tag:blogger.com,1999:blog-71377980434668443552024-02-28T23:41:24.967+00:00Mobile & Technology ExplorationInvestigations, Practices and Procedures: Seizure-Forensic Examination-Evidence. Cellular and Satellite Telephones, Call Records-Billing Data, Cell Site Analysis. Telecomms. Computer and Network Analysis. GPS devices & Jammers, Cyber, IoT forensics.TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.comBlogger737125tag:blogger.com,1999:blog-7137798043466844355.post-2941368119329129362023-08-06T18:34:00.004+00:002023-08-06T18:34:53.703+00:00Practical Digital Forensics (Book 2023)Practical Digital Forensics. Forensic Lab Setup, Evidence Analysis, and Structured Investigation Across Windows, Mobile, Browser, HDD, and Memory ISBN: 9789355511454Table of Contents1. Introduction to Digital ForensicsIntroductionStructureObjectivesDefining digital forensicsDigital forensics goalsDefining cybercrimeSources of cybercrimeComputers in cybercrimesDigital forensics categoriesComputer TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-15194577862238552732023-07-02T10:58:00.001+00:002023-07-02T10:58:30.316+00:00Device Access Platforms Visual RepresentationDevice Access Platforms Visual RepresentationBack in 2016 I commented briefly about "Exploration - missing the micro-evidence" (https://trewmte.blogspot.com/2016/03/exploration-missing-micro-evidence.html) from which I have copied the image and pasted below.Please bear in mind that when considering the 3 linked posts (below) with the architecture displayed in the image, it provides a relevant TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-63195918783326104182023-07-02T10:38:00.000+00:002023-07-02T10:38:04.947+00:00Integrated embedded SIMs (eSIMs)Integrated embedded SIMs (eSIMs)As more and more devices and products are having eSIMS (embedded SIMs) integrated at the board and circuitry level keeping abreast of the latest specifications and standards are not always easy in a cloud and digital forensics or DFIR (Digital Forensics Incident Response) given we live in today's multi-tech society. The Machine-to-Machine (M2M) documents belowTrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-2236975675365385372023-07-02T09:52:00.000+00:002023-07-02T09:52:36.337+00:00USIM Expanded Directories and Files 3GPP TS 31.102 V18.1.0 (2023-06)3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Characteristics of the Universal Subscriber Identity Module (USIM) application (Release 18)The expanded Directory Files (DFs) and Elementary Files (EFs) under the Master File (MF) take into account data and evidence that could be relevant to evidence in theTrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-72639664052121001312023-07-02T08:34:00.000+00:002023-07-02T08:34:54.626+00:00USIM Expanded Capabilities Pt2USIM Expanded Capabilities Pt23GPP TS 31.102 V18.1.0 (2023-06)3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Characteristics of the Universal Subscriber Identity Module (USIM) application (Release 18)The following abbreviations apply. It is worth noting that with 5G whilst you may know what the acronym "PIN" stands for, do you know what "TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-23031754960401874092023-07-02T08:22:00.000+00:002023-07-02T08:22:20.940+00:00USIM Expanded Capabilities Pt13GPP TS 31.102 V18.1.0 (2023-06)3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Characteristics of the Universal Subscriber Identity Module (USIM) application (Release 18)Updating past topics published here. EF-UST (148)-Services EFUST (USIM Service Table)Contents: Service n°1: Local Phone BookService n°2: Fixed Dialling Numbers (FDN)TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-13300048912089366792021-01-24T17:46:00.000+00:002021-01-24T17:46:15.063+00:00Cyber: Cyber Security for Consumer Internet of Things (IoT) Still olden but golden, when it comes to IoT Connected DevicesI have briefly touched upon IoT (Internet of Things) at my blog previously:Fast moving wireless worldhttps://trewmte.blogspot.com/2014/10/fast-moving-wireless-world.htmlThe Internet of Things (IoT)https://trewmte.blogspot.com/2016/03/the-internet-of-things-iot.htmlThe Rise of (IoT) Domestic Appliance Forensic