, Computer and Electrical Engineering (IDE), 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-5112.
Full textAbstract:
Detta arbete har gjorts för att undersöka om det finns en möjlighet att kringgå problemet med stationära datorers strömförsörjning, vid nedstängning genom att man drar ut strömkabeln, i syftet att minimera dataförlusten ur en forensisk synvinkel. Arbetet är också till för att undersöka om det teoretiskt skulle gå att lösa problemet. När man drar ur strömkabeln ur en stationär dator kommer flyktig data att försvinna och gå förlorad vilket ur en forensisk synvinkel kan betyda förlust av bevis.
13
Nguyen, Lam Ngoc. "Big brother forensic: A novel approach to mobile phone text detection via CCTV." Thesis, Nguyen, Lam Ngoc (2020) Big brother forensic: A novel approach to mobile phone text detection via CCTV. Masters by Coursework thesis, Murdoch University, 2020. https://researchrepository.murdoch.edu.au/id/eprint/59304/.
Full textAbstract:
A review was undertaken for the usage of Closed-Circuit Television (CCTV) in relation to crime investigation, detection and prevention. The aim of this paper is to discuss the usage of the current CCTV system, and how effective it is concerning crime deterrence and crime prevention in aid of national security. Similarly, the current usage of mobile phones and its prevalence as a tool for committing crime, as well as the current limitations in digital forensics involving mobile phone extraction and analysis were also addressed. Furthermore, this review aims to highlight the current potential for a coupling technique between artificial intelligence and CCTV footage to maximise the extraction of mobile phone screen content.
14
Nembandona, Phillimon. "Mobile bullying : investigating the non-technical factors that influence forensic readiness in township schools in South Africa." Master's thesis, University of Cape Town, 2016. http://hdl.handle.net/11427/20706.
Full textAbstract:
The increasing use of mobile devices by high school learners has resulted in increased networking activities for learners who take advantage of opportunities presented by mobile technologies. Mobile technology continues to play a key role in facilitating online interactions amongst South African youth, and some learners use mobile technology to enhance their learning capabilities. However, such electronic operations have also presented new risks particularly in the developing countries where online bullying is on the rise and investigations of such incidents or threats are expensive. Mobile bullying and lack of discipline of bullies, for instance, are major concerns in the society at large. To control these incidents, learners and teachers need to know what to do when incidents arise. The process of digital forensic investigation is typically left for those specialising in the field of digital forensics. Those responsible for learner's safety in schools are often faced with situations where they have to perform basic investigations or preserve evidence for incident escalation to the specialists. However, schools often do not prepare themselves well enough for the challenges relating to mobile bullying. They find themselves not knowing where to start or how to preserve evidence. Digital forensic investigations are even more challenging in school settings because of the dynamic nature of these environments. While studies have been conducted in the developed countries, little is still known about how schools in the developing world, for instance South Africa, may handle mobile bullying. Very little is known about how schools in the developing countries may maximise their potential to use digital evidence while minimising the impact resulting from the incident. There is limited guidance on how to be digital forensic ready in schools where teachers, learners, principals, and other role players are not trained well enough to deal with mobile bullying. The objective of this study was to provide insight into factors that enhance the non-technical forensic readiness program in township schools and the ability of teachers to investigate mobile bullying incidents. The study aimed at employing concepts of forensic readiness to ignite schools' ability to prepare for response to mobile bullying incidents and create a digital forensic ready learning environment. The study was conducted in South Africa, Limpopo and North West provinces. Five schools agreed to participate in this study; eighty-two valid responses were obtained from teachers. The study followed mixed methods approach to the theory.
15
Bergholm, Johan, Sascha Gallardo, and Jonny Svensson. "Positionering och Spårning av mobila enheter, ur ett IT–forensiskt perspektiv." Thesis, Högskolan i Halmstad, Sektionen för Informationsvetenskap, Data– och Elektroteknik (IDE), 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-24177.
Full textAbstract:
I dagens Sverige så har de mobila enheterna en självklar plats i våra fickor, likväl som i vårt samhälle och i dess brottslighet, vilket gör att det sedan några år är att anse självklart att de även har en central roll i IT–forensiska utredningar inom våra polismyndigheter. Men vid sidan av konkreta bevis för begångna brott lagrar enheterna dessutom ofta data som kan användas för att spåra enheten, och därmed också dess brukare, över tid, vilket givetvis är av intresse av polismyndigheter men skulle även kunna vara av stort intresse för exempelvis försäkringsbolag och andra delar av den 'civila sektorn' som driver utredningar men som saknar polisens befogenheter. För att ge ett så brett användningsområde som möjligt fokuserar därför rapporten inte bara på datat som är tillgängligt från den faktiska enheten och hur de kan användas för spårning och positionering, utan försöker även på praktiskt väg undersöka i vilken grad dessa metoder kan utföras med allmänt tillgänglig mjuk- och hårdvara.
16
Aronsson, John, and Percy Bolmér. "Hur forensiska verktyg påverkar integriteten på mobiltelefoner." Thesis, Högskolan i Halmstad, Akademin för informationsteknologi, 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-32686.
Full textAbstract:
Användandet av mobiltelefoner och andra mobila enheter är stort i samhället vilket gör att de förekommer allt oftare vid brott och brottsutredningar. Information i dessa enheter måste kunna utvinnas och integriteten på det utvinna materialet säkerställas. Syftet med detta arbete är att undersöker om de forensiska verktygen Xry och Encase påverkar materialet vid utvinning från mobiltelefoner. För att ta reda på detta har en litteraturstudie, en intervju och två experiment utförts. Resultatet från experimenten visade på att det fanns filer vars innehåll ändrades mellan utvinningar. En analys av resultatet visade att det var systemet själv samt processer som skedde innan utvinningen som förändrat innehållet. Slutsatsen blev att verktygen inte påverkar materialet under utvinningsprocessenThe rising use of smartphones and other mobile devices in society today has resulted in a higher prevalence of these in crimes and crime investigations. The information in these devices must be extracted and the integrity of the extracted information assured. The goal of this project is to determine whether the two forensic software programs Xry and Encase tamper with the extracted data. To answer this, a literary study together with an interview and two experiments were performed. The result from the experiments determined that data changes occured between extractions. Further analysis explained the changes to be caused by the devices themselves, and as a consequence of rooting. The conclusion drawn from the result was that the softwares programs did not tamper with the material during the extraction-process.
