research project 2 forensic challenge
play

Research Project 2: Forensic Challenge Axel Puppe & Joeri - PowerPoint PPT Presentation

May 20, 2023 •229 likes •413 views

Outline Introduction Method FAT Walker Xarver Investigation Conclusion Research Project 2: Forensic Challenge Axel Puppe & Joeri Blokhuis June 30, 2010 Axel Puppe & Joeri Blokhuis Research Project 2: Forensic Challenge Outline

  1. Outline Introduction Method FAT Walker Xarver Investigation Conclusion Research Project 2: Forensic Challenge Axel Puppe & Joeri Blokhuis June 30, 2010 Axel Puppe & Joeri Blokhuis Research Project 2: Forensic Challenge

  2. Outline Introduction Method FAT Walker Xarver Investigation Conclusion Introduction Method FAT Walker Xarver Investigation Conclusion Axel Puppe & Joeri Blokhuis Research Project 2: Forensic Challenge

  3. Outline Introduction Method FAT Walker Xarver Investigation Conclusion Digital Forensic Research Workshop (DFRWS) ◮ Founded in 2001, annual meeting ◮ Advancing digital forensic science ◮ Target crowd: ◮ University researchers ◮ Computer forensic examiners ◮ Analysts ◮ Since 2005 annual challenge Axel Puppe & Joeri Blokhuis Research Project 2: Forensic Challenge

  4. Outline Introduction Method FAT Walker Xarver Investigation Conclusion Scenario ◮ Suspected arms dealer ◮ Recovered phone from canal (memory dumps) ◮ Questions: ◮ Evidence connecting suspect to the sale of arms ◮ Evidence of the receipt of payment ◮ Recovery of any other leads: individuals, companies, or bank accounts Axel Puppe & Joeri Blokhuis Research Project 2: Forensic Challenge

  5. Outline Introduction Method FAT Walker Xarver Investigation Conclusion What information can be expected in a mobile phone? ◮ Phone data ◮ Internet data ◮ Log ◮ Browser ◮ Phone calls ◮ History ◮ Text messages ◮ Cache ◮ Bookmarks ◮ Calendar ◮ E-mail ◮ Appointments ◮ Reminders ◮ Sent ◮ Birthdays ◮ Received ◮ Drafts ◮ Address book ◮ Deleted ◮ File data ◮ Account settings ◮ Multimedia files ◮ Instant messaging ◮ Audio ◮ Video ◮ Photos ◮ Documents Axel Puppe & Joeri Blokhuis Research Project 2: Forensic Challenge

  6. Outline Introduction Method FAT Walker Xarver Investigation Conclusion ◮ Standard forensic tools ◮ Developed forensic tools ◮ FAT Walker ◮ Xarver Axel Puppe & Joeri Blokhuis Research Project 2: Forensic Challenge

  7. Outline Introduction Method FAT Walker Xarver Investigation Conclusion Standard Forensic tools ◮ Unsuccessful : Autopsy/Sleuthkit, Encase, FTK, Paraben Cell Seizure, pyflag ◮ Beneficial : Scalpel(carving), Standard Linux commands(strings, file, grep), Google goggles. Figure: Picture taken and identified by Google goggles Axel Puppe & Joeri Blokhuis Research Project 2: Forensic Challenge

  8. Outline Introduction Method FAT Walker Xarver Investigation Conclusion FAT ◮ Extract Directory Table Entries ◮ On physical memory dumps ◮ Filenames/Extension, MAC times ( Modified/Access/Creation ) ◮ Benefits for a forensic investigator: ◮ Initial research ◮ Possible user behaviour on the phone ◮ Last created files ◮ Build an absolute path (depending on the parent and current directory) Axel Puppe & Joeri Blokhuis Research Project 2: Forensic Challenge

  9. Outline Introduction Method FAT Walker Xarver Investigation Conclusion Screenshot ◮ Memory dump 1: ◮ Only two distinct MAC times ◮ Memory dump 2: ◮ Clear gap from 2008 to 2010 ◮ Top files created since 2010: JPG, BIN, DAT and XML. ◮ Not updated: Access and Modification time ◮ Decide possible focus! Axel Puppe & Joeri Blokhuis Research Project 2: Forensic Challenge

  10. Outline Introduction Method FAT Walker Xarver Investigation Conclusion XML <?xml version="1.0" encoding="UTF-8" ?> <Forensics> <Unit> <Name> The Netherlands Forensic Institute </Name> <City> The Hague </City> </Unit> <Unit> <Name> New Scotland Yard </Name> <City> London </City> </Unit> </Forensics> Axel Puppe & Joeri Blokhuis Research Project 2: Forensic Challenge

