Recovering Residual Forensic Data from Smartphone Interactions with Cloud Storage Providers

There is a growing demand for cloud storage services such as Dropbox, Box, Syncplicity and SugarSync. These public cloud storage services can store gigabytes of corporate and personal data in remote data centres around the world, which can then be synchronized to multiple devices. This creates an environment which is potentially conducive to security incidents, data breaches and other malicious activities. The forensic investigation of public cloud environments presents a number of new challenges for the digital forensics community. However, it is anticipated that end-devices such as smartphones, will retain data from these cloud storage services. This research investigates how forensic tools that are currently available to practitioners can be used to provide a practical solution for the problems related to investigating cloud storage environments. The research contribution is threefold. First, the findings from this research support the idea that end-devices which have been used to access cloud storage services can be used to provide a partial view of the evidence stored in the cloud service. Second, the research provides a comparison of the number of files which can be recovered from different versions of cloud storage applications. In doing so, it also supports the idea that amalgamating the files recovered from more than one device can result in the recovery of a more complete dataset. Third, the chapter contributes to the documentation and evidentiary discussion of the artefacts created from specific cloud storage applications and different versions of these applications on iOS and Android smartphones

BitTorrent Sync: Network Investigation Methodology

The volume of personal information and data most Internet users find themselves amassing is ever increasing and the fast pace of the modern world results in most requiring instant access to their files. Millions of these users turn to cloud based file synchronisation services, such as Dropbox, Microsoft Skydrive, Apple iCloud and Google Drive, to enable "always-on" access to their most up-to-date data from any computer or mobile device with an Internet connection. The prevalence of recent articles covering various invasion of privacy issues and data protection breaches in the media has caused many to review their online security practices with their personal information. To provide an alternative to cloud based file backup and synchronisation, BitTorrent Inc. released an alternative cloudless file backup and synchronisation service, named BitTorrent Sync to alpha testers in April 2013. BitTorrent Sync's popularity rose dramatically throughout 2013, reaching over two million active users by the end of the year. This paper outlines a number of scenarios where the network investigation of the service may prove invaluable as part of a digital forensic investigation. An investigation methodology is proposed outlining the required steps involved in retrieving digital evidence from the network and the results from a proof of concept investigation are presented.Comment: 9th International Conference on Availability, Reliability and Security (ARES 2014

Cloud computing and context-awareness: A study of the adapted user experience

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.Today, mobile technology is part of everyday life and activities and the mobile ecosystems are blossoming, with smartphones and tablets being the major growth drivers. The mobile phones are no longer just another device, we rely on their capabilities in work and in private. We look to our mobile phones for timely and updated information and we rely on this being provided any time of any day at any place. Nevertheless, no matter how much you trust and love your mobile phone the quality of the information and the user experience is directly associated with the sources and presentation of information. In this perspective, our activities, interactions and preferences help shape the quality of service, content and products we use. Context-aware systems use such information about end-users as input mechanisms for producing applications based on mobile, location, social, cloud and customized content services. This represents new possibilities for extracting aggregated user-centric information and includes novel sources for context-aware applications. Accordingly, a Design Research based approach has been taken to further investigate the creation, presentation and tailoring of user-centric information. Through user evaluated experiments findings show how multi-dimensional context-aware information can be used to create adaptive solutions tailoring the user experience to the users’ needs. Research findings in this work; highlight possible architectures for integration of cloud computing services in a heterogeneous mobile environment in future context-aware solutions. When it comes to combining context-aware results from local computations with those of cloud based services, the results provide findings that give users tailored and adapted experiences based on the collective efforts of the two

Ubiquitous Semantic Applications

As Semantic Web technology evolves many open areas emerge, which attract more research focus. In addition to quickly expanding Linked Open Data (LOD) cloud, various embeddable metadata formats (e.g. RDFa, microdata) are becoming more common. Corporations are already using existing Web of Data to create new technologies that were not possible before. Watson by IBM an artificial intelligence computer system capable of answering questions posed in natural language can be a great example. On the other hand, ubiquitous devices that have a large number of sensors and integrated devices are becoming increasingly powerful and fully featured computing platforms in our pockets and homes. For many people smartphones and tablet computers have already replaced traditional computers as their window to the Internet and to the Web. Hence, the management and presentation of information that is useful to a user is a main requirement for today’s smartphones. And it is becoming extremely important to provide access to the emerging Web of Data from the ubiquitous devices. In this thesis we investigate how ubiquitous devices can interact with the Semantic Web. We discovered that there are five different approaches for bringing the Semantic Web to ubiquitous devices. We have outlined and discussed in detail existing challenges in implementing this approaches in section 1.2. We have described a conceptual framework for ubiquitous semantic applications in chapter 4. We distinguish three client approaches for accessing semantic data using ubiquitous devices depending on how much of the semantic data processing is performed on the device itself (thin, hybrid and fat clients). These are discussed in chapter 5 along with the solution to every related challenge. Two provider approaches (fat and hybrid) can be distinguished for exposing data from ubiquitous devices on the Semantic Web. These are discussed in chapter 6 along with the solution to every related challenge. We conclude our work with a discussion on each of the contributions of the thesis and propose future work for each of the discussed approach in chapter 7

Toolbox application to support and enhance the mobile device forensics investigation process - breaking through the techniques available

