Quantifying the Security of Recognition Passwords: Gestures and Signatures

Gesture and signature passwords are two-dimensional figures created by drawing on the surface of a touchscreen with one or more fingers. Prior results about their security have used resilience to either shoulder surfing, a human observation attack, or dictionary attacks. These evaluations restrict generalizability since the results are: non-comparable to other password systems (e.g. PINs), harder to reproduce, and attacker-dependent. Strong statements about the security of a password system use an analysis of the statistical distribution of the password space, which models a best-case attacker who guesses passwords in order of most likely to least likely. Estimating the distribution of recognition passwords is challenging because many different trials need to map to one password. In this paper, we solve this difficult problem by: (1) representing a recognition password of continuous data as a discrete alphabet set, and (2) estimating the password distribution through modeling the unseen passwords. We use Symbolic Aggregate approXimation (SAX) to represent time series data as symbols and develop Markov chains to model recognition passwords. We use a partial guessing metric, which demonstrates how many guesses an attacker needs to crack a percentage of the entire space, to compare the security of the distributions for gestures, signatures, and Android unlock patterns. We found the lower bounds of the partial guessing metric of gestures and signatures are much higher than the upper bound of the partial guessing metric of Android unlock patterns

Risks and potentials of graphical and gesture-based authentication for touchscreen mobile devices

