Monday, January 21, 2013

Project Introduction


Snapchat is a mobile phone application that is now the latest trend.  I am an avid user of the app myself.  The app allows users to send pictures and videos to those on their friends list.  It allows the sender to select the amount of time, which is between one and ten seconds, that the receiver can view the photo or video and then it disappears.

This app is now causing controversy because many people are using it for sexting, or sending other inappropriate images.

So, everyone who has the app is wondering what exactly happens to this photo or video after it disappears?  Snapchat claims that the data is not stored on its servers, so how can it ever be recovered?  That is where my capstone project comes in.

The goal of my capstone is to see if it is possible to forensically recover the image or video sent through the snapchat app. The field of digital forensics is moving quickly over from computers to mobile devices such as cell phones and tablets.  So, if this project and research is a success this can benefit law enforcement in doing mobile forensics where the snapchat app is installed on the device.

Here is my plan of what devices and tools I will be using to complete my capstone:

Devices
  • iPad - iOS 6.0.1
  • iPhone 5 - iOS 6.1
  • AT&T Avail - Gingerbread Android Version 2.3.4
Forensic Tools
  • Cellebrite
  • XRY
  • Oxygen Forensic Suite
  • Volatility or other memory analysis tools


The first phase of this project is going to involve researching methods to recover data from mobile devices. 

Please follow my blog to see the progress I make on this project over the next few months!

10 comments:

  1. I know that this method works for getting snapchat videos off an iPhone after they have been watched. Hope this helps.

    http://www.redmondpie.com/how-to-save-facebook-poke-or-snapchat-pictures-and-videos-received-on-iphone/

    ReplyDelete
  2. Have you consider trying to perform the forensic tasks using less automated cellphone forensic tools like Open Source tools (due to drop in budgets)[i.e. Bitpim] ?

    ReplyDelete
  3. I am using these tools because I have them available to me through Champlain College. I am considering other methods. I will also be jailbreaking the iphone to get a memory dump and physical image.

    ReplyDelete
  4. Was you ever able to recover the image or video sent through the snapchat app?

    ReplyDelete
  5. I am interested in your methodology and results for this research. Can you please email me at bryan@ambientdata.com. Thank you.

    ReplyDelete
  6. Any additional info on your research? Can you post your contact info or email me at forens0110100101100011@gmail.com? Thank you.

    ReplyDelete
  7. Really nice post..........i like it very much......Thank you for sharing it..........Get more
    latest mobile price
    smartphone
    bd

    ReplyDelete
  8. Hi Christine, great work! A lot has changed for Snapchat over the past three years-- are you still doing research? My main focus has been on pulling information from the personal story files after taking a logical dump from the iPhone's Snapchat directory using Winhex. I would love to talk to you about this (evilbean @ cox . net).

    ReplyDelete