FLOSS methodologies and tools for IoT forensic investigations

Speaker(s) : Damien Cauquil, Nicolas Kovacs

  • Language : Anglais
  • Level : Confirmed
  • Nature : Conference
  • Date : Tuesday 4 July 2017
  • Schedule : 14h40
  • Duration : 40 minutes
  • Place : Lecture hall J 020

Video : https://rmll.ubicast.tv/videos/investigations_objets_11740/

Public cible : DécideursGeeksProfessionnels

More and more connected devices entered our lives: smart watches, connected locks and padlocks, "smart" medical devices and of course drones. All of these devices may one day be part of an investigation and used to gather evidences and solve cases. But for now, IoT devices related forensic investigations are hard to perform due to the great variety of hardware platforms devices rely on.

During this talk, we will introduce the Hardware Forensic Database, a collaborative initiative aiming at gathering forensic related information on various connected devices that may be of interest and would answer the following questions:
- Does a device have logs and where are they located ?
- What kind of information do these logs contain ?
- How can a forensic investigator gather volatile information on this specific device ?
- Does a device store logs or information in a permanent way ?
- What default passwords are set on a device ?
- How to forensically extract valuable information from a specific device ?

This information is shared on a collaborative platform (the Hardware Forensic Database) that will be publicly available on the Internet.
Moreover, the Hardware Forensic Database also proposes many specific opensource tools (software and 3d printed hardware) in order to extract information from some well-known devices.

Damien Cauquil , Nicolas Kovacs

Damien Cauquil is a senior security researcher at Digital Security (CERT-UBIK), a French security company focused on IoT and related ground breaking technologies. He spoke at various international security conferences including Chaos Communication Camp, Hack.lu, Hack In Paris, DEF CON IoT Village, and a dozen of times at the Nuit du Hack (one of the oldest French security conferences).

Nicolas Kovacs is a senior security consultant and incident manager at CERT-UBIK (Digital Security). He wrote multiple articles for the French IT Security magazine MISC.

titre documents joints

Slides (PDF - 3.5 Mb)