NordSec 2024 - Paper accepted

26 September 2024

Our work in a nutshell:

In recent years, Unmanned Aerial Vehicles (UAVs) or drones have gained attention for various applications, with mainstream brands like DJI dominating the civil market. However, DIY drones pose unique challenges due to their use in unconventional and illegal activities, but research into their digital forensic examination remains limited. This paper addresses the gap by conducting a comprehensive case study on a DIY drone, focusing on both assembly and digital forensics, revealing that hardware identification is the most critical step in the examination process.

This work has been developed in the project FOCUS. FOCUS (reference number: 13N16510) is partly funded by the German ministry
of education and research (BMBF) within the research programme “Anwender – Innovativ: Forschung für die zivile Sicherheit II”.

43cbfc4b-e763-445a-840e-e58a8a712028.jpeg

 

Paper Details:

Title: "Beware of the Rabbit Hole -- A Digital Forensic Case Study of DIY Drones"

Authors: Samantha Klier, Mario Winkler and Harald Baier

Abstract:  In the past years, Unmanned Aerial Vehicles (UAVs), commonly known as drones, have drawn attention for commercial, military and private use and thus emerged as a significant source of digital evidence. As of today both the research community and commercial software manufacturer focus on UAV mainstream brands such as DJI, which holds a market share of roughly 80% of the civil market. On the other side Do-It-Yourself (DIY) drones are well suited for unconventional and illegal
activities due to their technical capabilities and the legal limitations of commercial drones. However, the community currently lacks research of the examination of DIY drones. In this paper we address this research gap by conducting a comprehensive case study of a sample DIY drone. Our case study comprises both the assembly and the digital forensic perspective of DIY drones. Our systematic digital forensic examination within our case study follows the well-known process steps, i.e. preparation, acquisition, analysis. We provide insights into the peculiarities of each step and reveal that the identification of the hardware components
and the corresponding examination is the most critical step.

Aktuelles

ForTrace Workshop @ DFRWS APAC 2024

We are offering a workshop at DFRWS APAC 2024 on our data synthesis framework ForTrace.

IWODF 2024 - Paper accepted

Our paper on "Scenario-based Data Set Generation for Use in Digital Forensics: A Case Study" was accepted for presentation at the IWODF (INFORMATIK) 2024.

IMF 2024 - Two papers accepted

Our two papers on "Data Synthesis is Going Mobile – On Community-driven Dataset Generation for Android Devices" and "Causal Inconsistencies are Normal in Windows Memory Dumps (too)" were accepted for presentation at the IMF 2024.

Vortrag des Forschungsinstituts CODE auf der 31. DFN-CERT Konferenz in Hamburg

Als externer Doktorand stellte Michael Mundt die Arbeit "Gib dem Dino Futter – adaptive Detektion von Bedrohungen in KRITIS-Netzwerken mittels Open-Source-Forensik" auf der 31. DFN-CERT Konferenz am 30./31. Januar vor.

ForTrace Workshop @ DFRWS EU 2024

We will present our research on the ForTrace data synthesis framework for digital forensics at the DFRWS EU 2024.

DFRWS EU 2024 - Two papers accepted

Our two papers on "Hypervisor-based Data Synthesis: On its Potential to Tackle the Curse of Client-side Agent Remnants in Forensic Image Generation" and "Ubi est indicium? On Forensic Analysis of the UBI File System" were accepted for presentation at the DFRWS EU 2024.