Examinershttps://TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-90600718917540283642021-01-01T16:07:00.005+00:002021-01-02T08:14:31.317+00:00CSA Location Determination Investigations - The continuing missionRecalling that I have posted here at trewmte.blogspot and cellsiteanalysis.blospot over the years was to assist interpretation of data and testing for cell site anslysis and elements that can be used when conducting investigations, I have posted below a few of the weblinks to help this discussion along.https://trewmte.blogspot.com/2014/07/csa-site-survey-method3mobility-models.htmlhttp://TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-55844093724227759642021-01-01T14:49:00.000+00:002021-01-01T14:49:06.482+00:00DoDM 8570 Baseline CertificationCrikey! Whilst DoDM 8570 requires at least one base line certificate this roadmap suggests if you want to take all these certificates it would run to n-years of your life just taking certs. Realistically, useful to see what certs can be taken to meet the requirements. Image from https://public.cyber.mil/cw/cwmp/dod-approved-8570-baseline-certifications/TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-10991033716443391752021-01-01T14:40:00.008+00:002021-01-01T14:40:55.860+00:00Security! It's a state of mind... TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-11218620559610013822020-12-01T12:45:00.001+00:002020-12-01T12:45:17.775+00:00Metrics & CISO Series (2)Following up on my earlier post on Metrics & CISO Series ( metrics-ciso-series ) and how Metrics has relevance to digital forensics I did refer to books, standards and the Forensic Science Regulator. To add more references where digital forensics Metrics has been recognised as important to understanding digital forensics contribution-value to the Criminal Justice Systems (CJS):TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-3015041014118047262020-11-25T15:08:00.001+00:002020-11-25T15:12:41.003+00:00Metrics & CISO SeriesHow well are digital forensic laboratories coping and performing, whether accredited to ISO17025 or not, in a Covid-19 world? Is Metrics relevant to digital forensics? In the first instance it largely depends whether there is a need for Qualitative and Quantitative (Q&Q) process in place that requires measurement to understand Capex, RoI, the performance of people and systems (for TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-31872691613990464622020-05-17T13:09:00.002+00:002020-05-17T13:13:52.536+00:00EXAMINING THE CHALLENGES OF POLICING ECONOMIC CYBERCRIME IN THE UKWhen preparing this review use was made of trialling numerous AI (artificial intelligence) tools to assist in the collection of standard definition terms and the article's reference sources. The purpose in using AI tools is determine if the tools produce inaccuracies and, if it is found, such tools can accurately produce validated results&TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-34433837025760267452020-01-09T14:19:00.000+00:002020-01-09T14:58:27.547+00:00eSIM - Observing Possible Outcomes Part 2.0Welcome to 2020 and before us the start of the new year and, more importantly, the start of a new decade. So lets start out with a strong, confident approach and make sure we all understand this newish technology called eUICC, eSIM, and even iSIM.
This Part 2 of the discussion will refine and define observations that have been generally stated in Part 1 (R6); TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-83163198457544983292019-12-06T15:42:00.000+00:002019-12-06T15:42:20.784+00:00eSIM - Observing Possible Outcomes Part 1Back in 2012 I wrote about the introduction of a new form factor for SIM Cards (4FF). The outline and a potted history of SIM Card form factors were illustrated and in a separate post the first ETSI standard defining this new form factor (4FF) - (R1) and (R2).
Seven years down the line in (2019) ARM Limited produced a useful graphics of where eSIM is placed in the evolutionary TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-77835354460384668992019-12-05T14:33:00.001+00:002019-12-05T14:34:59.546+00:00Update3 - HERREVAD Databases Geo Location ArtefactsThis is the continuing/on-going research and discovery into HERREVAD Databases Geo Location Artefacts.
