BATTLEFIELD DIGITAL FORENSICS
BDF_Battlefield_Digital_Forensics_final
BDF_Battlefield_Digital_Forensics_final
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Figures<br />
Figure 1. The Targeting Cycle [3]........................................................................................................................... 11<br />
Figure 2. Transparent USB drive. .......................................................................................................................... 15<br />
Figure 3. A faulty laptop explosive device used in a 2013 attack on Mogadishu, Somalia ................................... 16<br />
Figure 4. Faraday Cage. ......................................................................................................................................... 17<br />
Figure 5. DTN example of store-and-forward functionality [11]........................................................................... 22<br />
Figure 6. High level examples of DTN-based and opportunistic networking. ....................................................... 23<br />
Figure 7. Example USB slot in a motherboard. ..................................................................................................... 31<br />
Figure 8. Autothysis128t ....................................................................................................................................... 33<br />
Figure 9. Piles of dead hard drives. ....................................................................................................................... 34<br />
Figure 10. Examples of messy cable management setups from server rooms. .................................................... 35<br />
Figure 11. a) PiZero Cluster and b) an example design of the case for it. ............................................................. 35<br />
Figure 12. CinnXP-Luna theme in Linux; it looks similar to Microsoft Windows XP. ............................................. 36<br />
Figure 13. a) Hand-soldered example of USB Killer and b) the same device obfuscated to look like a regular USB<br />
flash drive. ............................................................................................................................................................. 39<br />
Figure 14. How to remove battery from a laptop (example). ............................................................................... 45<br />
Figure 15. a) Firewire port on the laptop (port in the middle) [29] and b) two Firewire ports [30]. .................... 45<br />
Figure 16. Locating computer’s drive bay with the hard drive [36]. ..................................................................... 49<br />
Figure 17. Removing the drive from the drive bay [36]. ....................................................................................... 49<br />
Figure 18. Removing the drive from the drive bay [36]. ....................................................................................... 49<br />
Figure 19. Unplugging data cable and power cable [36]....................................................................................... 50<br />
Figure 20. Unplugging the SATA data cable and SATA power cable from the SSD drive [37]............................... 50<br />
Figure 21. ABSOLUTE System Architecture. .......................................................................................................... 58<br />
Figure 22. Smart Dust sensor. ............................................................................................................................... 59<br />
Table<br />
Table 1. Statistical Gatherable Intelligence Table, based on Chapter 8. ............................................................... 29<br />
Flowcharts<br />
Flowchart 1. Collecting digital evidence................................................................................................................ 14<br />
Flowchart 2. Anti-forensics mapped to SIDSS. ...................................................................................................... 41<br />
Flowchart 3. Exfiltration process. .......................................................................................................................... 42<br />
Flowchart 4. Portable devices collection process. ................................................................................................ 44<br />
Flowchart 5. Non-portable devices collection process. ........................................................................................ 47<br />
6