Authors: Jessica Hyde
DFRWS APAC 2024
Abstract
This hands-on workshop teaches a methodology for mobile forensic analysis of unsupported applications and artifacts. It teaches a five-part methodology; Discover, Test, Parse, Find, Script and Share. These are necessary skills to parse 3rd party applications to tell factual stories and make scientifically logical inferences based on the presence or lack of data. The workshop addresses common file locations, file system artifacts and their importance to mobile investigations, and how to make logical deductions based on recreating the digital environment with the same hardware and software.
This workshop is both theoretical and practical, offering attendees the chance to properly generate and analyze test data as it pertains to their investigation. This methodology equips investigators with the thought process needed to decode application data when analyzing it for the first time. This methodology also encourages investigators to automate and share their findings, in turn continuing to pour back into the digital forensics space with new community-driven contributions. This workshop focuses on using open-source software for analysis to increase accessibility.
Jessica Hyde is a seasoned professional in the field of digital forensics, with extensive experience in cyber investigations and data integrity. She is the founder of Hexordia, a consultancy specializing in digital forensics, and works closely with law enforcement agencies, legal professionals, and corporations to uncover digital evidence. Jessica is also dedicated to education and training, frequently speaking at industry conferences and conducting workshops to share her knowledge and advance the field.