Towards Secure Deletion on Smartphones

Similar documents
Forensic Analysis of Smartphones: The Android Data Extractor Lite (ADEL)

SSDD and SSDF Handset seizure Paraben * Seizure test SE K850, SE Xperia

Running Head: IPHONE FORENSICS 1. iphone Forensics Jaclyn Sottilaro Monica Figueroa-Santos Antonina Spinella Saint Leo University

Mobile memory dumps, MSAB and MPE+ Data collection Information recovery Analysis and interpretation of results

Indoor Positioning Systems for Intelligent Museum Visitors Support Service

Android Forensics: Automated Data Collection And Reporting From A Mobile Device

Sentient Storage: Do SSDs have a mind of their own? Tom Kopchak

MOBILE LOCATION-BASED SERVICES

Copyright Samsung Electronics Co., Ltd. All rights reserved.

Technology In Action, Complete, 14e (Evans et al.) Chapter 5 System Software: The Operating System, Utility Programs, and File Management

How Do I Sync My New Iphone To My Icloud. Account >>>CLICK HERE<<<

Mobile Forensics Data Integrity Assessment by Event Monitoring

SymbianGuru.com Your guru in mobile software. SMS Alert v 1.0. by SymbianGuru.

[Hatwar, 3(3): March, 2014] ISSN: Impact Factor: 1.852

Defeating the Secrets of OTP Apps

Android Forensics Concept

and Security Testing Shawn Valle gmail. com May 2013

AccessData offers a broad array of training options.

Android Bluetooth Pin Code Change Sim Card Blackberry

White Paper: Understanding the Relationship Between SSD Endurance and Over-Provisioning. Solid State Drive

Technology in Action Complete, 13e (Evans et al.) Chapter 5 System Software: The Operating System, Utility Programs, and File Management

A Recovery Approach for SQLite History Recorders from YAFFS2

Copyright Samsung Electronics Co., Ltd. All rights reserved.

PiceaServices. Quick Start Guide. April 2017, v.4.6

Apple and Samsung Rank Highest among Smartphone Manufacturers; Motorola Ranks Highest among Traditional Mobile Phone Manufacturers

Sony develops transparent lens eyewear SmartEyeglass - Announces availability of software development kit -

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

The smartest of smartphones

Smart TV Security Solution V3.0 for Samsung Knox. Certification Report

Blackberry Storm Hard Reset Code 8520 T Mobile

How to start with Intelligent VOICE

A Model-based Approach for Conditioning Software to Multi-Core using AUTOSAR

Duo Security Enrollment Guide

SymbianGuru.com Your guru in mobile software. Phone Wallet v 3.0. by Symbian Guru.

How many of us own. Mobile markets and development environments. Petri Vesikivi (Erkki Rämö) Fixed Telephone 1.3B TV 1.5B Credit card 1.

How To Transfer Contacts From Blackberry To Iphone 5 Without Using Google Sync

Datasheet. Shenzhen TG-NET Botone Technology Co., Ltd. M-5 TG-NET Cloud Box. Datasheet

Mobile Forensics: Android Platforms and WhatsApp Extraction Tools

Smart TV Security Solution V2.0 for Samsung Knox. Certification Report

The Main view displays status and speed data as listed below. Speed and memory values reflect the last performed speed test.

Distribution Channels for Mobile Navigation Services. Industry Research Whitepaper

Phone Guardian v3.0 by SymbianGuru User Manual

Mobile Phone Monitoring System For Android Operating System

dr. Jan Peter van Zandwijk

Paraben Corporation. Capabilities Brief. Presented by Copyright Paraben Corp

Mobile Devices Villanova University Department of Computing Sciences D. Justin Price Spring 2014

Logical acquisition of iphone without Jail Breaking

Diploma Thesis Collaborative Data Processing on Mobile Handsets Jan Kettner. Examiner: Prof. Dr. Mesut Günes Tutor: Georg Wittenburg, M. Sc.