Back in 2017 little was known about HERREVAD and I posted at my blog my views that it had potential for cell site analysis and possible mobile user geographical location/s. I have found further materials on it in a useful web-article (Making Sense of OSINT Cell Tower Data for TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-57324345824031428672019-09-17T11:21:00.001+00:002019-09-17T11:21:36.815+00:00Policing today As the murder investigation into the appalling and tragic death of PC Andrew Harper is on going https://www.bbc.co.uk/news/uk-england-berkshire-49726196 I am sure I am sharing thoughts others have already stated long before me; not preaching, just asking:
&TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-14410099354225559332019-08-17T09:00:00.000+00:002019-08-17T09:32:53.586+00:00Observations from the digital backyard-2Good to have a catch-up chat with my old friend Vinny Parmar. Vinny holds the position Higher Digital Forensics personnel responsible as the Quality Representative (QR) for the Computer Forensics Department at West Midlands Police (WMP); the team responsible for having achieved UKAS Accreditation (iso17025) and ensuring its continued compliance and maintaining the standards. It is during my TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-80109455143209775972019-06-03T05:47:00.000+00:002019-06-03T05:47:12.218+00:0075 Years Remembrance D-DAYReposting my blog-post back of 06/06/2011 to support remembrance of 75-years of D-Day
D-Day 6th June
I mentioned today's important date to a number of people. Quite a few had forgotten the date and mainly the younger generation didn't know about events that took place on this date back in 1944.
For anyone who may have missed it or might want to know more, here are some links TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-82997188960224946832019-05-21T12:14:00.001+00:002019-05-22T13:16:52.466+00:00Update2 - HERREVAD Databases Geo Location Artefacts This second update concerns HERREVAD Databases Geo Location Artefacts referred to by me in my previous posts:
Update - HERREVAD Databases Geo Location Artefacts (2018)
http://trewmte.blogspot.com/2018/07/update-herrevad-databases-geo-location.html
and
HERREVAD Databases Geo Location Artefacts (2017)
http://trewmte.blogspot.com/2017/02/herrevad-databases-geo-location.html
Due to lack of TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-34942136849573844182019-05-21T11:44:00.002+00:002019-05-22T13:17:41.149+00:00DRONE FORENSICSThere is a good article about Drone Forensics in eForensics Magazine. The synopsis for the article states:
"The project begins to look into the broad range of UAVs that are likely to be encountered by police forces in the UK, specifically targeting the more budget end of the spectrum whilst still having all the functionality required to commit a range of crimes. The project TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-86070806560763940542019-05-09T17:50:00.001+00:002019-05-11T07:57:05.934+00:00Observations from the digital backyard...I have been meaning to post on this subject for a while so without being side tracked again, here goes..
Very good work by Brett Shavers over at 'DFIR Training (Brett Shavers)' who is aiming to create 'The most complete DFIR resource on the planet.' Brett has sure done a great job so far and receives regular plaudits for his work; so be ensure you have time to drop in on his site https://TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-29156952027544709002019-04-25T13:04:00.000+00:002019-04-25T13:04:00.513+00:00Tricking AI - lessons for surveillance cameras
Fooling automated surveillance cameras: adversarial patches to attack person detection
WATCH THE VIDEO
Adversarial attacks on machine learning models have seen increasing interest in the past years. By making only subtle changes to the input of a convolutional neural network, the output of the network can be swayed to output a completely different result. The first attacks did this by TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-64079199740139986182019-04-25T12:47:00.001+00:002019-04-25T12:47:34.665+00:005G-NR False Base Stations (Part 2)Going forward with further discussions about FBS (false base stations) considering detection and prevention approaches that can be taken to act as a deterrent against them or their use; it is inescapable thus unavoidable that readers need to be aware of the meanings of abbreviations and definitions adopted for 5G and the reason for my trewmte blog look-up TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0tag:blogger.com,1999:blog-7137798043466844355.post-1704529232503646952019-04-22T08:27:00.000+00:002019-04-22T08:27:52.174+00:005G-NR False Base Stations (Part 1)This is my first technology post for a while at trewmte blogspot as my time in research now extends to 5G-NR; network investigations; connected cars and autonomous vehicles; drones; in addition to existing digital forensics, smartphone examinations and cell site analysis. I have a number new insights and revelations for readers this year about the aforementioned subjects. So I will be TrewMTEhttp://www.blogger.com/profile/14383857668167815289noreply@blogger.com0