Digital Forensics

More and more data is stored and shared by digital devices in our networked world. How secure is this information and how can potential hacks be proven and investigated? This is your chance to help advance digital Crime Scene Investigation methods!

Friedrich-Alexander-Universität Erlangen-Nürnberg Friedrich-Alexander-Universität Erlangen-Nürnberg

Content

Digital Forensics

Presented by the Applied Forensic Computing Group

What is this challenge about?

More and more data is stored and shared by digital devices in our networked world. Thus, in almost any kind of crime investigation, be it actual cybercrime or more conventional crime such as murder or blackmail, such devices have to be analyzed in order to acquire digital evidence. The field of applying scientific methods from computer science to seize and analyze digital evidence in order to help answer questions of law is called forensic computing or digital forensics.

Interested? Get the full story below!

The Case

In the FAU Open Research Challenge Digital Forensics, a forensic image that has been acquired from a presumably hacked Smart Home System has to be forensically analysed. The mentioned system was used for video room-surveillance in a security critical area where high value commodities of a facility that needs to remain secret are stored.

Your Task

Your goal is to analyse the provided image and to answer some of the following questions:

  • What tasks were carried out by the system and how?
  • What software was used by the system?
  • Which hardware was used?
  • What peripheral equipment has been attached to the system?
  • Has the system indeed been compromised?
  • If so, how did the attacker compromise the system and what was/is the impact of the attack?
  • Has data about the secret facility been leaked, and if so, what kind of data (in general) and which specific data?
  • If data has been leaked, how? Where is the dropzone?

The more you can find out, the better! To win this contest, you might use your favourite state of the art tools or even develop own tools, too. All this will be taken into account when choosing the contest winner!

Material

You find the image behind this link. Good luck!

md5: e8310e6cf8520d9a9d0f9eaf16b5b1fa1

sha1: 2aa4126249f8906253a52be66e7cf09ba76f2248

zipped version (might not extract properly on every system):

md5: 5b3d0542e5a96e782a9d4be5abcc8c74

sha1: f1bb9c724f199e51d7a48cd83f225fcaaa3b6517

Join the discussion or look for a team or team members >>HERE<< !

Submission

The final submission to this Challenge has to include the following:

  • A forensic report in form of a PDF document that sums up all your findings, as well as an explanation of how you achieved those results and which tools have been used.
  • All scripts/tools that you developed to solve the challenge, packed into a ZIP/TAR/RAR container. Those tools can be referred to in the report and will also be rated. The winner of the contest will further be allowed (but not forced) to publish his own tool suite via the FAU website.

To join the challenge, also see the general rules for the FAU Open Research Challenge. Detailed information on the submission process for this challenge will be posted in time.

References and Reading Material

  1. Carrier, Brian: File System Forensic Analysis. Boston, MA, USA : Addison-Wesley Pub. Co. Inc., 2005
  2. Carrier, Brian. "The sleuth kit." (TSK). http://www.sleuthkit.org/sleuthkit/. Online 2015.
  3. Casey, Eoghan: Digital Evidence and Computer Crime: Forensic Science, Computers, and the Internet. Academic Press, 2011. – 3rd Edition
  4. Cohen, Fred: Digital Forensic Evidence Examination. ASP Press, 2011
  5. Garfinkel, Simson L. "Automating disk forensic processing with SleuthKit, XML and Python." Systematic Approaches to Digital Forensic Engineering, 2009. SADFE'09. Fourth International IEEE Workshop on. IEEE, 2009.
  6. https://btrfs.wiki.kernel.org/index.php/Main_Page
  7. Garfinkel, Simson L. „Forensics Wiki“. http://forensicswiki.org/wiki/Main_Page. Online 2015.
  8. Richard III, Golden G., and Vassil Roussev. "Scalpel: A Frugal, High Performance File Carver." DFRWS. 2005.
  9. United States Air Force Office of Special Investigations and The Center for Information Systems Security Studies and Research. "Foremost Filecarver". http://foremost.sourceforge.net/. Online 2015
    This challenge is over
    No suggestions found!