Ben Khodja, a current IIT Master of Cyber Forensics and Security student, and Terence Fernandes, a Master of Computer and Network Security 2012 alumnus, discussed cell phone forensic software tools during the ITMS 555 Mobile Cyber Forensics course on Monday, November 10 at the School of Applied Technology (SAT) in Wheaton. Fernandes, a mobile security engineer and team lead at viaForensics, an Oak Park, Ill. company that is a world leader in cell phone forensics, and Khodja, a former intern who has developed one of the best MP3 steganalysis tools available, discussed viaExtract and viaLab, two tools developed by viaForensics.
Data present on a mobile device might consist of one or more artifacts crucial to an investigation, including contact lists, call records, photos, downloads, messages (emails, text messages, and instant messages), application-specific information (such as a list of Facebook friends), and information about the device itself (such as a list of all of the applications that are installed as well as which WiFi access points the device has been configured to automatically connect). The viaExtract software by viaForensics has been designed to assist the forensic investigator with the ability to perform various types of data extractions on a wide range of devices running the Android mobile operating system and soon, Apple’s iOS mobile operating system. Khodja discussed and demonstrated viaExtract’s data-extraction capabilities as well as other features that have been implemented to assist with the investigation process.
ViaLab, a recently announced product from viaForensics, is helpful for security-minded analysts. Fernandes discussed different areas of mobile security to better understand how the tool can help running forensic, network and code analysis. Examples using real-world apps and quick demos highlighted some of the features. Also discussed was the CE edition, and some of the exciting developments planned for the product.