Embed Size (px)
Citation preview
8/29/2016
1
Trends in Mobile Device Forensics
Jonathan Rajewski, MS, CCE, CFE, CISSP, ENCE, TJFCDirector - Senator Leahy Center for Digital InvestigationAssociate Professor - Digital Forensics | Cyber SecurityDigital Forensic Examiner - Vermont Internet Crimes Against Children Task Force
8/29/2016
2
Jonathan Rajewski, MSDirector - Senator Leahy Center for Digital InvestigationAssociate Professor - Digital Forensics | Cyber SecurityDigital Forensic Examiner - Vermont Internet Crimes Against Children Task Force
Professional CertificationsCCE, CFE, CISSP, ENCE, TJFCProfessional AssociationsBoard Member - BTV Ignite, DFCB – Digital Forensic Certified Practitioner “Founder”, CDFS - Consortium of Digital Forensic Specialists, ISFCE – International Society of Forensic Computer Examiners, ACFE – Association of Certified Fraud Examiners, HTCC – High Tech Crime Consortium
Recent Awards/Recognition 2014 US Ignite Application Summit Best Public Safety Application2014 Honored by FBI director James B. Comey2013 4 under 40 - Hilbert College
2013 C. Bader Brouilette Alumni Leadership Award - Champlain College2012 Top Digital Forensic Professor – Digital Forensics - Princeton Review2012 Best 300 Professors in the United States - Princeton Review 2011 Digital Forensic Examiner of the Year - Forensic 4cast Awards
s
8/29/2016
3
What is Digital Forensics?
What is Mobile Device Forensics?
http://kevinlanni.com/wp-content/uploads/2016/03/mobile-devices-2-1.png
8/29/2016
4
Mobile Device Forensics
Criminal Cases Corporate Cases Investigations
Do you have legal authority to search the device?
Which types of data is available?
• BehavioralLocationClicks/swipesActivity
• DevicePhotos/VideoDatabases
8/29/2016
5
Trend 1The Internet of Things is/will be everywhere
Internet of Things
20,000,000,000
http://www.gartner.com/newsroom/id/3165317
8/29/2016
6
Amazon Echo• Alexa is always
listening
• Amazon keepstrack of requests
• Forensics canreveal what wassaid and possiblythe voice of theperson speaking
Nest
These devices all work together to help monitor/cool/heat a location
8/29/2016
7
Nest• Given just the mobile device with the Nest app
installed, forensics can prove a LOT of things…
Trend 2Devices are encrypted
8/29/2016
8
So where is this data?
8/29/2016
9
How can you extract the data• There are thousands of phones on the market in
the United States.
• Hire a qualified expert that can explain exactlywhat they will be doing - not just “I’m going to use“X” Tool…
How can you extract the data?
• Manually review the phone (photos)
• Software Extraction
• Nondestructive Physical Extraction
• Destructive Physical Extraction
8/29/2016
10
Cloud Services
If you’re not paying for it, you are the product
8/29/2016
11
Facebook data?
Trend 3Wearables
8/29/2016
12
Cellular Service Provider
Internet ServiceProvider
GPS Tracking
8/29/2016
13
Trend 4Infotainment Syetems
Internet ServiceProvider
8/29/2016
14
Trend 5Artifacts are getting better
Wifi Tracking
8/29/2016
15
Wifi TrackingEvery mobile device with Wifi has a “MAC
Address”. This is like a serial number for the wifi connection. This data can be used to profile users and track their movements from access point to
access point.
8/29/2016
16
Please connect to our free wifi
Practical Scenario
8/29/2016
17
Practical Scenario
Practical Scenario
8/29/2016
18
Jonathan Rajewski, MS, CCE, CFE, CISSP, ENCEDirector - Senator Leahy Center for Digital InvestigationAssistant Professor - Digital Forensics | Cyber SecurityDigital Forensic Examiner - Vermont Internet Crimes Against Children Task Force
Thank you!