While a few years ago, mobile phones were mainly used for making phone calls and texting short messages, the functionality of mobile devices has massively grown. We are surfing the web, sending emails and we are checking our bank accounts on the go. As a consequence, these internet-enabled devices store a lot of potentially sensitive data and require enhanced protection. We argue that authentication often represents the only countermeasure to protect mobile devices from unwanted access. Knowledge-based concepts (e.g., PIN) are the most used authentication schemes on mobile devices. They serve as the main protection barrier for many users and represent the fallback solution whenever alternative mechanisms fail (e.g., fingerprint recognition). This thesis focuses on the risks and potentials of gesture-based authentication concepts that particularly exploit the touch feature of mobile devices. The contribution of our work is threefold. Firstly, the problem space of mobile authentication is explored. Secondly, the design space is systematically evaluated utilizing interactive prototypes. Finally, we provide generalized insights into the impact of specific design factors and present recommendations for the design and the evaluation of graphical gesture-based authentication mechanisms. The problem space exploration is based on four research projects that reveal important real-world issues of gesture-based authentication on mobile devices. The first part focuses on authentication behavior in the wild and shows that the mobile context makes great demands on the usability of authentication concepts. The second part explores usability features of established concepts and indicates that gesture-based approaches have several benefits in the mobile context. The third part focuses on observability and presents a prediction model for the vulnerability of a given grid-based gesture. Finally, the fourth part investigates the predictability of user-selected gesture-based secrets. The design space exploration is based on a design-oriented research approach and presents several practical solutions to existing real-world problems. The novel authentication mechanisms are implemented into working prototypes and evaluated in the lab and the field. In the first part, we discuss smudge attacks and present alternative authentication concepts that are significantly more secure against such attacks. The second part focuses on observation attacks. We illustrate how relative touch gestures can support eyes-free authentication and how they can be utilized to make traditional PIN-entry secure against observation attacks. The third part addresses the problem of predictable gesture choice and presents two concepts which nudge users to select a more diverse set of gestures. Finally, the results of the basic research and the design-oriented applied research are combined to discuss the interconnection of design space and problem space. We contribute by outlining crucial requirements for mobile authentication mechanisms and present empirically proven objectives for future designs. In addition, we illustrate a systematic goal-oriented development process and provide recommendations for the evaluation of authentication on mobile devices.Während Mobiltelefone vor einigen Jahren noch fast ausschließlich zum Telefonieren und zum SMS schreiben genutzt wurden, sind die Anwendungsmöglichkeiten von Mobilgeräten in den letzten Jahren erheblich gewachsen. Wir surfen unterwegs im Netz, senden E-Mails und überprüfen Bankkonten. In der Folge speichern moderne internetfähigen Mobilgeräte eine Vielfalt potenziell sensibler Daten und erfordern einen erhöhten Schutz. In diesem Zusammenhang stellen Authentifizierungsmethoden häufig die einzige Möglichkeit dar, um Mobilgeräte vor ungewolltem Zugriff zu schützen. Wissensbasierte Konzepte (bspw. PIN) sind die meistgenutzten Authentifizierungssysteme auf Mobilgeräten. Sie stellen für viele Nutzer den einzigen Schutzmechanismus dar und dienen als Ersatzlösung, wenn alternative Systeme (bspw. Fingerabdruckerkennung) versagen. Diese Dissertation befasst sich mit den Risiken und Potenzialen gestenbasierter Konzepte, welche insbesondere die Touch-Funktion moderner Mobilgeräte ausschöpfen. Der wissenschaftliche Beitrag dieser Arbeit ist vielschichtig. Zum einen wird der Problemraum mobiler Authentifizierung erforscht. Zum anderen wird der Gestaltungsraum anhand interaktiver Prototypen systematisch evaluiert. Schließlich stellen wir generelle Einsichten bezüglich des Einflusses bestimmter Gestaltungsaspekte dar und geben Empfehlungen für die Gestaltung und Bewertung grafischer gestenbasierter Authentifizierungsmechanismen. Die Untersuchung des Problemraums basiert auf vier Forschungsprojekten, welche praktische Probleme gestenbasierter Authentifizierung offenbaren. Der erste Teil befasst sich mit dem Authentifizierungsverhalten im Alltag und zeigt, dass der mobile Kontext hohe Ansprüche an die Benutzerfreundlichkeit eines Authentifizierungssystems stellt. Der zweite Teil beschäftigt sich mit der Benutzerfreundlichkeit etablierter Methoden und deutet darauf hin, dass gestenbasierte Konzepte vor allem im mobilen Bereich besondere Vorzüge bieten. Im dritten Teil untersuchen wir die Beobachtbarkeit gestenbasierter Eingabe und präsentieren ein Vorhersagemodell, welches die Angreifbarkeit einer gegebenen rasterbasierten Geste abschätzt. Schließlich beschäftigen wir uns mit der Erratbarkeit nutzerselektierter Gesten. Die Untersuchung des Gestaltungsraums basiert auf einem gestaltungsorientierten Forschungsansatz, welcher zu mehreren praxisgerechte Lösungen führt. Die neuartigen Authentifizierungskonzepte werden als interaktive Prototypen umgesetzt und in Labor- und Feldversuchen evaluiert. Im ersten Teil diskutieren wir Fettfingerattacken ("smudge attacks") und präsentieren alternative Authentifizierungskonzepte, welche effektiv vor diesen Angriffen schützen. Der zweite Teil beschäftigt sich mit Angriffen durch Beobachtung und verdeutlicht wie relative Gesten dazu genutzt werden können, um blickfreie Authentifizierung zu gewährleisten oder um PIN-Eingaben vor Beobachtung zu schützen. Der dritte Teil beschäftigt sich mit dem Problem der vorhersehbaren Gestenwahl und präsentiert zwei Konzepte, welche Nutzer dazu bringen verschiedenartige Gesten zu wählen. Die Ergebnisse der Grundlagenforschung und der gestaltungsorientierten angewandten Forschung werden schließlich verknüpft, um die Verzahnung von Gestaltungsraum und Problemraum zu diskutieren. Wir präsentieren wichtige Anforderungen für mobile Authentifizierungsmechanismen und erläutern empirisch nachgewiesene Zielvorgaben für zukünftige Konzepte. Zusätzlich zeigen wir einen zielgerichteten Entwicklungsprozess auf, welcher bei der Entwicklung neuartiger Konzepte helfen wird und geben Empfehlungen für die Evaluation mobiler Authentifizierungsmethoden

An Approach to Software Development for Continuous Authentication of Smart Wearable Device Users

abstract: With the recent expansion in the use of wearable technology, a large number of users access personal data with these smart devices. The consumer market of wearables includes smartwatches, health and fitness bands, and gesture control armbands. These smart devices enable users to communicate with each other, control other devices, relax and work out more effectively. As part of their functionality, these devices store, transmit, and/or process sensitive user personal data, perhaps biological and location data, making them an abundant source of confidential user information. Thus, prevention of unauthorized access to wearables is necessary. In fact, it is important to effectively authenticate users to prevent intentional misuse or alteration of individual data. Current authentication methods for the legitimate users of smart wearable devices utilize passcodes, and graphical pattern based locks. These methods have the following problems: (1) passcodes can be stolen or copied, (2) they depend on conscious user inputs, which can be undesirable to a user, (3) they authenticate the user only at the beginning of the usage session, and (4) they do not consider user behavior or they do not adapt to evolving user behavior. In this thesis, an approach is presented for developing software for continuous authentication of the legitimate user of a smart wearable device. With this approach, the legitimate user of a smart wearable device can be authenticated based on the user's behavioral biometrics in the form of motion gestures extracted from the embedded sensors of the smart wearable device. The continuous authentication of this approach is accomplished by adapting the authentication to user's gesture pattern changes. This approach is demonstrated by using two comprehensive datasets generated by two research groups, and it is shown that this approach achieves better performance than existing methods.Dissertation/ThesisMasters Thesis Software Engineering 201

Semantic description of the embedded device screen

Tato diplomová práce se zabývá detekcí prvků uživatelského rozhraní na obrázku displejetiskárny za použití konvolučních neuronových sítí. V teoretické části je provedena rešeršesoučasně používaných architektur pro detekci objektů. V praktické čísti je probrána tvorbagalerie, učení a vyhodnocování vybraných modelů za použití Tensorflow ObjectDetectionAPI. Závěr práce pojednává o vhodnosti vycvičených modelů pro zadaný úkol.This thesis deals with the detection of UI Elements in the image of a printer screenusing the convolutional neural networks. The theoretical part of the thesis is a literaturereview of current object detection architectures. The practical part covers the creation ofthe dataset, training and evaluation of the selected models using the Tensorflow ObjectDetection API. The conclusion of the work discusses the suitability of the trained modelsfor a given task.

Exploiting autobiographical memory for fallback authentication on smartphones

Smartphones have advanced from simple communication devices to multipurpose devices that capture almost every single moment in our daily lives and thus contain sensitive data like photos or contact information. In order to protect this data, users can choose from a variety of authentication schemes. However, what happens if one of these schemes fails, for example, when users are not able to provide the correct password within a limited number of attempts? So far, situations like this have been neglected by the usable security and privacy community that mainly focuses on primary authentication schemes. But fallback authentication is comparably important to enable users to regain access to their devices (and data) in case of lockouts. In theory, any scheme for primary authentication on smartphones could also be used as fallback solution. In practice, fallback authentication happens less frequently and imposes different requirements and challenges on its design. The aim of this work is to understand and address these challenges. We investigate the oc- currences of fallback authentication on smartphones in real life in order to grasp the charac- teristics that fallback authentication conveys. We also get deeper insights into the difficulties that users have to cope with during lockout situations. In combination with the knowledge from previous research, these insights are valuable to provide a detailed definition of fall- back authentication that has been missing so far. The definition covers usability and security characteristics and depicts the differences to primary authentication. Furthermore, we explore the potential of autobiographical memory, a part of the human memory that relates to personal experiences of the past, for the design of alternative fall- back schemes to overcome the well-known memorability issues of current solutions. We present the design and evaluation of two static approaches that are based on the memory of locations and special drawings. We also cover three dynamic approaches that relate to re- cent smartphone activities, icon arrangements and installed apps. This series of work allows us to analyze the suitability of different types of memories for fallback authentication. It also helps us to extend the definition of fallback authentication by identifying factors that influence the quality of fallback schemes. The main contributions of this thesis can be summarized as follows: First, it gives essen- tial insights into the relevance, frequency and problems of fallback authentication on smart- phones in real life. Second, it provides a clear definition of fallback authentication to classify authentication schemes based on usability and security properties. Third, it shows example implementations and evaluations of static and dynamic fallback schemes that are based on different autobiographical memories. Finally, it discusses the advantages and disadvantages of these memories and gives recommendations for their design, evaluation and analysis in the context of fallback authentication.Aus vormals einfachen Kommunikationsgeräten haben sich Smartphones inzwischen zu Multifunktionsgeräten weiterentwickelt, die fast jeden einzelnen Moment in unserem Alltag verfolgen und aufzeichnen. So ist es nicht verwunderlich, dass diese Geräte auch viele sen- sible Daten beinhalten, wie zum Beispiel Fotos oder Kontaktinformationen. Um diese Daten zu schützen, können Smartphone-Nutzer aus einer Vielzahl von Authentifizierungsverfahren auswählen. Doch was passiert, wenn eines dieser Verfahren versagt, zum Beispiel wenn Nutzer nicht in der Lage sind ihr korrektes Passwort innerhalb einer begrenzten Anzahl von Versuchen einzugeben? Derartige Fragen wurden bislang von der Usable Security und Privacy Gemeinschaft vernachlässigt, deren Augenmerk vielmehr auf dem Forschungsfeld der primären Authentifizierung gerichtet war. Jedoch ist das Gebiet der Fallback-Authentifizierung von vergleichbarer Bedeutung, um Nutzern die Möglichkeit zu bieten, wieder Zugang zu ihren Daten und Geräten zu erlangen, wenn sie sich aussperren. Im Prinzip kann jedes primäre Authentifizierungsverfahren auch für die Fallback-Authentifizierung eingesetzt werden. Da letzteres in der Praxis jedoch viel seltener passiert, bringt der Entwurf neuer Verfahren für die Fallback-Authentifizierung neue Anforderungen und Herausforderungen mit sich. Ziel dieser Arbeit ist es, diese Herausforderungen zu verstehen und herauszuarbeiten. Dazu haben wir untersucht, wie häufig sich Smartphone-Nutzer im Alltag aussperren, um darauf basierend die Hauptanforderungen für den Entwurf von Verfahren zur Fallback-Authentifizierung herzuleiten. Zudem konnten wir durch die Untersuchung ein tieferes Verständnis für die Probleme der Nutzer in solchen Situationen entwickeln. Zusammen mit den Erkenntnissen aus verwandten Arbeiten ermöglichten die Ergebnisse der Untersuchung eine detaillierte Definition für den Begriff der Fallback-Authentifizierung bereitzustellen und unter Berücksichtigung von Faktoren der Nutzerfreundlichkeit und Sicherheit deren Unterschiede zur primären Authentifizierung hervorzuheben. Zudem haben wir die Möglichkeiten des autobiographischen Gedächtnisses für den Entwurf alternativer Verfahren zu Fallback-Authentifizierung exploriert. Das autobiographische Gedächtnis ist ein Teil des menschlichen Gehirns und besteht aus persönlichen Erinnerungen der Vergangenheit. Durch den persönlichen Bezug erscheinen diese Erinnerungen vielversprechend, um die Probleme bekannter Verfahren zu überwinden. Im Rahmen dieser Arbeit stellen wir deshalb zwei statische und drei dynamische Verfahren zur Fallback-Authentifizierung vor, die sich auf autobiographischen Erinnerungen stützen. Während sich die statischen Verfahren auf ortsbezogene Erinnerungen und das Anfertigen spezieller Zeichnungen konzentrieren, basieren die dynamischen Verfahren auf Erinnerungen der nahen Vergangenheit (z. B. Aktivitäten auf dem Smartphone, Anordnung von Anwendungen oder de- ren Installation). Die vorgestellten Konzepte erlauben nicht nur das Potential verschiedener autobiographischer Erinnerungen zu analysieren, sondern ermöglichen es auch Faktoren zu identifizieren, die einen Einfluss auf die Qualität der vorgestellten Konzepte haben und somit nützlich sind, um die Definition der Fallback-Authentifizierung zu erweitern. Zusammenfassung Der wissenschaftliche Beitrag dieser Arbeit lässt sich wie folgt zusammenfassen: (1) Die Arbeit gibt einen wichtigen Einblick in die Relevanz, Häufigkeit und Probleme der Fallback-Authentifizierung im Alltag der Nutzer. (2) Sie stellt eine klare Definition für den Begriff der Fallback-Authentifizierung bereit, um Authentifizierungssysteme anhand verschiedener Eigenschaften wie Nutzerfreundlichkeit und Sicherheit zu klassifizieren. (3) Sie diskutiert die Vor- und Nachteile verschiedener autobiographischer Erinnerungen anhand von Beispielimplementierungen und gibt darauf basierend Empfehlungen zu deren Nutzung und Evaluierung im Kontext der Fallback-Authentifizierung

Metafore mobilnih komunikacija ; Метафоры мобильной связи.