17
James, Peter. "Secure portable execution and storage environments: A capability to improve security for remote working." Thesis, Edith Cowan University, Research Online, Perth, Western Australia, 2015. https://ro.ecu.edu.au/theses/1707.
Full textAbstract:
Remote working is a practice that provides economic benefits to both the employing organisation and the individual. However, evidence suggests that organisations implementing remote working have limited appreciation of the security risks, particularly those impacting upon the confidentiality and integrity of information and also on the integrity and availability of the remote worker’s computing environment. Other research suggests that an organisation that does appreciate these risks may veto remote working, resulting in a loss of economic benefits. With the implementation of high speed broadband, remote working is forecast to grow and therefore it is appropriate that improved approaches to managing security risks are researched. This research explores the use of secure portable execution and storage environments (secure PESEs) to improve information security for the remote work categories of telework, and mobile and deployed working.
This thesis with publication makes an original contribution to improving remote work information security through the development of a body of knowledge (consisting of design models and design instantiations) and the assertion of a nascent design theory. The research was conducted using design science research (DSR), a paradigm where the research philosophies are grounded in design and construction.
Following an assessment of both the remote work information security issues and threats, and preparation of a set of functional requirements, a secure PESE concept was defined. The concept is represented by a set of attributes that encompass the security properties of preserving the confidentiality, integrity and availability of the computing environment and data. A computing environment that conforms to the concept is considered to be a secure PESE, the implementation of which consists of a highly portable device utilising secure storage and an up-loadable (on to a PC) secure execution environment. The secure storage and execution environment combine to address the information security risks in the remote work location.
A research gap was identified as no existing ‘secure PESE like’ device fully conformed to the concept, enabling a research problem and objectives to be defined. Novel secure storage and execution environments were developed and used to construct a secure PESE suitable for commercial remote work and a high assurance secure PESE suitable for security critical remote work. The commercial secure PESE was trialled with an existing telework team looking to improve security and the high assurance secure PESE was trialled within an organisation that had previously vetoed remote working due to the sensitivity of the data it processed.
An evaluation of the research findings found that the objectives had been satisfied. Using DSR evaluation frameworks it was determined that the body of knowledge had improved an area of study with sufficient evidence generated to assert a nascent design theory for secure PESEs.
The thesis highlights the limitations of the research while opportunities for future work are also identified. This thesis presents ten published papers coupled with additional doctoral research (that was not published) which postulates the research argument that ‘secure PESEs can be used to manage information security risks within the remote work environment’.
18
Lisander, Joakim, and Niklas Lyxell. "Problem kring mobilforensik : En sammanställning om hur mobiltelefoner och forensiska verktyg hanterar kryptering, utvinning och molnlagring." Thesis, Högskolan i Halmstad, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-30747.
Full textAbstract:
Mobiltelefoner innehåller idag en stor mängd information som är av stort forensiskt intresse. Att skydda informationen i sin telefon är en självklarhet för många och utvecklarna av de mobila operativsystemen lägger nu större vikt på säkerhet och skydd av information. Kryptering är idag standard i de flesta mobiltelefoner och det leder till problem vid utvinning. Arbetet tar upp och jämför hur kryptering hanteras av iOS, Android och Windows Phone och vilka tillvägagångssätt som finns vid utvinning av data genom att kringgå skärmlåsen som krävs för att krypteringen ska fungera. Arbetet ger även en inblick på molnlagring i och med att det blir allt vanligare och kan komma att bli mer relevant för forensiker eftersom telefonerna blir allt svårare att utvinna data ifrån. Dessutom ges en liten inblick på forensiska verktyg som finns idag, vilka brister de har och vad som är oklart hos dem. Frågeställningarna har besvarats genom att en grundläggande litteraturstudie genomförts för att få den bakgrundsfakta som krävs. Därefter gjordes det experiment för att visa på brister i de forensiska verktygen. Avslutningsvis svarade två it-forensiker från polisen på intervjufrågor via mail, det gjordes för att lyfta fram problematiken och visa på hur situationen ser ut i arbetslivet idag. Arbetets resultat visar på att alla operativsystem ger, beroende på hur användaren har anpassat telefonen, möjlighet till fullt skydd mot utvinning. Och därmed klarar de forensiska verktygen som finns idag inte av att utvinna någon relevant information ifrån de senaste mobiltelefonerna. Som forensiker borde man utnyttja att molnlagring börjat användas mer och mer, då det där kan finns mycket bra information. Slutsatser som kan dras efter arbetet är att det behövs nya metoder för att utvinna data ifrån mobiltelefoner då de metoder som tidigare använts inte är kompatibla med de senaste telefonerna på grund utav de krypteringsfunktioner som används. Det finns metoder som kan fungera, men dessa metoder fungerar bara med rätt förutsättningar, vilket gör att det inte är en lösning som man alltid kan applicera. Forensiker borde även utforska möjligheten att få fram information ifrån molnlagringstjänster ifall data på telefonen är oåtkomlig för alla utom ägaren. Arbetet syftar inte till att ta fram nya metoder för utvinning eller arbetssätt inom det stora området forensik, utan kartlägger problemområdet inom mobilforensik och ger förslag på och diskuterar möjliga lösningar.
19
Hubac, Sylvain. "Nouvelles stratégies d'analyses rapides d'acides nucléiques : étude et développement de dispositifs de prélèvements biologiques à des fins d'identification par empreinte génétique." Thesis, Cergy-Pontoise, 2017. http://www.theses.fr/2017CERG0872.
