Symbian Smartphone Forensics: Linear Bitwise Data Acquisition and Fragmentation Analysis

Thing, Vrizlynn L. L.; Chua, Tong-Wei

doi:10.1007/978-3-642-35264-5_9

Cited by 8 publications

(5 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…They also presented reverse-engineering analysis work on the active and deleted SMS recovery from the onphone memory of Symbian OS. In addition, Thing and Chua was proposed a forensics evidentiary acquisition tool for Symbian OS [31]. Their acquisition tool was built to support a low-level bit-by-bit acquisition of the phone's internal flash memory, including the unallocated space.…”

Section: Symbian Osmentioning

confidence: 99%

Advances of Mobile Forensic Procedures in Firefox OS

Yusoff¹

2014

IJCSDF

View full text Add to dashboard Cite

The advancement of smartphone technology has attracted many companies in developing mobile operating system (OS). Mozilla Corporation recently released Linux-based open source mobile OS, named Firefox OS. The emergence of Firefox OS has created new challenges, concentrations and opportunities for digital investigators. In general, Firefox OS is designed to allow smartphones to communicate directly with HTML5 applications using JavaScript and newly introduced WebAPI. However, the used of JavaScript in HTML5 applications and solely no OS restriction might lead to security issues and potential exploits. Therefore, forensic analysis for Firefox OS is urgently needed in order to investigate any criminal intentions. This paper will present an overview and methodology of mobile forensic procedures in forensically sound manner for Firefox OS.

show abstract

Section: Symbian Osmentioning

confidence: 99%

Advances of Mobile Forensic Procedures in Firefox OS

Yusoff¹

2014

IJCSDF

View full text Add to dashboard Cite

show abstract

“…The test subject phone was a Nokia N97 running the S60 5th edition. The Thing and Chua, 2012). The Acquisition Program triggered the Memory Extraction Module, which stored the bitwise copy of the memory image at a removable storage media.…”

Section: Symbian Forensicsmentioning

confidence: 99%

A critical review of 7 years of Mobile Device Forensics

Barmpatsalou

Damopoulos

Kambourakis

et al. 2013

Digital Investigation

View full text Add to dashboard Cite

“…In the same year (2012), Thing and Chua [12] proposed a low-level linear bitwise data acquisition technique for the Symbian OS version 9.4 phones to support evidentiary file carving. A study and analysis of how files are stored and fragmented on the Symbian smartphone flash memory was also carried out.…”

Section: History Of Symbian Smartphone Forensicsmentioning

confidence: 99%

“…logical data acquisition) from the Subscriber Identity Module (SIM), memory cards and the internal flash memory [2][3][4][5][6][7][8]. There exists research work focusing on the low-level physical accquisition of raw data from the mobile phones' non-volatile memories [9][10][11][12], to support indepth forensics investigations and evidence analysis, but did not take the volatile memories into consideration.…”

Section: Introductionmentioning

confidence: 99%

Smartphone Volatile Memory Acquisition for Security Analysis and Forensics Investigation

Thing

Chua

2013

Security and Privacy Protection in Information Processing Systems

Self Cite

View full text Add to dashboard Cite

In this paper, we first identify the need to be equipped with the capability to perform raw volatile memory data acquisition from live smartphones. We then investigate and discuss the potential of different approaches to achieve this task on Symbian smartphones. Based on our initial analysis, we propose a simple, flexible and portable approach which can have a full-coverage view of the memory space, to acquire the raw volatile memory data from commercial Symbian smartphones. We develop the tool to conduct the proof-of-concept experiments on the phones, and are able to acquire the volatile memory data successfully. A discussion on the problems we have encountered, the solutions we have proposed and the observations we have made in this research is provided. With the acquired data, we conduct an analysis on the memory images of the identified memory regions of interest, and propose a methodology for the purpose of in-depth malware security and forensics analysis.

show abstract

Symbian Smartphone Forensics: Linear Bitwise Data Acquisition and Fragmentation Analysis

Cited by 8 publications

References 5 publications

Advances of Mobile Forensic Procedures in Firefox OS

Advances of Mobile Forensic Procedures in Firefox OS

A critical review of 7 years of Mobile Device Forensics

Smartphone Volatile Memory Acquisition for Security Analysis and Forensics Investigation

Contact Info

Product

Resources

About