iPhone Artifact Comparison: Introduction

This semester we will be working on a project which compares the iPhone 3GS, the iPhone 4, and the iPhone 5. The goal of this project is to find the location of where various artifacts are stored on the devices and how they differ from device to device. We will be generating data on the default applications as well as the following applications:

WhatsApp  •Viber • Facebook • Facebook Messenger • Twitter • Google Plus • Skype Yahoo Messenger • Dropbox • Touch • KIK •  EverNote • KakaoTalk • ICQ • Opera Mini • YouTube • Any.do • Snapchat • Line • MySMS • Keepsafe • Yahoo Mail • Chrome • Linkedin • QQ • ooVoo

Once we have generated the data, we will be using Cellebrite and XRY to image the phones and review the data. Variations of this project have been done previously, but we would like to come up with a detailed list of artifacts for computer forensic examiners and law enforcement.

Prior research has been done at the LCDI with the iPhone 3G:

http://computerforensicsblog.champlain.edu/2012/06/08/iphone-forensics/

 

Tools used during this project:

Cellebrite:

http://www.cellebrite.com/mobile-forensics/products/standalone/ufed-touch-ultimate

XRY:

http://www.msab.com/xry/xry-complete

-Maegan Katz

More Research Projects
CyberRange Team: Creating The Perfect Sandbox Environment
The Internet of Things Team: An Inside Look
CyberTech: Creating a Safer Internet Through Education