Crime Science and Digital Forensics by Anthony C. Ijeh;Kevin Curran;

Author:Anthony C. Ijeh;Kevin Curran; [Неизв.]
Language: eng
Format: epub
ISBN: 9781000405965
Publisher: CRC Press (Unlimited)
Published: 2021-01-30T21:00:00+00:00

Figure 4: Digital forensic procedure’s flowchart (Harbaavi and Varol 2017). Data can also be extracted from firmware by UART. The Universal Asynchronous Receiver Transmitter (UART) is simply a serial port. Most IoT firmware have enabled UART for debugging but it is possible to get full root access and to extract data from the device via the UART interface. According to Vasile et al. (2019), UART is currently the most common and exploitable debugging interface found in IoT devices. 45% of the examined IoT devices were found to be vulnerable to firmware extraction via UART.

IoT devices, being quite small, energy efficient storage is required for storing the firmware on such devices. Serial flash is often used for storing the firmware in IoT devices, given that it has a small form factor, needs few wire connections on the board and it uses low power flash memory. The Serial Peripheral Interface (SPI) is an industry standard protocol for providing access to the data on the serial flash. By connecting to the serial flash chip pins and using a tool such as Attify Badge or Bus Pirate, it is possible to capture a data dump of the flash memory.

Embedded MultiMediaCard (eMMC)—NAND flash memory—are also commonly used in IoT devices due to their low cost, speed, multitude of storage sizes, smaller footprint, lower power usage, and integrated controller. Etemadieh et al. (2017) describes how to identify the correct eMMC pinout, and how to connect pins of eMMC to an appropriate SD card adapter to easily access the content of the flash storage.

Choosing the approach to extract data from an IoT device is not as simple as extracting data from a hard drive and must be done on a case to case basis. Forensic investigators with more experience in working with such devices may be needed. Bortas et al. (2015) describe the digital forensics procedure for extracting potential artifacts such as network information, app activity, web browsing history, and media files from a smart TV, namely a Samsung smart TV. Davies et al. (2015) present PlayStation 4’s potential information sources as well as a method for acquiring information from the PlayStation 4. Similarly, Clark et al. (2017) describes the forensic analysis of the DJI Phantom III drone. Horsman (2016) describes the acquisition of a test Parrot Bebop unmanned aerial vehicles internal storage to extract the on-board flight data, captured media as well as operating system files. The paper also includes discussion of forensic analysis of the controller device. The investigation of radio equipment is described by Kouwen et al. (2018). Smart vehicles store a wealth of digital information such as GPS coordinates of recent destinations, favourite routes, call logs, and phone contacts. Nhien-Anle-Khac et al. (2018) discusses the challenges relating to the forensics extraction and analysis of data from smart vehicles. Shin et al. (2017) describes how to collect data from (1) Amazon Echo, (2) Home Area Network consisting of a central controller, sensors, and Z-wave devices like Thermostat, Smart Lockers (touchscreen or lever lockers), Wireless Water Valve, etc.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.