An Open Source Toolkit for iOS Filesystem Forensics - Advances in Digital Forensics X Access content directly
Conference Papers Year : 2014

An Open Source Toolkit for iOS Filesystem Forensics

Abstract

Despite the fact that every iOS release introduces new security restrictions that must be overcome in order to recover data from iPhones, the locations where the data of interest resides are generally consistent. This paper analyzes the iOS filesystem and identifies files and directories that contain data that can aid investigations of traditional crimes involving iPhones as well as hacking and cracking attacks launched from iPhones. Additionally, best practices for minimizing the false positive rate during data carving are identified. These findings are implemented in an open source forensic investigation toolkit that operates in a forensically-sound manner.
Fichier principal
Vignette du fichier
978-3-662-44952-3_15_Chapter.pdf (473.31 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-01393773 , version 1 (08-11-2016)

Licence

Attribution

Identifiers

Cite

Ahmad Raza Cheema, Mian Waseem Iqbal, Waqas Ali. An Open Source Toolkit for iOS Filesystem Forensics. 10th IFIP International Conference on Digital Forensics (DF), Jan 2014, Vienna, Austria. pp.227-235, ⟨10.1007/978-3-662-44952-3_15⟩. ⟨hal-01393773⟩
319 View
3936 Download

Altmetric

Share

Gmail Facebook X LinkedIn More