Dissertation presented as the partial requirement for obtaining a Master's degree in Information Management, specialization in Knowledge Management and Business IntelligenceOne of the main topics that is discussed today is how can a person leverage on technology on a positive and secure way in order to enhance their daily life, making it a healthier, more productive, joyful and easier. However, with improvements in technology, comes challenges for which there is not yet a stable and safe way to overcome. One of the greatest challenges that people are faced has to do with their concern on their privacy and on the safeguard of their sensitive information that is stored in any device that one uses. In fact, one of the most used technology is the Mobile, which can take several forms, features, shapes, and many other components. In line manner, cybercrime is growing rapidly, targeting the exploitation and retrieval of information from these gadgets. Even so, with a Mobile, comes several challenges including a rapidly dynamic change in its landscape, an everincreasing diversity of mobile phones forms, integration of the information on a Mobile into the Cloud and IoT. As such, it’s vital to have a stable and safe toolbox that will enable a digital investigator to potentially prevent, detect and solve any issue that may be related to Mobile Device Forensics while solving out various investigations, being it criminal, civil, corporate or any other

The Proceedings of 14th Australian Digital Forensics Conference, 5-6 December 2016, Edith Cowan University, Perth, Australia

Conference Foreword This is the fifth year that the Australian Digital Forensics Conference has been held under the banner of the Security Research Institute, which is in part due to the success of the security conference program at ECU. As with previous years, the conference continues to see a quality papers with a number from local and international authors. 11 papers were submitted and following a double blind peer review process, 8 were accepted for final presentation and publication. Conferences such as these are simply not possible without willing volunteers who follow through with the commitment they have initially made, and I would like to take this opportunity to thank the conference committee for their tireless efforts in this regard. These efforts have included but not been limited to the reviewing and editing of the conference papers, and helping with the planning, organisation and execution of the conference. Particular thanks go to those international reviewers who took the time to review papers for the conference, irrespective of the fact that they are unable to attend this year. To our sponsors and supporters a vote of thanks for both the financial and moral support provided to the conference. Finally, to the student volunteers and staff of the ECU Security Research Institute, your efforts as always are appreciated and invaluable. Yours sincerely, Conference Chair Professor Craig Valli Director, Security Research Institut

A mobile CRM development for real estate

Real estate (RE) agents are professionals who need up-to-date and accurate information about their clients in order to maintain profitable and long-lasting relationships with each of them to prosper in such a competitive industry. The research focuses on one problem: unexistance of mobile solution, adapted to the needs of RE agents, that integrates only their needed features. The creation of this allows them to improve their performance and optimize their results, making it possible to invest more time in building relationships and less in secretarial tasks. The importance of solving this problem is related to the importance of optimizing work and resources in a highly abundant information industry. Through this service digitalization, the productivity and performance of RE agents can be improved. The research consists in the development of a Costumer Relationship Management (CRM) for mobile devices capable of managing information about the customers and business partners of each user, which provides agenda services and also a visual information system capable of showing the progress of the agent and other statistical analysis. All functionalities implemented were collected through 15 face-to-face interviews and validated with seven videoconference interviews. All of them were made using different specialists. For the development and evaluation of this artifact was followed the DSR methodology corresponding to each interview made to an iteration of this model. It was verified that the mobile CRM solution is an added value in terms of customer portfolio management, enhancing the development of their relationships, and in monitoring the performance of professionals.Os agentes imobiliários são profissionais que necessitam de informação atualizada e precisa sobre os seus clientes para conseguirem manter relações profícuas e duradouras com cada um deles, a fim de prosperarem numa indústria tão competitiva. A dissertação concentra-se num problema: não existe uma solução mobile, criada à medida das necessidades dos agentes imobiliários, capaz de melhorar o seu desempenho e otimizar os seus resultados, tornando possível investir mais tempo no trabalho da relação com o cliente e menos com tarefas de secretaria. A importância da resolução deste problema está relacionada com a importância de otimizar trabalho e recursos numa indústria altamente abundante de informação. Através da digitalização destes serviços a produtividade e performance dos agentes imobiliários podem ser melhoradas. A pesquisa consiste no desenvolvimento de um Costumer Relationship Management (CRM) para dispositivos móveis capaz de gerir informação sobre os clientes e parceiros de negócio de cada utilizador, que forneça serviços de agenda e ainda um sistema de informação visual capaz de mostrar os progressos do agente e outras análises estatísticas. Todas as funcionalidades implementadas foram recolhidas através de 15 entrevistas presenciais e validadas com sete entrevistas por vídeo-conferencia. Para esta validação do artefacto seguiu-se a metodologia DSR correspondendo cada entrevista feita a uma iteração deste modelo. Verificou-se que a solução mobile de CRM é uma mais-valia ao nível da gestão da carteira de clientes potenciando o desenvolvimento das suas relações, e ao nível da monitorização da performance dos agentes imobiliários

Forensic analysis of open-source XMPP multi-client social networking apps on iOS devices

In this paper, we present forensic analysis of Monal and Siskin IM, two decentralized open-source XMPP multi-client social networking apps on iOS devices that provide anonymity and privacy using OMEMO end-to-end encryption. We identified databases maintained by each app and storage locations within the iOS file system that stores the local copies of user information and metadata. We analyzed the databases and storage locations for evidential data of forensic value. The results in this paper show a detailed analysis and correlation of data stored in each app's database to identify the local user's multiple IM accounts and contact list, contents of messages exchanged with contacts, and chronology of conversations. The focus and main contributions of this study include a detailed description of artifacts of forensic interest that can be used to aid mobile forensic investigations