Full textAbstract:
La criminalistique peut être définie comme l’application de procédés techniques aux investigations judiciaires permettant l’étude scientifique des traces et des indices retrouvés sur les scènes de crime.Depuis la découverte de l’empreinte génétique par Sir Alec Jeffreys en 1984, le monde judiciaire s’est profondément ancré dans l’ère de l’ADN en raison d’évolutions technologiques successives dans le domaine de la biologie moléculaire et ses applications en criminalistique. Le besoin de réponse instantanée est omniprésent dans les esprits. La mise en œuvre de techniques d’analyses simples, sensibles, fiables et permettant d’obtenir des résultats dans les plus brefs délais sont les clés du succès.Au cours des processus techniques, la collecte du matériel biologique, et donc de l’ADN au sein de la trace, constitue une étape incontournable et cruciale qui va conditionner la réussite des analyses. Ce travail de recherche a donc consisté à développer des solutions performantes de prélèvements de matériels biologiques soit en détournant de leur fonction initiale des solutions existantes soit en développant des solutions simples mais innovantes combinant les avantages des solutions existantes. Ces travaux ont permis de donner naissance au micro-écouvillon GendSAG. Les potentialités de GendSAG permettent de proposer une solution alternative aux solutions commerciales de systèmes intégrés d’analyses rapide d’ADN. Cette solution alternative d’analyse rapide et haut débit de l’ADN mise en œuvre dans un laboratoire mobile au plus près de la scène de crime répond non seulement à la grande majorité des avantages des systèmes intégrés mais également à toutes leurs limitationsForensic sciences can be defined as the used of technical processes to judicial investigations allowing the scientific study of traces and evidences found on crime scenes.Since the discovery of DNA fingerprinting by Sir Alec Jeffreys in 1984, the legal world has become deeply rooted in the DNA by successive technological developments in molecular biology and its applications in forensic. The need for instant response is omnipresent in the minds. The key to success is the implementation of simple, sensitive, reliable analytical techniques that enable results to be achieved in the shortest possible time.During these technical processes, the collection of biological samples, is an unavoidable and a crucial step that will condition the analysis success rate. This study consisted in developing efficient biological collecting solutions either by diverting from their original function the existing solutions or by developing simple but innovative solutions combining the advantages of the existing solutions. This allowed developing the micro-swab GendSAG. The potentialities of GendSAG make it possible to propose an alternative solution to the commercial rapid DNA analysis integrated systems. This rapid, cost effective and high-throughput DNA analysis solution performed in a dedicated mobile laboratory directly into the crime scene enables the large majority of the rapid DNA analysis integrated systems benefits and also all of their limitations
20
Passetti, Renata Regina 1981. "O efeito do telefone celular no sinal da fala : uma análise fonético-acústica com implicações para a verificação de locutor em português brasileiro." [s.n.], 2015. http://repositorio.unicamp.br/jspui/handle/REPOSIP/271133.
Full textAbstract:
Orientador: Plínio Almeida BarbosaDissertação (mestrado) - Universidade Estadual de Campinas, Instituto de Estudos da Linguagem
Made available in DSpace on 2018-08-27T03:40:06Z (GMT). No. of bitstreams: 1 Passetti_RenataRegina_M.pdf: 2198292 bytes, checksum: 75f3471d8eeffbfb0346d7705e4ea136 (MD5) Previous issue date: 2015
Resumo: Esta dissertação avalia os efeitos causados ao sinal da fala pela transmissão telefônica de linhas móveis e, com isso, busca determinar o grau de modificação fonético-acústica intralocutor causado pelo filtro de banda do canal telefônico à voz habitual e os efeitos que a transmissão telefônica exerce sobre as vogais orais do português brasileiro, pelo estudo de parâmetros acústicos que são afetados por esse tipo de transmissão. As análises investigaram quais características acústicas eram modificadas e quais permaneciam inalteradas na fala de indivíduos diante da utilização de telefones celulares quando comparadas a gravações diretas. O corpus constitui-se de gravações de 10 locutores do sexo masculino, realizadas de forma simultânea nas condições via celular e direta, pelo posicionamento de um microfone em frente aos sujeitos enquanto falavam ao celular. As vogais orais do português brasileiro foram transcritas e segmentadas e, posteriormente, foi utilizado o script ForensicDataTrecking para extração automática das seguintes classes de parâmetros: frequência dos três primeiros formantes (F1, F2 e F3), frequência fundamental (F0), ênfase espectral, frequência de base da fundamental (baseline) e duração interpicos de F0 presentes no discurso. Foram conduzidas análises acústicas com o objetivo investigar os efeitos da transmissão telefônica sobre as vogais orais do português brasileiro, sobre os locutores e no espaço vocálico dos locutores. As análises foram validadas estatisticamente. Para a análise do efeito da transmissão telefônica sobre as vogais orais do português brasileiro, os resultados revelam alterações nas frequências do primeiro e o terceiro formante de, aproximadamente, 14%, na condição telefônica. Em relação às frequências do segundo formante, os resultados da análise de dispersão mostraram que a transmissão telefônica agiu de forma a aumentar artificialmente as frequências de vogais com baixos valores de F2 e a diminuir as frequências de vogais com altos valores de F2. Dos parâmetros acústicos investigados na análise dos efeitos da transmissão telefônica sobre os locutores, apenas a baseline e a duração interpicos de F0 não apresentaram diferenças estatisticamente significativas entre as duas condições de gravação, indicando robustez aos efeitos da transmissão telefônica e podendo ser considerados como parâmetros eficazes na análise forense. Esta análise revelou, também, que a transmissão telefônica agia de maneira distinta nos sujeitos, o que permitiu que fossem agrupados a depender do parâmetro investigado. A análise do efeito telefônico no espaço vocálico dos sujeitos complementou os resultados das análises anteriores. De modo geral, observou-se um abaixamento global do espaço vocálico na gravação telefônica, influenciado pelo aumento nas frequências de F1. A diminuição dos valores de F2 para as vogais anteriores e o aumento nos valores deste formante para vogais posteriores comprimiu o espaço vocálico da maioria dos sujeitos. As modificações nas disposições das vogais têm implicações perceptuais, uma vez que o abaixamento e redução do espaço vocálico fizeram com que as vogais se situassem proximamente a regiões centrais, podendo soar como mais abertas no telefone celular
Abstract: This dissertation evaluates the effects to speech signal due to telephone transmission of mobile phones and seeks to determine the degree of intra-speaker acoustic-phonetic modification caused by the mobile phone band-pass filter to the speech signal and the telephone transmission effects over the Brazilian Portuguese oral vowels by the study of the acoustic parameters affected by this kind of transmission. The analysis investigated which are the acoustic cues which are modified and which cues remain undifferentiated in the speaker's speech by the use of a mobile phone in comparison to direct recordings. The corpus used consists of simultaneous recordings of 10 male speakers in two conditions: via mobile phone and face-to-face, by placing a microphone directly in front of the subjects. The Brazilian Portuguese oral vowels were segmented and transcribed and the ForensicDataEvaluator script was used to automatically extract the following acoustic parameters: three first formants frequencies (F1, F2 and F3), median of fundamental frequency (F0), spectral emphasis, fundamental frequency baseline and F0 inter-peaks duration. The acoustic analyses aimed at investigating the telephone transmission effects over the Brazilian Portuguese oral vowels, over the speakers and at the speakers¿ vowel space. The analyses were supported statistically. The analysis of the telephone transmission effect over the Brazilian Portuguese oral vowels showed variations of 14% in the frequencies of the first and the third formants. The analysis of the scatter plot of F2 values showed that the mobile phone band-pass filtering has an effect of shifting upwards vowels with low values of F2 and shifting downwards vowels with high values of F2. For the analysis of the telephone transmission effects over the speaker only the acoustic parameters "fundamental frequency baseline" and "F0 inter-peaks duration" did not show any difference statistically significant between the two recording conditions, demonstrating robustness to the telephone transmission effects, which make them able to be considered as powerful parameters for forensic analysis. This analysis also revealed that the telephone transmission affects the speakers in different ways, which set them into different groups of speakers depending on the parameter analyzed. The analysis of the telephone effect in the speakers¿ vowel space shed some light on the previous analyses. In general, the increase of the F1 values in the mobile phone situation caused a global downward displacement of the vowel space. The decrease of the F2 values for the front vowels and the increase of the values of this formant for back vowels reduced the area of the vowel space for the most of the subjects. The vowels rearrangement at the vowel space in the telephone situation has some perceptual implications, since the lowering and reduction of the vowel space made the vowels be placed at its center, which could result in hearing these vowels as more open over the mobile phone
Mestrado
Linguistica
Mestra em Linguística
21
"Enhancing Mobile Forensics on iOS." Master's thesis, 2015. http://hdl.handle.net/2286/R.I.36434.
