Forensic Analysis of the Nintendo 3DS NAND

Pessolano, Gus; Read, Huw; Sutherland, Iain; Xynos, Konstantinos

doi:10.1016/j.diin.2019.04.015

Cited by 9 publications

(8 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The authors extract data from such devices using multiple plugins developed by them (e.g., Autopsy Framework ). Finally, Pessolano et al (2019) review methods that allow forensic experts to obtain the following information from Nintendo 3DS: system activity, deleted images, Internet history items, relevant friends list information, the console's serial number and plaintext WiFi access point passwords.…”

Section: Data Building Publications Analysis and Discussionmentioning

confidence: 99%

“…Concerning this possibility, Williams et al (2021) analyze an intelligent fitness device (Fitbit Versa) using Cellebrite UFED and MSAB [Khobragade and Malik 2014] Data mining/generation -Data crawled from browser logs and data streams across networks and computers EXTR [Li et al 2014] Android Recov. Methods -Samsung Galaxy S3 SMS database considering data partition on device in three periods RECV [Liu et al 2016] Recovery of deleted record -Recovery of deleted records from SQLite3 through a new approach EXTR [Satrya et al 2016] Android Telegram -Database extracted from Telegram app text and audio artifacts from three Android mobile devices EVD [Grajeda et al 2018] Digital forensic artifacts -Data of digital forensic artifacts built from a proposed tool that stores artifacts, user account information and application logs activities EXTR [Awasthi et al 2018] Smart home hub -Data extracted from home hub (Securifi Almond), which allowed forensic analysis of artifacts related to user interaction in the hub EVD [Freiling and Hösch 2018] Evidence tampering -Data on a disk image was manipulated by graduate students to study tampered digital evidence RECV [Atwal et al 2019] Spotlight, Apple desktop -Base with Spotlight metadata (search tool, Apple) to search for persistence of deleted data in your metadata EVD [van Zandwijk and Boztas 2019] iPhone Health App -Investigates the use of data extracted from the iPhone Health application, which stores data about physical exercises performed by the user EXTR [Servida and Casey 2019] IoT, digital traces -Data from mobile apps (e.g., Nest and Wink hubs) and from IoT devices (e.g., cloud data from QBee Camera and the Swisscom Home App); Plugins were developed for data extraction EVD [Hosler et al 2019] Database for Video Forensics -Data of digital forensic videos composed by 2,000 videos from 46 physical devices representing 36 unique camera models EXTR [Pessolano et al 2019] Forensic analysis nintendo 3DS…”

Section: Data Building Publications Analysis and Discussionmentioning

confidence: 99%

See 1 more Smart Citation

Exploring the Intersection between Databases and Digital Forensics

Seufitelli

Brandão²,

Moro³

2022

jidm

View full text Add to dashboard Cite

Digital forensics has attracted attention from assorted researchers, who primarily work on predicting and solving digital hacks and crimes. In turn, the number and types of digital crimes have increased considerably, mainly due to the growing use of digital media to perform daily personal and professional tasks. Like most computer-related activities, data is at the center of such hacks and crimes. Hence, this work presents a systematic literature review of publications at the intersection between Digital Forensics and Databases. We discuss problems and trends of two main categories: Data Building and Database Management Systems. Overall, this research opens the doors for the communication between databases and an area with several exciting and concrete challenges, with great potential for social, economic, and technical-scientific contributions.

show abstract

Section: Data Building Publications Analysis and Discussionmentioning

confidence: 99%

Section: Data Building Publications Analysis and Discussionmentioning

confidence: 99%

Exploring the Intersection between Databases and Digital Forensics

Seufitelli

Brandão²,

Moro³

2022

jidm

View full text Add to dashboard Cite

show abstract

“…Exploiting vulnerabilities in some cases provides the investigator access to devices that would otherwise be inaccessible. Pessolano et al (2019) outlined a process for recovering Nintendo 3DS evidence that required use of a flashcart to exploit a vulnerability to access to the device. These flashcarts are advertised for illegally copying games and sale of these devices is now illegal in some jurisdictions.…”

Section: Prior Workmentioning

confidence: 99%

“…Activities needed to aid understanding of a device may, in some cases, include the need to access and dump proprietary code for analysis (Dawson and Akinbi 2021). The limited support at present means that there may be the need to reverse engineer firmware to understand the operation of the device or to extract encryption keys to decrypt information held in the device (Pessolano et al 2019).…”

Section: Support For Iot Device Examinationmentioning

confidence: 99%

“…In pre-incident research a vulnerability may be used as a step in the process. Video-game hacking, on which some forensics methods rely (Pessolano et al, 2019) shares similarities to vulnerability researchers, searching for issues in software and hardware, but as a means to obtain additional access to a games system. Device manufacturers apply various methods and techniques, like cryptography and obfuscation, as a defence mechanism to keep the system and its contents hidden from those wanting to engage in hacking/reverseengineering of copy-protection mechanisms.…”

Section: Legal and Ethical Issues: A Comparison To Vulnerability Rese...mentioning

confidence: 99%

See 1 more Smart Citation

Legal and ethical issues of pre-incident forensic analysis.

Sutherland¹,

Bovee

Xynos³

et al. 2023

eccws

View full text Add to dashboard Cite

Investigators searching for digital evidence may encounter a variety of different IoT (Internet of Things) devices. Data in such devices and their environments can be both valuable, but also highly volatile. To meet best practices and to process these devices in an expeditious and forensically-sound manner, an investigator should have a predefined plan. Developing such plans requires prior knowledge developed through the exploration and experimentation of the “target” devices. The expanding variety, number, and pervasiveness of IoT devices means there is an increasing need for pre-incident analysis to ensure forensic tools and techniques acquire, preserve and document evidence appropriately. Many of these IoT devices have proprietary file- and operating-systems and may employ mechanisms to protect intellectual property by limiting or preventing access by researchers. Disassembly of the device and circumventing these mechanisms may be restricted by contract, end-user licence agreement (EULA) or legislation regarding intellectual-property rights. Legislative exclusions exist for security research, in some jurisdictions, permitting legitimate analyses. The pre-incident analyses of hardware to establish a forensic process bear some similarity to vulnerability and security research, however there are distinct differences in their end goals. This paper discusses the legal and ethical issues that may be encountered when conducting pre-incident forensics analyses focussing on IoT hardware. It highlights areas of particular concern, identifies best practice and subjects requiring future work as presented in the literature before providing a series of recommendations for forensics investigators processing these types of devices.

show abstract