I will be presenting on forensic analysis processes and techniques at the following conferences this summer:
BSides NOLA – May 30th, 2015
HTCIA/ISSA in Los Angeles – June 4th, 2015
SANS DFIR Summit in Austin – July 7th & 8th, 2015
HTCIA Orlando – August 30th – September 2nd, 2015
To whet your appetite for the presentation, here is an outline of the talk. You’ll note that we cover everything from why you should be interested in this material to an overview of a typical UAV to an analysis process to specific analysis steps for each component to real time analysis techniques.
Overview:
- Market Growth and Jobs
- Illegal and inappropriate activity
- Anti-drone solutions
- Terminology
Scenario
DJI Phantom 2 – Example UAV
Available Evidence
- What Physical Evidence is Available?
- What Digital Evidence is Available?
- What Is In The UAV
- Physical, digital, and other evidence
- UAV Operating systems
Analysis Overview:
- Workflow
- Guiding Principles
Walkthrough of an exam
- UAV:
- UAS Exam – UAV
- Linux Systems on the DJI Phantom
- Linux Systems – Gotchas
- UAV Exam – SDKs and Live UAV
- Sensors:
- Sensor and Sensor Data
- Sensors – Optical
- Sensors – EXIF Data
- UAS Exam – Sensor Data
- UAS Exam – Launch Point Evidence
- UAS Exam – Ground Control Station
- UAS Exam – Home & Office Evidence
Scenario – real time
- Real Time Analysis
Closing Thoughts
Challenges & Solutions