  11. Outline Introduction Method FAT Walker Xarver Investigation Conclusion XML ◮ XML Usage: ◮ Sim Cards ◮ Databases ◮ Open Office XML ◮ Mobile phone (Android) applications ◮ And more. . . ◮ Xarver features: ◮ Read raw data ◮ Build XML tree ◮ Deal with damaged XML ◮ Gives offsets of original data Axel Puppe & Joeri Blokhuis Research Project 2: Forensic Challenge

  12. Outline Introduction Method FAT Walker Xarver Investigation Conclusion Screenshot Axel Puppe & Joeri Blokhuis Research Project 2: Forensic Challenge

  13. Outline Introduction Method FAT Walker Xarver Investigation Conclusion Combining the tools Axel Puppe & Joeri Blokhuis Research Project 2: Forensic Challenge

  14. Outline Introduction Method FAT Walker Xarver Investigation Conclusion Xarver results ◮ MMS ◮ Subjects: Look at this, This?, Contact, . . . ◮ Email ◮ Subjects: Buy, Engine, Payment, . . . ◮ Email Settings ◮ Email address ◮ Username ◮ Password ◮ And more. . . ◮ Call log Axel Puppe & Joeri Blokhuis Research Project 2: Forensic Challenge

  15. Outline Introduction Method FAT Walker Xarver Investigation Conclusion Pictures Axel Puppe & Joeri Blokhuis Research Project 2: Forensic Challenge

  16. Outline Introduction Method FAT Walker Xarver Investigation Conclusion Conclusion ◮ Evidence connecting suspect to the sale of arms ◮ Found emails + pictures ◮ Evidence of the receipt of payment ◮ Suspected email (subject: ‘payment’) ◮ Recovery of any other leads: individuals, companies, or bank accounts ◮ Individuals yes, Companies/Bank account(s) nothing so far. . . Axel Puppe & Joeri Blokhuis Research Project 2: Forensic Challenge

  17. Outline Introduction Method FAT Walker Xarver Investigation Conclusion Questions Questions? Axel Puppe & Joeri Blokhuis Research Project 2: Forensic Challenge

Recommend

Forensic Challenge V2.0 UNAM-CERT RedIRIS Topics * Forensic Challenge V1.0 * Forensic

Forensic Challenge V2.0 UNAM-CERT RedIRIS Topics * Forensic Challenge V1.0 * Forensic

Forensic Challenge V2.0 UNAM-CERT RedIRIS Topics * Forensic Challenge V1.0 * Forensic Challenge V2.0 * Conclusions Introduction Why this forensic Challenge ? * To promote and impulse the Forensic Analysis in our Region -- Hispanoamerica--

558 views • 19 slides
Why This Workshop? In 2009 the Research Council of the National Academy of Sciences issues a

Why This Workshop? In 2009 the Research Council of the National Academy of Sciences issues a

Specialized Topics in Ethical Forensic Practice, Part 3: Bias in Forensic Evaluations November 18, 2015 Ohio MHAS Forensic Conference Columbus, OH Terry Kukor, Ph.D., ABPP Board Certified in Forensic Psychology Director of Forensic Services Netcare

972 views • 23 slides
Expectancy bias and Bias and forensic evidence Bias and speech research forensic speech

Expectancy bias and Bias and forensic evidence Bias and speech research forensic speech

Overview Bias effects Expectancy bias and Bias and forensic evidence Bias and speech research forensic speech research Blind forensic speech research Maartje Schreuder TMFI / Maastricht University I AFPA 2011 Bundeskrim

180 views • 7 slides
Challenges in Crime Scene Investigation Technical challenges in forensic STR profiling

Challenges in Crime Scene Investigation Technical challenges in forensic STR profiling

Epigenetics a New Perspective for Improving Forensic Science p g Hwan Young Lee, Ph.D. Department of Forensic Medicine Yonsei University College of Medicine Current Forensic DNA Typing Forensic cases -- matching suspect with evidence

247 views • 13 slides
Objectives 1. Articulate the rationale for restructuring forensic evaluation reports 2. Identify

Objectives 1. Articulate the rationale for restructuring forensic evaluation reports 2. Identify

11/5/2015 Specialized Topics in Ethical Forensic Practice, Part 1: Restructured Forensic Reports Presented For OhioMHAS Forensic Conference November 18, 2015 Terry Kukor, Ph.D., ABPP (Forensic) Joy Stankowski, M.D. Aracelis (Liz) Rivera, Psy.D.

