Sökning: id:"swepub:oai:DiVA.org:hh-36642" >
Forensics acquisiti...
Forensics acquisition – Analysis and circumvention of samsung secure boot enforced common criteria mode
-
- Alendal, Gunnar (författare)
- NTNU, Gjøvik, Norway
-
- Dyrkolbotn, Geir Olav (författare)
- NTNU, Gjøvik, Norway & Norwegian Defence Cyber Academy (NDCA), Jørstadmoen, Norway
-
- Axelsson, Stefan, 1968- (författare)
- Högskolan i Halmstad,Halmstad Embedded and Intelligent Systems Research (EIS)
-
(creator_code:org_t)
- Kidlington : Elsevier, 2018
- 2018
- Engelska.
-
Ingår i: Digital Investigation. The International Journal of Digital Forensics and Incident Response. - Kidlington : Elsevier. - 1742-2876 .- 1873-202X. ; 24:Suppl., s. S60-S67
- Relaterad länk:
-
https://doi.org/10.1...
-
visa fler...
-
https://doi.org/10.1...
-
https://urn.kb.se/re...
-
https://doi.org/10.1...
-
visa färre...
Abstract
Ämnesord
Stäng
- The acquisition of data from mobile phones have been a mainstay of criminal digital forensics for a number of years now. However, this forensic acquisition is getting more and more difficult with the increasing security level and complexity of mobile phones (and other embedded devices). In addition, it is often difficult or impossible to get access to design specifications, documentation and source code. As a result, the forensic acquisition methods are also increasing in complexity, requiring an ever deeper understanding of the underlying technology and its security mechanisms. Forensic acquisition techniques are turning to more offensive solutions to bypass security mechanisms, through security vulnerabilities. Common Criteria mode is a security feature that increases the security level of Samsung devices, and thus make forensic acquisition more difficult for law enforcement. With no access to design documents or source code, we have reverse engineered how the Common Criteria mode is actually implemented and protected by Samsung's secure bootloader. We present how this security mode is enforced, security vulnerabilities therein, and how the discovered security vulnerabilities can be used to circumvent Common Criteria mode for further forensic acquisition. © 2018 The Author(s). Published by Elsevier Ltd on behalf of DFRWS.
Ämnesord
- NATURVETENSKAP -- Data- och informationsvetenskap -- Datavetenskap (hsv//swe)
- NATURAL SCIENCES -- Computer and Information Sciences -- Computer Sciences (hsv//eng)
- TEKNIK OCH TEKNOLOGIER -- Elektroteknik och elektronik -- Inbäddad systemteknik (hsv//swe)
- ENGINEERING AND TECHNOLOGY -- Electrical Engineering, Electronic Engineering, Information Engineering -- Embedded Systems (hsv//eng)
- TEKNIK OCH TEKNOLOGIER -- Elektroteknik och elektronik -- Datorsystem (hsv//swe)
- ENGINEERING AND TECHNOLOGY -- Electrical Engineering, Electronic Engineering, Information Engineering -- Computer Systems (hsv//eng)
- TEKNIK OCH TEKNOLOGIER -- Elektroteknik och elektronik -- Telekommunikation (hsv//swe)
- ENGINEERING AND TECHNOLOGY -- Electrical Engineering, Electronic Engineering, Information Engineering -- Telecommunications (hsv//eng)
Nyckelord
- Common criteria
- CC mode
- Mobile security
- Mobile device management
- Forensic acquisition
- Smart phone
- Samsung secure boot
Publikations- och innehållstyp
- ref (ämneskategori)
- art (ämneskategori)
Hitta via bibliotek
Till lärosätets databas