当前位置: X-MOL 学术 › Digit. Investig. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Sifting through the ashes: Amazon Fire TV stick acquisition and analysis
Digital Investigation ( IF 2.860 ) Pub Date : 2019-01-14 , DOI: 10.1016/j.diin.2019.01.003
M. Hadgkiss , S. Morris , S. Paget

The Amazon Fire TV Stick is a popular device that is the centre of entertainment for many homes. Its collection of functions and features generates a considerable amount of data, giving this device the potential to be included in a multiple investigations. Highlighting a clear requirement for a forensic analysis of the device.

Previous research of smart entertainment devices focuses on the larger areas of the market including Smart TV's, smart speakers and smart watches. All have provided potential forensic artefacts that can be used in investigations. However, data is often acquired using methods that can compromise the forensics of the data.

An Amazon Fire TV Stick was populated with data following a methodology that captured the multiple uses of the device. A chip off acquisition method was then applied to acquire a forensic image. Analysis demonstrated there were a number of artefacts recoverable relating to the system, users and Kodi. The majority of the relevant artefacts identified were located in SQLite3 databases and XML files.



中文翻译:

筛选灰烬:Amazon Fire TV电视棒的获取和分析

亚马逊消防电视棒是一种流行的设备,是许多家庭娱乐的中心。它收集的功能和特性会产生大量数据,从而使该设备有可能被多次调查。强调对设备进行法医分析的明确要求。

先前对智能娱乐设备的研究集中在市场的更大领域,包括智能电视,智能扬声器和智能手表。所有这些都提供了可用于调查的潜在法证伪像。但是,通常使用会损害数据取证的方法来获取数据。

按照可捕获设备多种用途的方法,将数据填充到Amazon Fire TV Stick中。然后应用碎片提取方法来获取法医图像。分析表明,存在与系统,用户和Kodi有关的许多可修复的伪像。识别出的大多数相关文物都位于SQLite3数据库和XML文件中。

更新日期:2019-01-14
down
wechat
bug