451 views • 17 slides
T and Science of Forensic Monitoring Forensic Monitor may be employed by one Board or a

T and Science of Forensic Monitoring Forensic Monitor may be employed by one Board or a

11/5/2015 The T and Science of Forensic Monitoring Robert N. Baker, PhD Jeannie Cool, PCC-S Lottie Gray, MSSA, LISW, CDCA Julia King, PsyD, MBA T and Science of Forensic Monitoring Has your boss just told you? You are our New Forensic

389 views • 24 slides
Digital Forensics Research Workshop Challenge 2009 Wouter van Dongen, Alain van Hoof Research

Digital Forensics Research Workshop Challenge 2009 Wouter van Dongen, Alain van Hoof Research

Digital Forensics Research Workshop Challenge 2009 Wouter van Dongen, Alain van Hoof Research Project 2 1 July 2009 1 Research project 2 Introduction Challenge details Research questions Method Time zones and Linux time

353 views • 18 slides
Specialized Topics in Ethical Forensic Practice, Part 3: Bias in Forensic Evaluations November 18,

Specialized Topics in Ethical Forensic Practice, Part 3: Bias in Forensic Evaluations November 18,

Specialized Topics in Ethical Forensic Practice, Part 3: Bias in Forensic Evaluations November 18, 2015 Ohio MHAS Forensic Conference Columbus, OH Terry Kukor, Ph.D., ABPP Board Certified in Forensic Psychology Director of Forensic Services Netcare

1.29k views • 67 slides
THE NEW FORENSIC PATIENT Learning Objectives Review the epidemiology of forensic populations

THE NEW FORENSIC PATIENT Learning Objectives Review the epidemiology of forensic populations

THE NEW FORENSIC PATIENT Learning Objectives Review the epidemiology of forensic populations Explore various clinical presentations seen in forensic settings Implement evidence-based and novel treatment strategies to the new forensic

946 views • 80 slides
alcohol support groups for forensic inpatient and discharged service users Project lead: Dr

alcohol support groups for forensic inpatient and discharged service users Project lead: Dr

Improving attendance at drug and alcohol support groups for forensic inpatient and discharged service users Project lead: Dr Nikki Wood, Principal Clinical Psychologist and Head of Forensic Substance Use Support Service Project team: SUSS

247 views • 7 slides
Forensic Voice Comparison and Forensic Acoustics 1 Value and Interpretation of Biometric

Forensic Voice Comparison and Forensic Acoustics 1 Value and Interpretation of Biometric

Forensic Voice Comparison and Forensic Acoustics 1 Value and Interpretation of Biometric Evidence in Forensic Automatic Speaker Recognition Dr. Andrzej Drygajlo Speech Processing and Biometrics Group Swiss Federal Institute of Technology

546 views • 44 slides
Regional Forensic Trainings 2013 Pathways to Conditional Release: An Overview of the Forensic

Regional Forensic Trainings 2013 Pathways to Conditional Release: An Overview of the Forensic

Regional Forensic Trainings 2013 Pathways to Conditional Release: An Overview of the Forensic Mental Health System Robert N. Baker, PhD Assistant Chief Office of Forensic Services, ODMH Objectives Provide an overview of the forensic

581 views • 40 slides
T and Science of Forensic Monitoring Has your boss just told you? You are our New Forensic

T and Science of Forensic Monitoring Has your boss just told you? You are our New Forensic

The T and Science of Forensic Monitoring Robert N. Baker, PhD Jeannie Cool, PCC-S Lottie Gray, MSSA, LISW, CDCA Julia King, PsyD, MBA T and Science of Forensic Monitoring Has your boss just told you? You are our New Forensic Monitor.

834 views • 70 slides
Oracle Database Audit Scripts, Privacy &amp; Security considerations Challenge: Forensic analysis

Oracle Database Audit Scripts, Privacy &amp; Security considerations Challenge: Forensic analysis

Oracle Database Audit Scripts, Privacy &amp; Security considerations Challenge: Forensic analysis of license French case law concluded that that Oracle's scripts are scripting much more data than what is legally relevant usage on Oracle

117 views • 9 slides
Current Forensic DNA Typing o Forensic cases -- matching suspect with evidence Involves generation

Current Forensic DNA Typing o Forensic cases -- matching suspect with evidence Involves generation

Epigenetic age signatures in the forensically relevant body fluid of semen Hwan Yong Lee Department of Forensic Medicine Yonsei University College of Medicine Seoul, Korea Current Forensic DNA Typing o Forensic cases -- matching suspect with