Full textAbstract:
abstract: Due to the shortcomings of modern Mobile Device Management solutions, businesses
have begun to incorporate forensics to analyze their mobile devices and respond
to any incidents of malicious activity in order to protect their sensitive data. Current
forensic tools, however, can only look a static image of the device being examined,
making it difficult for a forensic analyst to produce conclusive results regarding the
integrity of any sensitive data on the device. This research thesis expands on the
use of forensics to secure data by implementing an agent on a mobile device that can
continually collect information regarding the state of the device. This information is
then sent to a separate server in the form of log files to be analyzed using a specialized
tool. The analysis tool is able to look at the data collected from the device over time
and perform specific calculations, according to the user's specifications, highlighting
any correlations or anomalies among the data which might be considered suspicious
to a forensic analyst. The contribution of this paper is both an in-depth explanation
on the implementation of an iOS application to be used to improve the mobile forensics
process as well as a proof-of-concept experiment showing how evidence collected
over time can be used to improve the accuracy of a forensic analysis.Dissertation/Thesis
Masters Thesis Computer Science 2015
22
葉書廷. "iOS Forensics in Instant Message with Mobile Explorations." Thesis, 2016. http://ndltd.ncl.edu.tw/handle/nxjb2c.
Full text
23
(11205891), Tanvi Milind Gandhi. "Forensic Analysis of GroupMe on Android and iOS Smartphones." Thesis, 2021.
Find full textAbstract:
The growing popularity of instant messaging has led to the conception of several new applications over the span of the past decade. This has opened up an attack surface for cybercriminals to target susceptible app users. GroupMe is a free IM app widely used by students and so far, no comprehensive forensic analysis has been performed to aid forensic practitioners in recovering evidence from GroupMe on smartphones. This research performs a detailed analysis of the digital artifacts left by the app on Android and iOS devices. This was achieved by installing the app on two mobile phones (Samsung Galaxy S7 Edge and iPhone 6), and identifying each artifact created by performing a series of actions in the app ranging from sending texts, to sharing images and documents, along with their location. Using Cellebrite UFED and Magnet AXIOM, a significant number of artifacts were accurately recovered mainly from the “GroupMe.sqlite” and “GroupMe.sqlite-wal” databases. Out of the 335 artifacts populated on the iPhone, 317 were correctly recovered by both UFED and AXIOM, resulting in an accuracy of 94.62%. No GroupMe related artifacts could be recovered from the Android device. This was due to several physical imaging and rooting limitations imposed by the Samsung SM-935A model, which was used during the study.
24
(8800973), Kelsey Billups. "New and Emerging Mobile Apps Among Teens - Are Forensic Tools Keeping Up?" Thesis, 2020.
Find full textAbstract:
Mobile applications are an important but fast changing piece of the digital forensics’ world. For mobile forensics researchers and field analysts, it is hard to keep up with the pace of the ever-changing world of the newest and most popular applications teens are using. Mobile forensic tools are quickly becoming more and more supportive of new applications, but with how quickly apps are changing and new ones being released, it is still difficult for the tools to keep up. The research question for this project examines to what extent digital forensic tools support new and emerging applications seen recently in investigations involving teenagers? For this research, a survey was conducted asking digital forensic analysts, and others who investigate digital crimes, what applications they are coming across most frequently during investigations involving teens and whether those applications are being supported by forensic tools. The top three applications from the survey that were not supported by mobile forensic tools, Monkey, Houseparty, and Likee were populated onto a test device and then evaluated and analyzed to see what forensic artifacts were found in those applications. The mobile application artifacts were then compared on two different forensic tools to see which tool obtains the most forensic artifacts from the applications. Through the examination and analysis of the applications and data contained within the apps, it was determined that 61% of the populated forensic artifacts were recovered manually and only 45% were recovered by a forensic tool for the Monkey application. 100% of the populated forensic artifacts were recovered manually and only 29% were recovered by a forensic tool for the Houseparty application. 42% of the populated forensic artifacts were recovered manually and only 3% were recovered by a forensic tool for the Likee application. It was found that the extent of support from digital forensic tools for these types of applications depends greatly on how the application stores the artifacts, but the artifact extraction support was limited for all applications. This research benefits in helping researchers and analysts by understanding the data and artifacts contained within the applications, what forensic artifacts are recoverable, and where to find those important artifacts. This research can help in finding important evidence for future investigations.
25
Chen, Sheng-Wen, and 陳聖文. "Mobile Forensics System – Design and Implementation of Android Live SD." Thesis, 2012. http://ndltd.ncl.edu.tw/handle/74kgzn.