Digital forensics 5/5/18. Cell (mobile) phones. Data on the cell phone

Sony Ericsson Bluetooth Connect To Pc Suite For Windows 8

DOWNLOAD OR READ : NEW SAMSUNG SERIES 6300 XLSX READ ONLY PDF EBOOK EPUB MOBI

Paraben Device Seizure Version 4.3

PiceaServices. Quick Start Guide. November 2017, v.4.12

Instructions On How To Use Nokia Lumia 710 Bluetooth Files >>>CLICK HERE<<<

Latest version of whatsapp for nokia e63 free download

A Study of User Data Integrity During Acquisition of Android Devices

Interoperability framework for communication between processes running on different mobile operating systems

+929>Buy: 'iskysoft Phone Transfer' by Wondershare Software Co.- Ltd. Full Version

Duo Security Enrollment Guide

How Do I Restore My Blackberry Phone To Factory Settings Windows 7

LINKSYS VELOP + CUJO SETUP (STEP-BY-STEP GUIDE)

TABLE OF CONTENTS 1. INTRODUCTION DEFINITIONS Error! Bookmark not defined REASON FOR ISSUE 2 3. RELATED DOCUMENTS 2 4.

Selective deletion of non-relevant Data

An Enhanced Security Policy Framework for Android

Paraben s DS 7.5 Release Notes

Manual Apple Iphone 5s 32gb Price In India 2013

How To Install New Blackberry Os Without. Desktop Manager >>>CLICK HERE<<<

Mobile phones Memory technologies MMC, emmc, SD & UFS

Creating a Cell Phone Investigation Toolkit: Basic Hardware and Software Specifications

Manual Nokia N70 Mobile Phone Software S

Andriod-Mobile Application Development. Mobile Application Development Workshop on Andriod Platform.

JUNOS PULSE MOBILE SECURITY SUITE. Stallion Winter Seminar Jukka Piirainen & Jani Ripatti

OXYGEN SOFTWARE OXYGEN FORENSIC KIT

Apple store iphone 4 8gb unlocked

User Manual. Contents. Conrad Koppitz August 18, I Client 1. II Server 5. 1 Requirements 2

Global Smartphone 3D Sensing Market: Size, Trends & Forecasts ( ) September 2017

Frequently Asked Questions About the Unitor 8 Preference Pane

Copy9 FOR SYMBIAN 9.X

Two Factor Authentication

MOBILE LOCATION-BASED SERVICES

Verizon refurbished iphone 3

Page 1 of 10. Instructor. Michael Robinson Office Hours: Available upon request. Description

MOSES - the Mobile Service and Exploration System. Georg Schneider and Martin Greving

MOBILE DEVICE FORENSICS

Broad Objectives/Outcomes of the course

Manual Iphone 5 Unlock Code At Tmobile Usa Ebay >>>CLICK HERE<<<

Introduction to Mobile Application and Development

A Cry for Help: Persuading Cell phone Developers to Get Involved with Digital Forensics

Opera - Simply The Best Internet Experience. 3Q04 Results. November 12, 2004

Samsung Galaxy S3 Root Sprint Update India

VMware vsphere Data Protection Evaluation Guide REVISED APRIL 2015

Facebook Messenger Install For Android Mobile Java Touchscreen

S A N D I S K F L A S H M E M O R Y C A R D S W E A R L E V E L I N G

Workshop #10 Wifi & WhatsApp

FILE SYSTEMS, PART 2. CS124 Operating Systems Fall , Lecture 24

Mobile Middleware Course. Mobile Platforms and Middleware. Sasu Tarkoma

Standards for improving SSD performance and endurance

(P6) "Everyone will benefit from that," cofounder and CEO Alex Lebrun says.

CyberBlock FLASH. User Manual. Meiya Pico Information Co., Ltd.