Mobilne komunikacije su polje informacione i komunikacione tehnologije koje karakteriše brzi razvoj i u kome se istraživanjem u analitičkim okvirima kognitivne lingvistike, zasnovanom na uzorku od 1005 odrednica, otkriva izrazito prisustvo metafore, metonimije, analogije i pojmovnog objedinjavanja. Analiza uzorka reči i izraza iz oblasti mobilnih medija, mobilnih operativnih sistema, dizajna korisničkih interfejsa, terminologije mobilnih mreža, kao i slenga i tekstizama koje upotrebljavaju korisnici mobilnih naprava ukazuje da pomenuti kognitivni mehanizmi imaju ključnu ulogu u olakšavanju interakcije između ljudi i širokog spektra mobilnih uređaja sa računarskim sposobnostima, od prenosivih računara i ličnih digitalnih asistenata (PDA), do mobilnih telefona, tableta i sprava koje se nose na telu. Ti mehanizmi predstavljaju temelj razumevanja i nalaze se u osnovi principa funkcionisanja grafičkih korisničkih interfejsa i direktne manipulacije u računarskim okruženjima. Takođe je analiziran i poseban uzorak od 660 emotikona i emođija koji pokazuju potencijal za proširenje značenja, imajući u vidu značaj piktograma za tekstualnu komunikaciju u vidu SMS poruka i razmenu tekstualnih sadržaja na društvenim mrežama kojima se redovno pristupa putem mobilnih uređaja...Mobile communications are a fast-developing field of information and communication technology whose exploration within the analytical framework of cognitive linguistics, based on a sample of 1005 entries, reveals the pervasive presence of metaphor, metonymy analogy and conceptual integration. The analysis of the sample consisting of words and phrases related to mobile media, mobile operating systems and interface design, the terminology of mobile networking, as well as the slang and textisms employed by mobile gadget users shows that the above cognitive mechanisms play a key role in facilitating interaction between people and a wide range of mobile computing devices from laptops and PDAs to mobile phones, tablets and wearables. They are the cornerstones of comprehension that are behind the principles of functioning of graphical user interfaces and direct manipulation in computing environments. A separate sample, featuring a selection of 660 emoticons and emoji, exhibiting the potential for semantic expansion was also analyzed, in view of the significance of pictograms for text-based communication in the form of text messages or exchanges on social media sites regularly accessed via mobile devices..

Optimized near real-time remote device tracking and monitoring system

Os serviços baseados em localização vieram dar um novo alento à criatividade dos programadores de aplicações móveis. A vulgarização de dispositivos com capacidades de localização integradas deu origem ao desenvolvimento de aplicações que gerem e apresentam informação baseada na posição do utilizador. Desde então, o mercado móvel tem assistido ao aparecimento de novas categorias de aplicações que tiram proveito desta capacidade. Entre elas, destaca-se a monitorização remota de dispositivos, que tem vindo a assumir uma importância crescente, tanto no sector particular como no sector empresarial. Esta dissertação começa por apresentar o estado da arte sobre os diferentes sistemas de posicionamento, categorizados pela sua eficácia em ambientes internos ou externos, assim como diferentes protocolos de comunicação em tempo quase-real. É também feita uma análise ao estado actual do mercado móvel. Actualmente o mercado possui diferentes plataformas móveis com características únicas que as fazem rivalizar entre si, com vista a expandirem a sua quota de mercado. É por isso elaborado um breve estudo sobre os sistemas operativos móveis mais relevantes da actualidade. É igualmente feita uma abordagem mais profunda à arquitectura da plataforma móvel da Apple - o iOS – que serviu de base ao desenvolvimento de uma solução optimizada para localização e monitorização de dispositivos móveis. A monitorização implica uma utilização intensiva de recursos energéticos e de largura de banda que os dispositivos móveis da actualidade não estão aptos a suportar. Dado o grande consumo energético do GPS face à precária autonomia destes dispositivos, é apresentado um estudo em que se expõem soluções que permitem gerir de forma optimizada a utilização do GPS. O elevado custo dos planos de dados facultados pelas operadoras móveis é também considerado, pelo que são exploradas soluções que visam minimizar a utilização de largura de banda. Deste trabalho, nasce a aplicação EyeGotcha, que para além de permitir localizar outros utilizadores de dispositivos móveis de forma optimizada, permite também monitorizar as suas acções baseando-se num conjunto de regras pré-definidas. Estas acções são reportadas às entidades monitoras, de modo automatizado e sob a forma de alertas. Visionando-se a comercialização da aplicação, é portanto apresentado um modelo de negócio que permite obter receitas capazes de cobrirem os custos de manutenção de serviços, aos quais o funcionamento da aplicação móvel está subjugado.Location-based services boosted mobile developers’ creativity. When portable devices with integrated location features did first appear, that led to the arrival of applications that manage and shows information based on the user’s current position. Since then, the mobile market has witnessed the emergence of new application categories that take advantage of this capability. Among them all, there is the remote device monitoring category which owns a growing importance in both private and business fields. Given that mobile devices are enclosed within a large number of location tracking systems, this work presents the current state of the art on different positioning systems and their underlying technologies. These systems are grouped into two distinct categories: indoor and outdoor positioning systems. Monitoring activities require communication between devices, therefore different near real-time communication protocols are discussed. The current state of the mobile market is also presented. There are many different rivaling mobile platforms with unique features, thus a brief study about the current and most relevant mobile operating systems is done. Since this work led to the development of an optimized mobile tracking and monitoring solution for the Apple's mobile platform - iOS – its architecture is also approached. Monitoring activities consume high energy resources and considerable amounts of traffic, which current mobile devices cannot support. Given the large power consumption of the GPS and bearing in mind mobile devices poor autonomy, it is presented a study that provides solutions for an optimized management of the GPS activity. Data plans provided by mobile operators are expensive and traffic limited, hence solutions in order to minimize the bandwidth used between monitoring entities are explored. The EyeGotcha application was originated from this work, which serves the purpose of allowing users to locate other mobile devices and monitor their actions through a set of predefined rules. These actions are reported to the monitoring entity, in an automated alert triggering fashion. Foreseeing the placement of the application in the market, it is presented a business model that allows generating enough profits to cover maintenance costs for the services which the mobile application depends on

