{"title":"移动设备内部取证采集","authors":"G. Me, M. Rossi","doi":"10.1109/IPDPS.2008.4536557","DOIUrl":null,"url":null,"abstract":"Several technologies and products have emerged in the market lately for Personal Digital Assistants and smartphone data forensic acquisition. The smartphone market is very huge and provides a great variety of manufacturers and models causing a strong heterogeneity of the tools adopted to retrieve smartphone contents in a forensically sound way: in fact, in most cases, the mobile devices manufacturers implement their own (proprietary) protocols on the proprietary cable-jack and the proprietary OSs, causing the forensic operators to be overwhelmed by the one-on-one tools for every single mobile device. This paper aims to propose a new methodology and a tool to acquire the data by using the removable memory cards (e.g. SD, mini SD, MMC etc). This approach could represent a breakthrough in the mobile forensics, since the developed tool could replace the plethora of the hardware tools currently used. In this paper, firstly, we will summarize the current seizure methodology and its related problems when applied to the mobile device scenario. Then, we will introduce an alternative methodology to seize and examine the data from internal memory, overcoming some problems of the traditional methodology. At the end, we will show some experimental results of this methodology, obtained from a real device.","PeriodicalId":162608,"journal":{"name":"2008 IEEE International Symposium on Parallel and Distributed Processing","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-04-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"37","resultStr":"{\"title\":\"Internal forensic acquisition for mobile equipments\",\"authors\":\"G. Me, M. Rossi\",\"doi\":\"10.1109/IPDPS.2008.4536557\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Several technologies and products have emerged in the market lately for Personal Digital Assistants and smartphone data forensic acquisition. The smartphone market is very huge and provides a great variety of manufacturers and models causing a strong heterogeneity of the tools adopted to retrieve smartphone contents in a forensically sound way: in fact, in most cases, the mobile devices manufacturers implement their own (proprietary) protocols on the proprietary cable-jack and the proprietary OSs, causing the forensic operators to be overwhelmed by the one-on-one tools for every single mobile device. This paper aims to propose a new methodology and a tool to acquire the data by using the removable memory cards (e.g. SD, mini SD, MMC etc). This approach could represent a breakthrough in the mobile forensics, since the developed tool could replace the plethora of the hardware tools currently used. In this paper, firstly, we will summarize the current seizure methodology and its related problems when applied to the mobile device scenario. Then, we will introduce an alternative methodology to seize and examine the data from internal memory, overcoming some problems of the traditional methodology. At the end, we will show some experimental results of this methodology, obtained from a real device.\",\"PeriodicalId\":162608,\"journal\":{\"name\":\"2008 IEEE International Symposium on Parallel and Distributed Processing\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-04-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"37\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 IEEE International Symposium on Parallel and Distributed Processing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IPDPS.2008.4536557\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 IEEE International Symposium on Parallel and Distributed Processing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IPDPS.2008.4536557","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Internal forensic acquisition for mobile equipments
Several technologies and products have emerged in the market lately for Personal Digital Assistants and smartphone data forensic acquisition. The smartphone market is very huge and provides a great variety of manufacturers and models causing a strong heterogeneity of the tools adopted to retrieve smartphone contents in a forensically sound way: in fact, in most cases, the mobile devices manufacturers implement their own (proprietary) protocols on the proprietary cable-jack and the proprietary OSs, causing the forensic operators to be overwhelmed by the one-on-one tools for every single mobile device. This paper aims to propose a new methodology and a tool to acquire the data by using the removable memory cards (e.g. SD, mini SD, MMC etc). This approach could represent a breakthrough in the mobile forensics, since the developed tool could replace the plethora of the hardware tools currently used. In this paper, firstly, we will summarize the current seizure methodology and its related problems when applied to the mobile device scenario. Then, we will introduce an alternative methodology to seize and examine the data from internal memory, overcoming some problems of the traditional methodology. At the end, we will show some experimental results of this methodology, obtained from a real device.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
