Biblio
Filters: Author is MacDermott, Áine [Clear All Filters]
Discord Server Forensics: Analysis and Extraction of Digital Evidence. 2021 11th IFIP International Conference on New Technologies, Mobility and Security (NTMS). :1—8.
.
2021. In recent years we can observe that digital forensics is being applied to a variety of domains as nearly any data can become valuable forensic evidence. The sheer scope of web-based investigations provides a vast amount of information. Due to a rapid increase in the number of cybercrimes the importance of application-specific forensics is greater than ever. Criminals use the application not only to communicate but also to facilitate crimes. It came to our attention that the gaming chat application Discord is one of them. Discord allows its users to send text messages as well as exchange image, video, and audio files. While Discord's community is not as large as that of the most popular messaging apps the stable growth of its userbase and recent incidents indicate that it is used by criminals. This paper presents our research into the digital forensic analysis of Discord client-side artefacts and presents experimental development of a tool for extraction, analysis, and presentation of the data from Discord application. The work then proposes a solution in form of a tool, `DiscFor', that can retrieve information from the application's local files and cache storage.
Forensic Analysis of Fitbit Versa: Android vs iOS. 2021 IEEE Security and Privacy Workshops (SPW). :318–326.
.
2021. Fitbit Versa is the most popular of its predecessors and successors in the Fitbit faction. Increasingly data stored on these smart fitness devices, their linked applications and cloud datacenters are being used for criminal convictions. There is limited research for investigators on wearable devices and specifically exploring evidence identification and methods of extraction. In this paper we present our analysis of Fitbit Versa using Cellebrite UFED and MSAB XRY. We present a clear scope for investigation and data significance based on the findings from our experiments. The data recovery will include logical and physical extractions using devices running Android 9 and iOS 12, comparing between Cellebrite and XRY capabilities. This paper discusses databases and datatypes that can be recovered using different extraction and analysis techniques, providing a robust outlook of data availability. We also discuss the accuracy of recorded data compared to planned test instances, verifying the accuracy of individual data types. The verifiable accuracy of some datatypes could prove useful if such data was required during the evidentiary processes of a forensic investigation.
Privacy Preserving Issues in the Dynamic Internet of Things (IoT). 2020 International Symposium on Networks, Computers and Communications (ISNCC). :1–6.
.
2020. Convergence of critical infrastructure and data, including government and enterprise, to the dynamic Internet of Things (IoT) environment and future digital ecosystems exhibit significant challenges for privacy and identity in these interconnected domains. There are an increasing variety of devices and technologies being introduced, rendering existing security tools inadequate to deal with the dynamic scale and varying actors. The IoT is increasingly data driven with user sovereignty being essential - and actors in varying scenarios including user/customer, device, manufacturer, third party processor, etc. Therefore, flexible frameworks and diverse security requirements for such sensitive environments are needed to secure identities and authenticate IoT devices and their data, protecting privacy and integrity. In this paper we present a review of the principles, techniques and algorithms that can be adapted from other distributed computing paradigms. Said review will be used in application to the development of a collaborative decision-making framework for heterogeneous entities in a distributed domain, whilst simultaneously highlighting privacy preserving issues in the IoT. In addition, we present our trust-based privacy preserving schema using Dempster-Shafer theory of evidence. While still in its infancy, this application could help maintain a level of privacy and nonrepudiation in collaborative environments such as the IoT.
Forensic Analysis of Wearable Devices: Fitbit, Garmin and HETP Watches. 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS). :1–6.
.
2019. Wearable technology has been on an exponential rise and shows no signs of slowing down. One category of wearable technology is Fitness bands, which have the potential to show a user's activity levels and location data. Such information stored in fitness bands is just the beginning of a long trail of evidence fitness bands can store, which represents a huge opportunity to digital forensic practitioners. On the surface of recent work and research in this area, there does not appear to be any similar work that has already taken place on fitness bands and particularly, the devices in this study, a Garmin Forerunner 110, a Fitbit Charge HR and a Generic low-cost HETP fitness tracker. In this paper, we present our analysis of these devices for any possible digital evidence in a forensically sound manner, identifying files of interest and location data on the device. Data accuracy and validity of the evidence is shown, as a test run scenario wearing all of the devices allowed for data comparison analysis.