Paper accepted!

Our paper for the SICHERHEIT 2010 in Berlin has been accepted. So we will give our presentation about the chances and obstacles of secure deletion on Symbian smartphones at the 6th of October.

See you all in Berlin!

Towards Secure Deletion On Smartphones

The last days we worked on a paper for the Sicherheit 2010 conference. You can find the abstract of this paper here after.

Abstract: Nowadays, smartphones constitute one of the most commonly used electronic devices. Today’s smartphones combine a variety of different technologies: they offer in addition to excellent mobile availability and connectivity also high-speed data transfer for the user. Moreover, they are multimedia capable due to their integrated digital camera or music player, and offer a wide variety of communication services like e-mail, SMS or MMS. Consequently, they are used increasingly as a “mobile office”. In this paper, we outline the possibilities and obstacles of secure deletion, namely the problem of deleting sensitive data on a smartphone in such a way that this data cannot be restored during a later forensic investigation. In order to guarantee the complete deletion of data, it would be necessary to access the memory chip directly such that we can overwrite the address space of existing data with arbitrary data. However, this approach is not possible when dealing with smartphones due to several reasons. On the one hand, the user’s activities are restricted on the device, which implies that farreaching system interventions cannot be conducted easily. On the other hand, writing on a specific physical address is hindered due to the use of “wear leveling” algorithms on flash chips, which are intended to optimize durability. We discuss these problems in detail and introduce an approach to more securely delete data under certain constraints.

We are hoping that it will be accepted.

diploma thesis: published version

If you want to read the final version of my diploma thesis don’t hesitate to write an email.

diploma thesis

Because of data privacy the published version doesn’t contain Chapter 4 (the functionality as well as the applicability of the developed tool is tested on several mobile phones by analyzing extracted data in a forensic way).

Mobile Phone Forensic Toolkit: Terminal view

Within the scope of this diploma thesis, a tool for forensic analysis of Twister Box dumps for Nokia smartphones has been developed. The tool contains sev- eral scripts which are written in Python. The various scripts correspond to modules which are responsible for certain telephone functions (address book, SMS, call history, etc.). Those are accessed via a global script. The global script accepts the Twister Box dump file, the mobile phone type and the reporting type as an argument.

After starting the tool, data processing is initiated as shown in the figure above. Here we tryed to analyze a Nokia 6500.