Plataforma integrada para divulgação do estado da qualidade do ar

Mestrado em Engenharia de Computadores e Telem aticaIn this dissertation it is proposed a solution which, starting from data gathered by specialized equipment installed in a IDAD's vehicle, frequently left taking measurements in places of inconvenient access and which does not provide a simple way to access the data, allows the disclosure of them to the IDAD's team and all the interested clients. The solution developed involves the whole process of taking the data to the user, since its collection, passing by its dispatch to an online server through a messaging service where they are stored for easy access at any time needed, data processing and the creation of RESTful services for their provision to external services. Moreover it was developed a web interface that allows the user to easily check the state of the air quality at any moment, controlling user access and managing the data available for each one. Lastly, it was also developed an Android mobile application which represents the easiest and fastest way of checking the state of the air at the current time and also opens the possibility of using the noti cation system to alert the user of hazard situations and speci c events without the need of manually accessing one of the platforms to detect that situation.Nesta dissertação e proposta uma solução que, partindo de dados recolhidos por equipamento instalado numa carrinha do IDAD, Instituto do Ambiente e Desenvolvimento, que e frequentemente deixada a realizar medições em locais de acesso inconveniente e que não fornece uma forma simples de acesso aos mesmos, permite disponibiliza-los para os membros do IDAD e para os clientes interessados. A solução desenvolvida envolve todo o processo de fazer os dados chegarem ao utilizador, desde a sua recolha na carrinha, passando pelo seu envio para um servidor online através de um servi co de queueing de mensagens onde são alojados de forma a permitir o seu acesso em qualquer momento, tratamento dos dados obtidos e a criação de servi cos REST para a sua disponibilização para servi cos externos. Além disso, foi criada uma interface web que permite aos utilizadores facilmente verificarem o estado da qualidade do ar em qualquer momento, controlar o acesso dos utilizadores e gerir a informação disponível para cada um. Por fim, foi também desenvolvida uma aplicação móvel Android que constitui o método mais simples e rápido de verificar o estado da qualidade do ar no momento atual e o qual abre a possibilidade de utilizar o sistema de notificações do Android para alertar o utilizador de situações de alarme e eventos específicos sem este ter que aceder manualmente a uma das plataformas para detetar essa situação

Toolbox application to support and enhance the mobile device forensics investigation process - breaking through the techniques available

Dissertation presented as the partial requirement for obtaining a Master's degree in Information Management, specialization in Knowledge Management and Business IntelligenceOne of the main topics that is discussed today is how can a person leverage on technology on a positive and secure way in order to enhance their daily life, making it a healthier, more productive, joyful and easier. However, with improvements in technology, comes challenges for which there is not yet a stable and safe way to overcome. One of the greatest challenges that people are faced has to do with their concern on their privacy and on the safeguard of their sensitive information that is stored in any device that one uses. In fact, one of the most used technology is the Mobile, which can take several forms, features, shapes, and many other components. In line manner, cybercrime is growing rapidly, targeting the exploitation and retrieval of information from these gadgets. Even so, with a Mobile, comes several challenges including a rapidly dynamic change in its landscape, an everincreasing diversity of mobile phones forms, integration of the information on a Mobile into the Cloud and IoT. As such, it’s vital to have a stable and safe toolbox that will enable a digital investigator to potentially prevent, detect and solve any issue that may be related to Mobile Device Forensics while solving out various investigations, being it criminal, civil, corporate or any other