Full textAbstract:
碩士國立高雄師範大學
資訊教育研究所
100
Android is a fast-developing smart phone operating system with rising penetration rate. It becomes more vital in both daily life and work for people than traditional feature phones because users can themselves add plug-in programs, as what they can do in computers. Being vital to users means smart phones contain rich personal information, and this indeed raises concern to maintain the information security on devices. In recent years, phone security events emerges, and the terms of personal information leakage and malware embedding is no news anymore. Therefore, besides the emphasis on regular guarding practice by users, it is important as well how forensic professionals could collect evidences as possible from victim phones as soon as the security events happened. In this research, by using the characteristic of allowing users to legally update the service packs in Android, we designed and implemented in the memory cards to realize Live SD platform to perform mobile digital forensics on Android smart phones referring to the theory of Live CD/DVD/USB digital forensics in computers. The physical data acquisition and disk image making are performed for evidence collection on the phones which are not Root-authorized. As for Live SD, based on Android OS as digital forensic platform, we developed and designed with open-source-code tools and integrated the required forensic tools into Android Live SD platform to conduct forensic analysis.
26
左育丞. "High-tech Crime and Digital Forensics in Mobile iPhone Systems." Thesis, 2012. http://ndltd.ncl.edu.tw/handle/2wrvr9.
Full text
27
Bernardo, Bruno Miguel Vital. "Toolbox application to support and enhance the mobile device forensics investigation process - breaking through the techniques available." Master's thesis, 2021. http://hdl.handle.net/10362/113177.
Full textAbstract:
Dissertation presented as the partial requirement for obtaining a Master's degree in Information Management, specialization in Knowledge Management and Business IntelligenceOne of the main topics that is discussed today is how can a person leverage on technology on a positive and secure way in order to enhance their daily life, making it a healthier, more productive, joyful and easier. However, with improvements in technology, comes challenges for which there is not yet a stable and safe way to overcome. One of the greatest challenges that people are faced has to do with their concern on their privacy and on the safeguard of their sensitive information that is stored in any device that one uses. In fact, one of the most used technology is the Mobile, which can take several forms, features, shapes, and many other components. In line manner, cybercrime is growing rapidly, targeting the exploitation and retrieval of information from these gadgets. Even so, with a Mobile, comes several challenges including a rapidly dynamic change in its landscape, an everincreasing diversity of mobile phones forms, integration of the information on a Mobile into the Cloud and IoT. As such, it’s vital to have a stable and safe toolbox that will enable a digital investigator to potentially prevent, detect and solve any issue that may be related to Mobile Device Forensics while solving out various investigations, being it criminal, civil, corporate or any other.
28
Bopape, Rudy Katlego. "Towards a unified fraud management and digital forensic framework for mobile applications." Diss., 2015. http://hdl.handle.net/10500/21202.
Full textAbstract:
Historically, progress in technology development has continually created new opportunities for criminal activities which, in turn, have triggered the need for the development of new security-sensitive systems. Organisations are now adopting mobile technologies for numerous applications to capitalise on the mobile revolution. They are now able to increase their operational efficiency as well as responsiveness and competitiveness and, most importantly, can now meet new, growing customers’ demands.
However, although mobile technologies and applications present many new opportunities, they also present challenges. Threats to mobile phone applications are always on the rise and, therefore, compel organisations to invest money and time, among other technical controls, in an attempt to protect them from incurring losses. The computerisation of core activities (such as mobile banking in the banking industry, for example) has effectively exposed organisations to a host of complex fraud challenges that they have to deal with in addition to their core business of providing services to their end consumers. Fraudsters are able to use mobile devices to remotely access enterprise applications and subsequently perform fraudulent transactions. When this occurs, it is important to effectively investigate and manage the cause and findings, as well as to prevent any future similar attacks. Unfortunately, clients and consumers of these organisations are often ignorant of the risks to their assets and the consequences of the compromises that might occur. Organisations are therefore obliged, at least, to put in place measures that will not only minimise fraud but also be capable of detecting and preventing further similar incidents.
The goal of this research was to develop a unified fraud management and digital forensic framework to improve the security of Information Technology (IT) processes and operations in organisations that make available mobile phone applications to their clients for business purposes. The research was motivated not only by the increasing reliance of organisations on mobile applications to service their customers but also by the fact that digital forensics and fraud management are often considered to be separate entities at an organisational level.
This study proposes a unified approach to fraud management and digital forensic analysis to simultaneously manage and investigate fraud that occurs through the use of mobile phone applications. The unified Fraud Management and Digital Forensic (FMDF) framework is designed to (a) determine the suspicious degree of fraudulent transactions and (b) at the same time, to feed into a process that facilitates the investigation of incidents.
A survey was conducted with subject matter experts in the banking environment. Data was generated through a participatory self-administered online questionnaire. Collected data was then presented, analysed and interpreted quantitatively and qualitatively. The study found that there was a general understanding of the common fraud management methodologies and approaches throughout the banking industry and the use thereof. However, while many of the respondents indicated that fraud detection was an integral part of their processes, they take a rather reactive approach when it comes to fraud management and digital forensics. Part of the reason for the reactive approach is that many investigations are conducted in silos, with no central knowledge repository where previous cases can be retrieved for comparative purposes. Therefore, confidentiality, integrity and availability of data are critical for continued business operations.
To mitigate the pending risks, the study proposed a new way of thinking that combines both components of fraud management and digital forensics for an optimised approach to managing security in mobile applications. The research concluded that the unified FMDF approach was considered to be helpful and valuable to professionals who participated in the survey. Although the case study focused on the banking industry, the study appears to be instrumental in informing other types of organisations that make available the use of mobile applications for their clients in fraud risk awareness and risk management in general.Computing
M. Sc. (Computing)
29
Fang, Yen-Fei, and 方彥霏. "Study on Constructing Digital Evidence Forensics Standard Operating Procedures for Mobile Device - Extraction and Analysis of Digital Evidence on Smartphone." Thesis, 2016. http://ndltd.ncl.edu.tw/handle/qrh62j.
