mobile phone forensics and mobile malware
After some time of programming and writing on different papers the first screenshots of Panoptes are now available. The forensic software agent is now in the beta-testing period and as soon as it has left this stage it will be available for download here, too.
We just submitted a Paper and forensic Tool with the name ADEL to a call for papers. The tool as well as the complete paper will be available very soon for people of law enforcement agencies.
The tool can, by now, recover and analyze the following data:
– Call logs
– Contact and Calendar entries
– SMS and MMS messages
– Meta information about the smartphone and SIM
Abstract of the submitted paper:
Nowadays, smartphones are one of the most popular mediums of communication in the world. They are not only used for ordinary private and business purposes, they are also used by criminals for communication and as a target. Due to the ubiquitous use of smartphones, these devices become an increasingly important source of digital evidence in forensic investigations. Thus, the recovery of digital traces from smartphones often plays an essential role for the examination and clarification of the facts in a case. Although some tools already exist regarding the examination of smartphone data, there is still a strong demand to develop further methods and tools for forensic extraction and analysis of data that is stored on smartphones. In this paper we describe the specifications of smartphones running the popular Andoid operating system. We further introduce a newly developed tool – called ADEL – that is able to forensically extract and analyse selected data from an Android device. Finally, a detailed report containing the results of the examination is created by the tool. The whole process is fully automated and and takes account of all forensic principles.
Within the scope of the project “MobWorm”, which is funded by the BMBF, the Ruhr University, GData, Zynamics and the University of Erlangen-Nuremberg work together in the development of effective and protective measures against malicious software for mobile devices. Among the 50 project proposals submitted in accordance with the BMBF’s invitation landed “MobWorm” among the 7 best collaborative projects. I will work as a part of the University of Mannheim within this project for the next 2 years. So stay tuned for updates!
The slides from the SICHERHEIT 2010 conference are now available for download. Please feel free to leave a comment.
After a promising workshop in Dagstuhl last week I started to develop an Android-Version of my on phone forensic toolkit called “panoptes”. The first version will be available very soon, so stay tuned for it.
