Friday 29 March 2013

Digital CCTV Forensic Data Recovery Research

Most probably, because of our paper in ifip recently, digital CCTV forensic data recovery is emerging in the academic research.

http://www.ifip119.org/Conferences/ConferenceProgram2013.pdf

Data Recovery From Proprietary-Formatted Files CCTV Hard Disks
A. Ariffin, J. Slay and K.K.R Choo
University of South Australia, Mawson Lakes, Australia

See below in another conference in New Zealand.
http://www.sec2013.org/Conference/CallforPapers/DigitalForensics.aspx 

28th IFIP TC-11 SEC 2013 International Information
Security and Privacy Conference

Auckland, New Zealand, 8-10 July 2013

The 2013 Digital Forensics International Conference
“Digital Forensic Cases, Tools & Techniques”
July 8 & 9
Final Call for Presentations
Closes Friday 17 May 2013

The final call for papers closes 17 May for industry or applied digital forensic presentations examining digital forensic innovation, cases, tools and techniques.

AUT University Digital Forensic Research Laboratories is hosting in association with the 28th IFIP TC-11 SEC 2013 International Information Security and Privacy Conference, Auckland, New Zealand, 8-10 July 2013 The 2013 Digital Forensics International Conference.

Presentations are invited from Practitioners and Researchers to bring together the best of practice and innovation in the field. As Digital Forensics has differentiated from its Security and Computing roots rapid and path changing approaches are evolving that are contributing to a better fit of the legal, managerial and IT worlds.

If you wish to be a part of these two days examining the current state of Digital Forensic practice - then send in your abstract (150 words).

Presentations are accepted in three themes:
1)      Cases: Legal Cases, Employer Risk, Professional Practice, Standardisation
2)      Tools: Reliability, Functionality, Testing, Development, Demonstrations
3)      Techniques: Mobile Devices, Extraction Practices,  Preservation Skills, Network Forensics,
         Environmental Forensics, CCTV & Image/Visual Intelligence, GPS, Seganographic
         techniques

Tuesday 19 March 2013

iOS Forensics: The death of data carving

With the iPhone encryption system...foremost...scalpel...mmm...:(...they are obsolete.

Btw, I've completed my research on iPhone anti-forensics :)...writing another paper.

The iOS won't be able to detect it...hahaha

Hacking effaceable area...lwvm...IOKit...etc...etc...mmm...


Friday 8 March 2013

iOS Forensics: cprotect.h

It is important for you to understand this attribute.
struct cp_xattr {
 u_int16_t xattr_major_version;
 u_int16_t xattr_minor_version;
 u_int32_t flags;
 u_int32_t persistent_class;
 u_int32_t key_size;
 uint8_t  persistent_key[CP_WRAPPEDKEYSIZE]; 
}; 
Playing around with iPhone...:) 
 
 

Saturday 2 March 2013

iOS Forensics: iPad 2 - A Step by Step Guide

I'm so relief :)...iOS paper submitted. Not easy...:(...but manage to break the hierarchical encryption file system - cryptography.

Mmm...EMF, DKey and per-file keys.

3334ef111ea88f66abcccbe5606f777cafc91f5e7932a666cb77a45cb75d888b

Most importantly, how you do it in a "forensically sound" manner (needed by digital forensics practitioners).

Next is iPad 2 forensics!