Full textAbstract:
碩士國立宜蘭大學
多媒體網路通訊數位學習碩士在職專班
104
As Internet technology improves, mobile communications protocols mature and intelligent diversification and the popularity of mobile phones, change the habits of people using their cell phones, cell phone is no longer a traditional phone, smart phone, you can use communications software to communicate, surf the Web page associated with the transaction and storage of personal information ( Such as photos, notes, etc ), It's like computer action. Convenience of mobile phones, making it dependent on deepening, even those tools of crime, smart phone as the computer there are a lot of electromagnetic records, these records are digital evidence forensic value. In view of this, traditional methods of forensic equipment and will not be enough to gather digital evidence in the mobile phone. About digital evidence, and selection and use of forensic tools, is the main professional and examiner must have basic knowledge. Digital evidence collection, analysis, extraction process, you must use the standard digital forensics process in order to enhance its credibility and effectiveness. According to the scholars of this study by Professor I-Lon Lin 's Digital Evidence Forensics Standard Operating Procedure (DEFSOP), To constructing Digital Evidence Forensics Standard Operating Procedure for Mobile Device (DEFSOP For Mobile Device ). With the ISO 27037:2012 and ISO 27041:2015 analysis than to verify DEFSOP Rigorous and availability through the example DEFSOP For Mobile Device integrity and effectiveness. Mobile phone forensics operations, data extraction has some software tools can be used, under the multiple tools of interaction uses, extract the necessary evidence is not a problem, more difficult question is how to properly manage all these digital evidence, its maximum effectiveness. This study selected forensics tool for Android provides the ADB and the Cellebrite UFED through digital evidence forensics software extraction, classification and identification of data availability and validity of cross-analysis, comparison of reducing crime facts. The results of this study contribute: First, this study suggests that the Digital Evidence Forensics Standard Operating Procedure for Mobile Device (DEFSOP For Mobile Device) prototype, and three real cases to prove the four stages theory concepts, phases of preparation, action and reporting, provides event investigation and forensics officers followed standard operating procedures. Second, this study used forensic tools ADB and UFED , Through the comparative analysis of the advantages and disadvantages, operation and presentation of results, provide event investigation forensic tools reference you can follow. Three, an event-handling standards, this paper studies the international funding ISO 27041:2015 and use Cellebrite UFED Forensic tool test for China's first research master's thesis.
30
Yang, Chieh-Chiang, and 楊傑強. "Smart Mobile Device Forensic Platform: Business Model." Thesis, 2017. http://ndltd.ncl.edu.tw/handle/8cx4ma.
Full textAbstract:
碩士國立臺北科技大學
管理學院經營管理EMBA泰國專班
105
Ever since the release of the first iPhone in 2007, the rise of smart mobile devices has dramatically reconstructed the sphere of mobile network. Ten years ago, we could hardly imagine using phones to connect to the internet. In addition to a small unattractive screen display, phones at the time were accompanied by slow connection speed and expensive data transfer cost, which discourages the majority from using phone as a medium for internet connection. Rather, only a handful of high-end people required the use of mobile devices to perform data transmission, to send, and to receive email for business purposes. In less than a decade, mobile communication technology had surpassed people’s imagination. As communication technology moves forward from 2G (GPRS/EDGE) to 3G UMTS to 4GLTE, people who do not subscribe to wireless mobile internet services nowadays have shifted to become the minority group. In recent years, the incorporation of smart mobile devices such as smart phones, tablets, smart watches, etc. in daily lives has enabled criminals to commit crime through the utilization of smart mobile device’s wide range software applications, posing major security issues in many countries. This study utilizes smart mobile equipment, digital forensic procedures, mobile forensic tools to extract and gather criminal suspect information onto the cloud. Then, Big Data analysis can be applied to digital forensic analysis data extraction, mass storage data analysis of criminal patterns, and extraction of criminal intelligence as a digital forensic business module (Economic Model of Cloud Data Sharing).
31
陳明源. "Forensic Analysis of Mobile Instant Messaging Applications on Android Smartphones." Thesis, 2017. http://ndltd.ncl.edu.tw/handle/4rw35z.
Full textAbstract:
碩士中央警察大學
刑事警察研究所
106
Mobile instant messaging applications are very popular among smartphone users because they provide the convenience for interpersonal communication. Through the internet, users can communicate with each other using messages, texts, files, pictures, movies, and voices. However, they can also be used as communication tools for criminal activities, and criminals may even use their various social functions to assist their crim-inal activities. In actual criminal investigation, investigators mostly use the expensive equipment provided by private companies to collect and analyze the data in smartphones. For new smartphones or new version applications, it often happens that the data cannot be collected and ana-lyzed because the speed of the development of smartphones is much faster than the speed of updating the equipment. For smartphone operating systems, Android currently has the highest market share. In this paper, we use two free tools, ADB (Android Debug Bridge) and SQLite Database Browser, to collect and analyze the data of 10 popular mobile instant messaging applications for Android smartphones. Not only we can save money, but we can also speed up the collection and the analysis of data. In addition, we also propose a method to solve the problem of collecting and analyzing the cloned mobile instant messaging applications.
32
Peng, Wan-Ting, and 彭琬婷. "The Design and Implementation of Cloud Anti-Forensic System on Android Mobile Devices." Thesis, 2014. http://ndltd.ncl.edu.tw/handle/53469502981104632149.
Full textAbstract:
碩士國立高雄師範大學
資訊教育研究所
102
Android is the operating system used on mobile devices by Goggle. The fact that the sale numbers of smart phones and the amount of storage have increased and there exist a wide variety of applications for users to download all make smart phones an integral part of people's lives. Due to the fact that users are more inclined to store their personal data on smart phones and the bill of personal information protection has passed at the end of October last year, the safety of personal data on smart phones has received greater attention. The definition of Anti-forensics is the attempt to compromise effective and useful digital evidence to result in negative influence during the process of investigation. There are four types of Anti-investigation: Data Hiding, Artifact Wiping, Trail Obfuscation and Counterfeiting evidence. The research is based on Data Hiding of Anti-forensics and conducts encryption and decryption towards private information such as, contacts, call logs and SMS through the powerful computing ability of Cloud, which quickens the processes of Anti-forensics effectively, prevents and reduces the chances of the disclosure and leakage of private information, and protects personal data from being utilized by people with bad intentions. At the end, the system is implemented on Android mobile devices.
33
Tsai, Yuan-Chi, and 蔡沅錡. "Design and Implementation of Forensic Systems with Unlock Screen and Physical Acquisition for Android Mobile." Thesis, 2013. http://ndltd.ncl.edu.tw/handle/36041971267622794939.
Full textAbstract:
碩士國立高雄師範大學
資訊教育研究所
101
With the prevalence of domestic Internet service, the use of smart phones becomes popular. The Android system published by Google in 2007 soon dominated the market of operating systems of smart phones. In order to ensure that users’ privacy is secured, Android utilizes the basic security measure Screen Lock (including Pattern Lock, PIN Lock and Password Lock). However, the design may be misused and become a means to protect crimes. Therefore the problems of how to acquire the digital evidence when the device is locked and how to unlock the device in order to finish other forensic investigations remain to be solved. Based on the mobile forensics protocol provided by NIST, the research focuses on how to do physical acquisition, disk image and unlock screen of the device when android smart phone are on Screen Lock. With a personal computer, the acquired data can be further analyzed and the deleted data can be recovery. Finally,unlock mobile can be finish other forensic works.
