Trends in Mobile Device Forensics - Paralegal Rajewski - Mobile... · 2016-10-05 · 8/29/2016 1 Trends in Mobile Device Forensics Jonathan Rajewski, MS, CCE, CFE, CISSP, ENCE, TJFC

8/29/2016

1

Trends in Mobile Device Forensics

Jonathan Rajewski, MS, CCE, CFE, CISSP, ENCE, TJFCDirector - Senator Leahy Center for Digital InvestigationAssociate Professor - Digital Forensics | Cyber SecurityDigital Forensic Examiner - Vermont Internet Crimes Against Children Task Force

@[email protected]

8/29/2016

2

Jonathan Rajewski, MSDirector - Senator Leahy Center for Digital InvestigationAssociate Professor - Digital Forensics | Cyber SecurityDigital Forensic Examiner - Vermont Internet Crimes Against Children Task Force

@[email protected]

Professional CertificationsCCE, CFE, CISSP, ENCE, TJFCProfessional AssociationsBoard Member - BTV Ignite, DFCB – Digital Forensic Certified Practitioner “Founder”, CDFS - Consortium of Digital Forensic Specialists, ISFCE – International Society of Forensic Computer Examiners, ACFE – Association of Certified Fraud Examiners, HTCC – High Tech Crime Consortium

Recent Awards/Recognition 2014 US Ignite Application Summit Best Public Safety Application2014 Honored by FBI director James B. Comey2013 4 under 40 - Hilbert College

2013 C. Bader Brouilette Alumni Leadership Award - Champlain College2012 Top Digital Forensic Professor – Digital Forensics - Princeton Review2012 Best 300 Professors in the United States - Princeton Review 2011 Digital Forensic Examiner of the Year - Forensic 4cast Awards

s

8/29/2016

3

What is Digital Forensics?

What is Mobile Device Forensics?

http://kevinlanni.com/wp-content/uploads/2016/03/mobile-devices-2-1.png

8/29/2016

4

Mobile Device Forensics

Criminal Cases Corporate Cases Investigations

Do you have legal authority to search the device?

Which types of data is available?

• BehavioralLocationClicks/swipesActivity

• DevicePhotos/VideoDatabases

8/29/2016

5

Trend 1The Internet of Things is/will be everywhere

Internet of Things

20,000,000,000

http://www.gartner.com/newsroom/id/3165317

8/29/2016

6

Amazon Echo• Alexa is always

listening

• Amazon keepstrack of requests

• Forensics canreveal what wassaid and possiblythe voice of theperson speaking

Nest

These devices all work together to help monitor/cool/heat a location

8/29/2016

7

Nest• Given just the mobile device with the Nest app

installed, forensics can prove a LOT of things…

Trend 2Devices are encrypted

8/29/2016

8

So where is this data?

8/29/2016

9

How can you extract the data• There are thousands of phones on the market in

the United States.

• Hire a qualified expert that can explain exactlywhat they will be doing - not just “I’m going to use“X” Tool…

How can you extract the data?

• Manually review the phone (photos)

• Software Extraction

• Nondestructive Physical Extraction

• Destructive Physical Extraction

8/29/2016

10

Cloud Services

If you’re not paying for it, you are the product

8/29/2016

11

Facebook data?

Trend 3Wearables

8/29/2016

12

Cellular Service Provider

Internet ServiceProvider

GPS Tracking

8/29/2016

13

Trend 4Infotainment Syetems

Internet ServiceProvider

8/29/2016

14

Trend 5Artifacts are getting better

Wifi Tracking

8/29/2016

15

Wifi TrackingEvery mobile device with Wifi has a “MAC

Address”. This is like a serial number for the wifi connection. This data can be used to profile users and track their movements from access point to

access point.

8/29/2016

16

Please connect to our free wifi

Practical Scenario

8/29/2016

17

Practical Scenario

Practical Scenario

8/29/2016

18

Jonathan Rajewski, MS, CCE, CFE, CISSP, ENCEDirector - Senator Leahy Center for Digital InvestigationAssistant Professor - Digital Forensics | Cyber SecurityDigital Forensic Examiner - Vermont Internet Crimes Against Children Task Force

@[email protected]

Thank you!

[email protected]