Forensic Blogs

An aggregator for digital forensics blogs

by

Application Analysis

Introduction:

The Application Analysis team is a group of technical interns at the Leahy Center for Digital Investigation. The LCDI offers  great opportunities for students to gain knowledge and skills in digital forensics and cybersecurity. This project is how four intern students have gone about testing some consumer mobile tracking & monitoring software.

Experience:

The Application Analysis team has currently been researching four different mobile tracking & monitoring programs available in today’s market. The programs we are looking at are mSpy, FlexiSpy, Mobistealth, and Highster Mobile. We are researching the specifications that each of these applications claims to have. We have five Nexus 7 tablets, four of which are rooted using Nexus Root Toolkit and one that is being used as the control device. A control device is a device that you leave in its original state to compare with other devices so you can see what has changed. Sometimes unexpected things will change and that is how you can confirm that it has been altered. We have a laptop that is being used to monitor the traffic via WireShark and also used as the control panel for the software.   

Our team is using the following apps: Google Hangouts, Facebook, Facebook Messenger, Kik, and Skype. We are generating data by sending information between the rooted device and the control device using these various applications. We are seeing if we are able to view all the information that we generated and are checking on whether any data is not collected.

In addition, we are testing if video calls are recorded and sent to the parents’ account. We have set a keyword to test the capability of specific programs to see if it alerts the parent when the keyword is used. Since the first program that we tested has the capability of Geo-Fencing, we decided to test for this capability as well. Geo-fencing means if a device leaves a certain location, there would be an alert sent to notify the parent that the device has left the specified location.

Conclusion:

We have created a variety of questions that we would like to look further into with each of the programs, including if the software can be hidden on the device. Stay tuned to read further updates on this project and the information we continue to gather from our devices.

 

To learn more about this and other blogs of the LCDI visit us here: LCDI Blog.

Stay in the loop on our current and upcoming projects and events by following us on Facebook,  Twitter, or Instagram. 

 

The post Application Analysis appeared first on The Leahy Center for Digital Investigation.

by

LCDI Intern Blog Series: Meet Madi!

Interning at the LCDI: Madi’s Journey

About one year ago, I found myself setting foot on Champlain College grounds after a tiring fifteen hour drive from Charlotte, North Carolina. My dad miraculously agreed to visit this random college that I found on the internet with me. I discovered Champlain has an actual Digital Forensics major, which is rare across the country (especially in North Carolina), so I knew I had to make the journey to see it in person. The major itself got me to visit, but what really hooked me was the Leahy Center for Digital Investigation, or as I now know it: the LCDI.

Our visit to the LCDI was a stop-off in our final minutes of the day, right before we were about to start our long drive back. Inside I discovered an opportunity to get real world experience in the digital forensics field while in college. And even more, I was told I could start my first year! This locked in Champlain as my first pick, and I finished my application and submitted it later that very same week.

Needless to say, I got in and am now almost halfway through my first semester at Champlain. A couple of weeks before I started, I received an email with information on how to apply to be an intern at the LCDI during my first semester. I completed the application and interviewed for the position my second day of school. A week later I was thrilled to hear that I was accepted and placed on the Tool Evaluation team. I’d work eight to ten hours a week, in addition to completing occasional assignments for an internship class that’s paired with the work experience. This brought my total credits for this semester to eighteen, which, to be honest, seemed daunting at first. But in my experience so far, it’s all been very manageable.

My internship at the LCDI is just one of the factors that’s made my experience at Champlain different from most of my friends. In high school I went to a middle college, which allowed me to complete my Associate’s Degree in Information Technology Fundamentals during my junior and senior years. Forty-four of my sixty credits transferred to Champlain, so on paper, I technically came in as a sophomore. Because of this status, I’m already taking upper level courses. It has been fascinating working with students of every level, and each of my classes has a different dynamic.

The biggest difference I have noticed so far between home and Burlington is the amount of people who walk everywhere. In Charlotte, everyone drives to get anywhere because most of the city is spread out. It’s nice having a downtown area within walking distance I can visit whenever I want while here at Champlain. One thing I still have to get used to is the cold, but I’m definitely on the fast track to acclimate soon enough.

The post LCDI Intern Blog Series: Meet Madi! appeared first on The Leahy Center for Digital Investigation.

by

SIFT Tool Evaluation

Introduction:

The Senator Leahy Center for Digital Investigation (LCDI) is an establishment that was created to encourage Champlain College students to gain technical knowledge of an area within their field of study. As a team, interns are expected to communicate and work together in order to finish a project. This is the experience of the LCDI through the eyes of two interns.

 

Our Experience:

Our experience so far at the LCDI  has been exceptional. As first year students, we have learned valuable information about computer and digital forensics that we can actually use in the field. As technical interns, we are compiling information about a digital forensics tool. We are doing this to determine what tool has the greatest functionality and to gain real world experience working with a digital forensic tool. We are working with SIFT, and, so far, everything about it has been thrilling.

 

As interns, we have learned a few new things working with more experienced members. As one might expect, we have honed a large amount of new technical skills while working in a computer lab. But we have also practiced skills newer to us, such as working on a team and working under a team of supervisors. You can attend any amount of hours in a technical course without ever learning the social skills required in a workplace. Our time at the lab has given us great experience in interpersonal relations we’ll need to utilize in our future careers.

 

Before starting our work, we knew very little about digital forensics or the tools used to analyze data. We also didn’t know very much about Linux commands. This was difficult at first because SIFT is a Linux based forensics toolkit, but we have gained exponential knowledge from working with it over these past months.

 

Our experience at the LCDI has thus far been overwhelmingly positive and exciting. The environment the LCDI has allows me to explore the social aspect of a workplace while also exploring the technical aspect. This, to me, is exactly what we were looking for in college, and is unique to Champlain College. We are excited to have the future opportunity to work ever higher positions at the LCDI.

 

Conclusion:

Our next step is analysis of the data that we just finished generating. We’ll keep you posted!

 

 

To learn more about this and other blogs of the LCDI visit us here: LCDI Blog.

Stay in the loop on our current and upcoming projects and events by following us on Facebook,  Twitter, or Instagram. 

The post SIFT Tool Evaluation appeared first on The Leahy Center for Digital Investigation.