34
Pin, Chang Feng, and 鄭鋒濱. "A Study on the Differences of Capturing Digital Evidence by Forensic Tools Based on Mobile Device Platform." Thesis, 2014. http://ndltd.ncl.edu.tw/handle/75964868104108420059.
Full textAbstract:
碩士國防大學
資訊管理學系
103
With the popularity of mobile devices and Internet use, crime information network has been significantly improved, the crime scene is no longer limited to physical traces card crime, law enforcement officers with traditional forensic equipment and tools are insufficient to capture Internet digital space scene evidence.Therefore, law enforcement officers are required to understand the extent of the platform for mobile devices, such as electromagnetic records which may be generated, which will not get the record, what tools should be used to carry out forensic,it’s their basic knowledge. In response to the investigation of crime and improve smartphone efficiency and detection rate, investigators must be able to promptly identify and trace the source of the problem and, through compliance with standard operating procedures, evidence collection and processing so that come with digital evidence in court evidence probative force and enhance the professionalism of the forensic report and credibility. Thus, for different smartphone platforms crime patterns, what type of digital evidence should capture and use what professional forensic tools in order to effectively and quickly for digital forensic evidence, as court evidence in the courts has become very important. and how to provide an appropriate recommendations or guidelines for the use of law enforcement personnel reference, has become very urgent and important issues worth exploring. This study attempts to create a different smartphone platforms use the same context, and the use of different professional forensic tools implementation, by sorting, classification, analysis and other steps to retrieve the digital evidence to compare the implementation of key differences, such as the mirror file produced time, file restore time, the identification data integrity, data identification readability, data identification number, to restore the hardware and software categories and support system, expect to obtain an objective relative differences in data, and then for different smartphones platform crime patterns, what type of digital evidence should capture and use what professional forensic tools in order to effectively and quickly for digital forensic evidence put forward appropriate recommendations or guidelines related to law enforcement officers to serve for reference use; study showed relevant information is available forensic personnel familiar with the operation and forensic tools to be an effective reference for the court, and proposed future direction for the development of resistance and forensic work.
35
LIN, CHAO-MENG, and 林照萌. "Research on Constructing Moblie Device Digital Evidence Forensics Mechanism and Case Verification - Taking Instant Messaging Software as an Example." Thesis, 2019. http://ndltd.ncl.edu.tw/handle/z9qddq.
Full textAbstract:
碩士國立宜蘭大學
多媒體網路通訊數位學習碩士在職專班
107
As technology becomes more developed, mobile devices continue to update service offerings, use mobile phones to communicate messages and communicate with each other. The main reason for the popularity of instant messaging software is their cross-platform compatibility and minimal or no additional cost. Through handheld mobile devices, you can use the communication software to communicate with each other, browse the web and transactions, and store personal related information (such as photos, notes, etc.). The convenience brought by mobile phones has made people's reliance on it deeper and even become a criminal tool for people with a heart. There are a large number of forensic digital evidence in smart phones. In view of this, traditional identification devices and methods will not be enough to collect. Digital evidence in the phone. The cognition of electromagnetic recording and the selection and use of forensic tools will be the knowledge that must be possessed by forensic personnel. The digital evidence identification enhances the overall evidence ability and evidence proof through the collection, analysis, and extraction processes in accordance with the standard identification process. This study is based on the Digital Evidence Standard Operating Procedure (DEFSOP) proposed by Professor Lin Yilong, a domestic scholar, to construct a new DEFSOP for Mobile Forensis. Verify the rigor of New DEFSOP for MF by comparing with ISO/IEC 27037:2012, ISO/IEC 27041:2015, ISO/IEC 27042:2015 and ISO/IEC 27043:2015, and verify New DEFSOP for Mobile by example The integrity and availability of Forensics. In the process of digital forensic work, the use of tool software to extract important data is no longer a problem. The more difficult thing is how to properly keep the evidence and maximize its effectiveness. The digital identification tools used in this study are UFED, XRY and MobileEdit, which extract important evidence through the forensic software, classify and identify the availability, analysis and comparison of the data to restore the truth of the crime.
36
Chou, Po-How, and 邱柏豪. "The study on the capturing digital evidence by forensic tools with enterprise mobility management encryption application based on mobile device." Thesis, 2018. http://ndltd.ncl.edu.tw/handle/9j4589.
Full textAbstract:
碩士國立交通大學
管理學院資訊管理學程
106
Recently, the development of information technology and the mobile devices, whether it is in the work, school or various applications in life, it is inseparable from mobile devices and digital information content. The applications developed by mobile devices are widely used in daily life and also used in different fields, including medical, information processing, biometrics, financial transactions, navigation and positioning, and information science. The most popular applications for mobile are communication and email. However, the applications use in phishing, scams, or theft of data. The information-intensive environment, when a digital criminal record is to be verified, it is necessary for a professional digital forensic tool to verify it. However, the rapid development of information security and digital forensics has provided evidence of more evidence and credibility for the standardization and technology of digital forensics in the future. The encrypting applications from mobile, extracting sent and received letters and enterprise applications developed by the company, using digital forensics tools to process and retrieve feature information to identify the correctness of the source and verify the information extracted by the encrypted application. And indirectly understand whether it can provide evidence of favorable evidence and credibility. In the experiments of this paper, test results were obtained through the same forensic tools, mobile device systems, and encryption applications. In summary, the research results show that the evidence ability and credibility evidence provided by the digital forensic tools can be applied legally. However, the encrypted application can protect the enterprise data without being accessed by special permission or tools. And provide the correct digital evidence.
37
Barmpatsalou, Konstantia. "Uma integração de métodos de aquisição forense em tempo real nos sistemas PPDR da próxima geração." Doctoral thesis, 2021. http://hdl.handle.net/10316/95279.