533 views • 14 slides
The counter-hegemonic challenge of Polish neo-traditionalism. This research is part of a project

The counter-hegemonic challenge of Polish neo-traditionalism. This research is part of a project

FATIGUE Comparative Analysis Workshop: Discourse The role of culture and tradition in the shift towards illiberal democracy: The counter-hegemonic challenge of Polish neo-traditionalism. This research is part of a project that has received

317 views • 13 slides
Forensic Feature Extraction and Cross-Drive Analysis Simson L. Garfinkel Center for Research on

Forensic Feature Extraction and Cross-Drive Analysis Simson L. Garfinkel Center for Research on

Forensic Feature Extraction and Cross-Drive Analysis Simson L. Garfinkel Center for Research on Computation and Society Harvard University 1:15pm, Tuesday, August 15, 2006 1 Todays forensic tools are designed for one drive at a time.

552 views • 34 slides
National Commission on Forensic Science Washington, DC December 8, 2015 AAAS Project Staff Mark

National Commission on Forensic Science Washington, DC December 8, 2015 AAAS Project Staff Mark

Forensic Science Assessments A Quality and Gap Analysis National Commission on Forensic Science Washington, DC December 8, 2015 AAAS Project Staff Mark S. Frankel , Deborah Runkle , Michelle Barretta Scientific Responsibility, Human Rights and

378 views • 13 slides
10. Forensic Issues I A MERICAN P SYCHOLOGICAL A SSOCIATION Forensic Issues For people with SMI,

10. Forensic Issues I A MERICAN P SYCHOLOGICAL A SSOCIATION Forensic Issues For people with SMI,

10. Forensic Issues I A MERICAN P SYCHOLOGICAL A SSOCIATION Forensic Issues For people with SMI, the prevalence of containment in prison/forensic system is high: men 15%; women 31% For people exhibiting symptoms: 67 % greater likelihood of

366 views • 7 slides
GOJ Audit Commission Conference 2016 PRESENTS : FORENSIC Forensic Audits-Help for Todays

GOJ Audit Commission Conference 2016 PRESENTS : FORENSIC Forensic Audits-Help for Todays

GOJ Audit Commission Conference 2016 PRESENTS : FORENSIC Forensic Audits-Help for Todays Entity Thursday, October 27, 2016 PRESENTER : COLLIN A. A. GREENLAND, Forensic Accountant, MBA, FJIM, CFE, CFSA, CFC. 1 To Sensitize /

1.12k views • 88 slides
Forensic and I nvestigative Speaker Recognition: Situation BKA Odyssey 2016 June 21-24, Bilbao,

Forensic and I nvestigative Speaker Recognition: Situation BKA Odyssey 2016 June 21-24, Bilbao,

Forensic and I nvestigative Speaker Recognition: Situation BKA Odyssey 2016 June 21-24, Bilbao, Spain Michael Jessen BKA, Forensic Science Institute: Forensic Speech &amp; Audio Department Guidelines Forensic Semiautomatic and Automatic

308 views • 13 slides
Cannabis Some Challenges with Determining Impairment - A Forensic Toxicologists

Cannabis Some Challenges with Determining Impairment - A Forensic Toxicologists

Cannabis Some Challenges with Determining Impairment - A Forensic Toxicologists Perspective. Dr. Michael R. Corbett Ph.D., LL.M., F-ABFT, FCSFS Forensic Toxicologist, Chemical Review Services Inc. Adjunct Professor, Forensic Science

688 views • 38 slides
Arizona FAF$A Challenge Julie Sainz, M.Ed. Arizona FAF$A Challenge Project Manager Arizona

Arizona FAF$A Challenge Julie Sainz, M.Ed. Arizona FAF$A Challenge Project Manager Arizona

Arizona FAF$A Challenge Julie Sainz, M.Ed. Arizona FAF$A Challenge Project Manager Arizona Commission for Postsecondary Education Agenda Agenda What is the AZ FAF$A Challenge New State Goal Challenge Categories Incentives

666 views • 21 slides
Forensic Mental Health Care in the Texas State Hospital System Matthew Faubion, M.D. Forensic

Forensic Mental Health Care in the Texas State Hospital System Matthew Faubion, M.D. Forensic

Forensic Mental Health Care in the Texas State Hospital System Matthew Faubion, M.D. Forensic Psychiatrist Chief of Forensic Medicine Health and Specialty Care System HHSC Overview The Forensic Patient in Texas Pre-Admission Clinical

690 views • 37 slides

More recommend