Embedded Forensics: An Ongoing Research About SIM/USIM Cards

Free registration required

Executive Summary

This paper is aimed at providing an introduction into the field of embedded forensics, or Small Scale Digital Device Forensics (SSDDF) and ongoing research in this field. Embedded forensics encompasses a range of practices and methodologies on such platforms that can be used in digital forensics investigation. This paper introduces the world of smart cards, detailing the physical and logical building blocks that are the groundwork for understanding the complexity of embedded systems. It discusses some security issues regarding the smart card, giving examples of the hi-tech attacks used to steal information from the SIM/USIM file system. It provides an overview on the extraction of the standard part of the file-system, along with an algorithm to deal with this problem. This paper also provides an effective methodology to extract all the observable memory content, or the full filesystem of the device, including standard and non-standard files. After presenting the main problems related to the presence of slack space in the filesystem of smart cards, this paper discusses potential cases of data hiding at the filesystem level. Finally, it will provide a detailed and practical approach to the problem that is currently used by forensics practitioners to extract such information.

  • Format: PDF
  • Size: 297.8 KB