Presented by the Applied Forensic Computing Group
What is this challenge about?
More and more data is stored and shared by digital devices in our networked world. Thus, in almost any kind of crime investigation, be it actual cybercrime or more conventional crime such as murder or blackmail, such devices have to be analyzed in order to acquire digital evidence. The field of applying scientific methods from computer science to seize and analyze digital evidence in order to help answer questions of law is called forensic computing or digital forensics.
Interested? Get the full story below!
In the FAU Open Research Challenge Digital Forensics, a forensic image that has been acquired from a presumably hacked Smart Home System has to be forensically analysed. The mentioned system was used for video room-surveillance in a security critical area where high value commodities of a facility that needs to remain secret are stored.
Your goal is to analyse the provided image and to answer some of the following questions:
- What tasks were carried out by the system and how?
- What software was used by the system?
- Which hardware was used?
- What peripheral equipment has been attached to the system?
- Has the system indeed been compromised?
- If so, how did the attacker compromise the system and what was/is the impact of the attack?
- Has data about the secret facility been leaked, and if so, what kind of data (in general) and which specific data?
- If data has been leaked, how? Where is the dropzone?
The more you can find out, the better! To win this contest, you might use your favourite state of the art tools or even develop own tools, too. All this will be taken into account when choosing the contest winner!
You find the image behind this link. Good luck!
zipped version (might not extract properly on every system):
Join the discussion or look for a team or team members >>HERE<< !
The final submission to this Challenge has to include the following:
- A forensic report in form of a PDF document that sums up all your findings, as well as an explanation of how you achieved those results and which tools have been used.
- All scripts/tools that you developed to solve the challenge, packed into a ZIP/TAR/RAR container. Those tools can be referred to in the report and will also be rated. The winner of the contest will further be allowed (but not forced) to publish his own tool suite via the FAU website.
To join the challenge, also see the general rules for the FAU Open Research Challenge. Detailed information on the submission process for this challenge will be posted in time.
References and Reading Material
- Carrier, Brian: File System Forensic Analysis. Boston, MA, USA : Addison-Wesley Pub. Co. Inc., 2005
- Carrier, Brian. "The sleuth kit." (TSK). http://www.sleuthkit.org/sleuthkit/. Online 2015.
- Casey, Eoghan: Digital Evidence and Computer Crime: Forensic Science, Computers, and the Internet. Academic Press, 2011. – 3rd Edition
- Cohen, Fred: Digital Forensic Evidence Examination. ASP Press, 2011
- Garfinkel, Simson L. "Automating disk forensic processing with SleuthKit, XML and Python." Systematic Approaches to Digital Forensic Engineering, 2009. SADFE'09. Fourth International IEEE Workshop on. IEEE, 2009.
- Garfinkel, Simson L. „Forensics Wiki“. http://forensicswiki.org/wiki/Main_Page. Online 2015.
- Richard III, Golden G., and Vassil Roussev. "Scalpel: A Frugal, High Performance File Carver." DFRWS. 2005.
- United States Air Force Office of Special Investigations and The Center for Information Systems Security Studies and Research. "Foremost Filecarver". http://foremost.sourceforge.net/. Online 2015