An Open Source Toolkit for iOS Filesystem Forensics

Abstract : Despite the fact that every iOS release introduces new security restrictions that must be overcome in order to recover data from iPhones, the locations where the data of interest resides are generally consistent. This paper analyzes the iOS filesystem and identifies files and directories that contain data that can aid investigations of traditional crimes involving iPhones as well as hacking and cracking attacks launched from iPhones. Additionally, best practices for minimizing the false positive rate during data carving are identified. These findings are implemented in an open source forensic investigation toolkit that operates in a forensically-sound manner.
Type de document :
Communication dans un congrès
Gilbert Peterson; Sujeet Shenoi. 10th IFIP International Conference on Digital Forensics (DF), Jan 2014, Vienna, Austria. Springer, IFIP Advances in Information and Communication Technology, AICT-433, pp.227-235, 2014, Advances in Digital Forensics X. 〈10.1007/978-3-662-44952-3_15〉
Liste complète des métadonnées

Littérature citée [5 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01393773
Contributeur : Hal Ifip <>
Soumis le : mardi 8 novembre 2016 - 10:49:28
Dernière modification le : vendredi 1 décembre 2017 - 01:17:02
Document(s) archivé(s) le : mardi 14 mars 2017 - 23:50:27

Fichier

978-3-662-44952-3_15_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Ahmad Cheema, Mian Iqbal, Waqas Ali. An Open Source Toolkit for iOS Filesystem Forensics. Gilbert Peterson; Sujeet Shenoi. 10th IFIP International Conference on Digital Forensics (DF), Jan 2014, Vienna, Austria. Springer, IFIP Advances in Information and Communication Technology, AICT-433, pp.227-235, 2014, Advances in Digital Forensics X. 〈10.1007/978-3-662-44952-3_15〉. 〈hal-01393773〉

Partager

Métriques

Consultations de la notice

148

Téléchargements de fichiers

791