Full textAbstract:
Tese no âmbito do Programa de Doutoramento em Ciências e Tecnologias da Informação, apresentada ao Departamento de Engenharia Informática da Faculdade de Ciências e Tecnologia da Universidade de Coimbra.Os dispositivos móveis substituíram os computadores pessoais e portáteis em muitos aspectos da rotina diária das pessoas. Na practica, eles transformaramse em impressões digitais que carregam uma quantidade crítica de informações pessoais, que variam desde conteúdo multimedia e registos de comunicação, a geolocalização e dados de transações eletrônicas. No entanto, o uso de dispositivos móveis não se limita às interacções pessoais de um indivíduo. Os dispositivos móveis podem constituir partes de redes de comunicação corporativas ou dedicadas. As redes corporativas e da emergência como os sistemas de Proteção Pública e Mitigação de Desastres (PPDR), exigem o estabelecimento de um ambiente altamente seguro, para proteger vários bens críticos. Além disso, organizações como a Polícia Judiciária acedem dados de dispositivos móveis de terceiras entidades como provas para investigações criminais. A aquisição e análise forense móvel têm um papel crucial tanto na proteção de um ambiente PPDR contra ataques intencionais ou uso indevido dos utilizadores, como na condução de uma investigação criminal robusta. Esta tese estuda o papel da aquisição e análise forense para sistemas PPDR, introduzindo uma metodologia para perfs digitais automatizados e identifcação de padrões suspeitos a partir de dados e metadados de dispositivos móveis. Três técnicas de computação inteligente, nomeadamente Fuzzy Systems, Redes Neuronais (RNs) e Adaptive Neuro-Fuzzy Inference System (ANFIS) são usadas para construir perfs criminais e identifcar padrões suspeitos em dados e metadados provenientes de chamadas e SMS para três cenários de casos de uso diferentes. Mais especifcamente, os Sistemas Fuzzy servíram como prova de conceito para detectar a deserção de agentes PPDR realizada por SMS. Um cenário mais complexo envolveu o uso de RNs e ANFIS, que foram empregados como meio de identifcação de padrões suspeitos de chamadas e SMS para casos de cyberbullying e de tráfico de droga. Os resultados que foram produzidos durante todas as fases experimentais foram bastante satisfatórios e foram comparados para defnir a técnica mais apropriada para a identifcação de padrões suspeitos.
Mobile devices have substituted desktop and portable computers in many aspects of people’s everyday routine. Practically, they have become digital fngerprints that carry a critical amount of personal information, varying from multimedia and communication logs to geolocation and electronic transaction data. Moreover, the usage of mobile devices is not limited to an individual’s personal interactions. The aforementioned devices may also constitute parts of corporate or dedicated communication networks. Enterprise and frst-responder communication networks, such as Public Protection and Disaster Relief (PPDR) systems require the establishment of a highly secured environment, in order to protect various critical assets. Moreover, services such as law enforcement may need to access third-party mobile device data as evidence for criminal investigations. Mobile forensic acquisition and analysis play a crucial role towards both the protection of a PPDR environment against intentional attacks or potential user misuse and the conduction of a robust criminal investigation. The current thesis studies the role of forensic analysis in use cases related to law enforcement investigations by introducing a methodology for automated digital profling and suspicious pattern identifcation from mobile device data and metadata. Three intelligent computation techniques, namely Fuzzy Systems, Neural Networks (NNs) and the Adaptive Neuro-Fuzzy Inference System (ANFIS) are used for constructing criminal profles and identifying suspicious patterns in calls and SMS evidence data and metadata for three different use case scenarios. More specifcally, Fuzzy Systems served as proof-of-concept for detecting PPDR ofcers’ defection performed by SMS. A more complex scenario for call and SMS suspicious pattern identifcation of cyberbullying and low-level drug dealing cases was documented with the use of NNs and ANFIS.
38
Visser, Bennet Louis. "The significance of physical surveillance as a method in the investigation of insurance fraud: a Discovery Life perspective." Diss., 2015. http://hdl.handle.net/10500/20182.
Full textAbstract:
Text in EnglishThe primary aim of this study is to determine the significance of the application of physical surveillance as a method in the investigation of insurance fraud conducted by the Surveillance Unit at the Forensic Department of Discovery Life. Various objectives were fulfilled in this study: To explore, identify and describe the value of the application of physical surveillance, as a forensic investigation method, in order to determine the significance of this method in the investigation of insurance fraud at the Forensic Department of Discovery Life. To determine whether the application of physical surveillance at the Forensic Department of Discovery Life is achieving its intended objective relating to the degree to which the beneficiary’s (Discovery Life) situation has changed as a result of this method. To apply new information, acquired from the findings of this study, to further develop good practice and enhance performance in order to empower investigators at Discovery Life with new knowledge relating to the application of physical surveillance in the investigation of insurance fraud. Semi-structured interviews were conducted with forensic investigators employed at the Forensic Department at Discovery Life. The research has revealed that the majority of forensic investigators, other than the Surveillance Unit, at the Forensic Department of Discovery Life do not utilise physical surveillance during insurance fraud investigations to assist them in gathering evidence. These investigators also had a lack of knowledge and skills regarding the utilisation of physical surveillance during insurance fraud investigations and the advantages of this method during insurance fraud investigations. As a result of the non-utilisation of physical surveillance during insurance fraud investigations conducted at the Forensic Department of Discovery Life, important information and evidence with regard to the movement and actions of identified perpetrators who commit insurance fraud are lost to the investigators. However, the significance of the application of physical surveillance in the investigation of insurance fraud is emphasised by the forensic investigators attached to the Surveillance Unit of Discovery Life who utilise physical surveillance on a daily basis to investigate insurance fraud. The research has further revealed that insurance fraud is a major concern to the insurance industry, but can be mitigated through the implementation of unconventional investigative methods, such as physical surveillance, to enhance investigative capabilities. It was recommended that all forensic investigators at Discovery Life be trained in the techniques of physical surveillance to address shortcomings of general and out-dated investigation methods.
Criminology and Security Science
M. Tech. (Forensic Investigation)
39
Lochner, Hendrik Thomas. "Kartering van selfoontegnologie." Diss., 2007. http://hdl.handle.net/10500/554.
Full textAbstract:
It is sincerely hoped that this work will motivate other researchers and in particular my colleagues to do further research in the field of cellphone technology, especially how it can be mapped to enable it to be utilised as evidence in our courts.
This research aims to develop the mapping of cellphone technology as an aid in the investigation of crime.
The mapping of cellphone technology refers to how cellphone technology can be utilised in crime investigation and in particular how a criminal can be placed at the scene of a crime, as a result of a cellphone call that was either made or received.
To place the suspect at the scene of a crime as a result of a call made or received, cellphone records and technology of the relevant cellphone company, as well as present computer programmes can be utilised. Shortly, it can be said that a criminal can geographically be placed within a space some where on this earth.Criminology
M.Tech. (Forensic Investigation)