E-BOOK # GARMIN VIVOACTIVE WAITING FOR SETTINGS ARCHIVE

Transcription:

Towards Secure Deletion on Smartphones Michael Spreitzenbarth GI-Sicherheit 6 th October 2010

Agenda Introduction Background: Wear Leveling Towards Secure Deletion on Symbian OS Conclusion & Future Work

Introduction I smartphones are increasingly used as mobile office they are more frequently equipped with GPS for navigation purposes => smartphones store a lot of sensitive data

Introduction II the second market (e.g. ebay) for smartphones is increasing many manufacturers simply replace the phone with a refurbished one if it malfunctions => the deletion of data becomes more and more important

Obstacles smartphones offer only a limited user-interface the user s activities are often restricted to interaction with preinstalled tools mobile devices typically use flash chips to store data and these components use a technique called wear leveling

Wear Leveling I the content of flash chips can only be changed a limited number of times afterwards so much voltage or time is required to write on the cell that it becomes impractical to use it any further => wear leveling provides a method to distribute the access at times when it is detected that they are receiving significantly uneven use

Wear Leveling II

Wear Leveling III the intention of this process is even wear of the storage space according to Symbian [6] and Samsung [5], Nokia uses in its current device series Samsung OneNAND storage this storage has a special modification of the known wear leveling techniques [2]

Wear Leveling Process No No YES YES

Towards Secure Deletion on Symbian Smartphones we developed a tool that helps to securely delete data on Symbian driven smartphones the tool is named SecDel and is written in Python

SecDel I Overview of the Tool SecDel currently possesses the ability to delete SMS messages, telephone directories, as well as calendar entries it contains an update-function, which allows the user to load modules via the Internet we have included a remote service function to run the deletion process remotely

SecDel II The Deletion Process a list of all entries in the telephone directory is created the user can choose the entry he wants to delete SecDel overwrites every part of this entry with a maximum amount of X SecDel deletes this entry with the help of a system API call

Some Impressions

Evaluation I all operations and testings have been realized on a Nokia E90 with Symbian 9.2 and a Nokia N70 with Symbian 8.1 flasher-tools like Twister Box will not work for verification only a few technical possibilities exist

The Software Agent I

The Software Agent II fast and easy to use is based on system API calls automated process offers analysis on a higher level

Desoldering the Chip high technical knowledge and equipment is needed time-consuming offers in depth analysis of the flash chip

Evaluation II => due to the fact that we did not have the technical possibilities to desolder the flash chip, we chose the software agent for verification

Evaluation III we used the software agents MIAT [1][4] and Panoptes [7] => as a result these tools are not able to restore any deleted data => the most perfect solution for the verification would be the desoldering of the flash storage chip and the subsequent direct analysis of this element

Conclusion we presented a tool which tries to delete personal data in a more secure way the tool first overwrites the data with garbage and deletes this garbage afterwards unfortunately we were not able to thoroughly verify the deletion we could prove with the help of tools like Panoptes [7] and MIAT [1][4]

Future Work optimization of the evaluation procedures (e.g. desoldering of the flash chip) transferring SecDel to Android OS forensic analysis of the Android OS and Android file system (YAFFS2)

Thank you very much for your Attention Michael Spreitzenbarth University of Mannheim Laboratory for Dependable Distributed Systems 68131 Mannheim - Germany spreitzenbarth@informatik.uni-mannheim.de

References I [1] Alessandro Distefano and Gianluigi Me. An overall assessment of Mobile Internal AcquisitionTool. Digital Investigation, 5:121 127, 2008 [2] Flash Software Group. XSR1.5 WEAR LEVELING. Technical report, Samsung Electronics Co., Ltd, 2007 [3] Karl MJ Lofgren, Robert D Norman, Gregory B Thelin, and Anil Gupta. Wear Leveling techniques for flash EEPROM systems. United States Patent, April 2008

References II [4] Pontjho M. Mokhonoana and Martin S. Olivier. Acquisition of a Symbian Smart phone s Content with an On-Phone Forensic Tool. Technical report, Information and Computer Security Architectures Research Group, 2007 [5] SAMSUNG OneNAND, September 2009 [6] Symbian Press. Plattform Security & OS Internals [7] Michael Spreitzenbarth. Mobile Phone Forensics. Diploma Thesis, University of Mannheim, 2009.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback