Advances in Forensic

Data Acquisition
Felix Freiling, Tobias Groß, Tobias Latzo,
Tilo Müller, and Ralph Palutke
Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU)

for law enforcement as

Editor’s note: well as the difficulties of
You all know this from watching CSI: When a crime is committed, usually accessing the stored data
some form of digital evidence is left on devices such as computers, mobile as evidence.
phones, or the navigation system of a car a suspect has used. Indeed, law Smartphones are not
enforcement agencies are regularly interested in data from personal ­devices the only source of digi-
to find evidence, guide investigations, or even act as proof in a court of law. tal evidence today. Any
This tutorial article by Felix Freiling et al. mentions the San ­Bernadino case as
device that stores data
a prominent example. But how do police investigators go about a ­ ccessing
can come into the focus
this evidence? Is what is shown on TV realistic? Whereas, in times of ­classical
hard disks (HDDs), accessing data was quite easy due to the ­non-volatility of law enforcement, be it
of the memory device. However, this is getting increasingly difficult because a usual desktop or tablet
of developing technologies like SSDs, other forms of flash storage, and, in computer, a navigation
particular, for volatile memory such as RAM, with the major problem being to system, a home router or
read out data while guarding “authenticity.” any “smart” home appli-
In the past ten years, there has been some substantial development in the ance like a fridge or a
area of forensic data acquisition, which is summarized by the article. It coffee machine. In the
gives clear indications of what currently can be technically done and what
common cases of smart-
cannot be done by police investigators. So, if you watch CSI again and the
phones, law enforcement
cops need to access some digital evidence, you can tell truth from fiction.
—Jürgen Teich, Friedrich-Alexander-Universität Erlangen-Nürnberg is already aware of the
value of the data stored
on these devices, leading
 In december 2015, two perpetrators attacked to the evolution of a support industry to access this
the Inlad Regional Center in San Bernardino, CA, kill- data. The easy accessibility of such data, however,
ing 14 people. During the investigation, the FBI had has caused manufacturers to implement protective
seized the iPhone 5C of one of the perpetrators. This strategies using cryptography and security hardware,
is a common procedure since such personal devices limiting unlawful access or any access at all. The
store large amounts of private data, allowing to find more uncommon cases (like the smart appliances
out more about the actual events, the motives of the mentioned above) have yet to hit the interest of the
attackers and their possible network of helpers. This police, but it is clear that such devices will go through
case was widely publicized because Apple refused the same evolution as smartphones. We therefore
to cooperate with the FBI in granting access to the believe that users, designers, and manufacturers of
phone [1]. While the FBI finally achieved to unlock such embedded systems should be aware of the
the phone and access the data, the case highlights problems and prospects regarding the use of data
both the importance of data on embedded devices stored on these devices as evidence.
Digital Object Identifier 10.1109/MDAT.2018.2862366 To use data from such devices as evidence in a
Date of publication: 1 August 2018; date of current version: court of law, this data must be acquired in a “foren-
27 September 2018. sically sound” way. While the precise meaning of

September/October 2018 Copublished by the IEEE CEDA, IEEE CASS, IEEE SSCS, and TTTC 2168-2356/18 © 2018 IEEE
63
Authorized licensed use limited to: Charles Sturt University. Downloaded on March 26,2021 at 05:38:03 UTC from IEEE Xplore. Restrictions apply.
 Tutorial
this term varies depending on the juridical system,
it basically states that the acquired data should be
trustworthy, i.e., the risks of accidental or inten-
tional evidence tampering are convincingly mini-
mized. According to good forensic principles, such
evidence should be as “authentic” and “original”
as possible, allowing to make conclusions based
on the evidence as if it had just been seized at the
scene of the crime. Simply claiming that a specific
file that is shown in a court “was found on and was
copied from the suspects computer with xcopy by
officer Smith” is not sufficient today since copying
of files using xcopy changes file system timestamps
(i.e., changes some aspects of the evidence) and
the possibilities of other (un-)intentional changes
by any investigator apart from officer Smith cannot
be ruled out. The fact that such “unsound” methods
in data acquisition can have dramatic real-world
consequences (like false court decisions) reinforces
the importance that academics and professionals in
computer science and computer engineering know
about the intricacies of this field.
Within the big picture of forensic computing
(often also called digital forensic science) data
must be examined and analyzed—after it has been
acquired—with respect to the legal questions con-
cerning the crime at hand, usually following pro-
cedures that are standardized within different legal
systems [2]. The area is developing quickly. We there-
fore necessarily focus on one aspect while directing
the reader elsewhere [3]–[5] for w ­ ell-written and
broader overviews of the field.
We now give an overview of forensic data acqui-
sition with a specific focus on low-level storage
devices like modern hard disk drives (HDDs), solid
state drives (SSDs), flash storage in the form of SD
cards or USB sticks and finally RAM. We begin with
an overview of current practices today (in the “Data
acquisition practices today” section) and later give
an overview of recent research results in the area
(in the “Recent advances” section) that might not
be widely known. We conclude with some general
thoughts on the state and future of this research area.
Data acquisition practices today
Data acquisition is a critical point in the collec-
tion of evidence since it defines the state of evidence
that will be the basis for analysis. Evidence acqui-
sition as well as any subsequent handling of the
seized data must be documented to decrease the
64
Authorized licensed use limited to: Charles Sturt University. Downloaded on March 26,2021 at 05:38:03 UTC from IEEE Xplore. Restrictions apply.
probability of intentional or unintentional changes,
thus forming the starting point of a documentation
trail of the evidence usually called the chain of
custody. There exist excellent handbooks for first
responders on how to identify and seize digital evi-
dence [2], [3]. The main focus until recently, how-
ever, has been on persistently stored data, mainly on
HDDs, for which general procedures on acquisition
and interpretation are well developed [4]. Apart
from the general principle to acquire evidence in
the order of decreasing volatility [5], the standard
practices for the acquisition of volatile data such as
RAM are much less developed.
HDDs
Classical HDDs are still the dominant form of stor-
age and, therefore, digital evidence in practice. HDDs
store their data on a fixed stack of rotating magnetic
platters. The mechanical storage machinery, i.e., man-
aging the physical rotation and reading data using
moving actuator arms from the magnetic surface, is
governed by a small embedded computer system in
itself that runs within the controller board physically
attached to the disk casing. The HDD is attached to
the computer system over standardized interfaces,
the most popular currently being Serial AT Attachment
(SATA).These interfaces do not only define the physi-
cal dimensions of the attachment cables but also the
communication protocol “spoken” over the cable.
Generally, the controller interface offers access
to an HDD as a block device, i.e., read and write
accesses occur at the granularity of a disk sector
which usually consists of 512 bytes. Conceptually, the
HDD offers its sectors as a continuous sequence of
blocks addressed using a logical block address start-
ing with 0. Although the basic design of HDDs has
not changed much during the past 30 years, the level
of integration and equally their storage capacity has
increased dramatically. Today, it is common to find
HDDs with a storage capacity of several terabytes.
Disk imaging. The common and generally ac-
cepted way to acquire data from an HDD is to
access it through its hardware interface direct-
ly. Therefore, usually, the HDD is disassembled
from its original computer and attached to a spe-
cial acquisition computer. To prevent any acci-
dental changes to the data stored on the HDD,
a special write blocking device that blocks all
SATA write commands from passing to the HDD
IEEE Design&Test
is plugged between the evidence HDD and the anal-
ysis computer. Using specific software, individual
blocks from the HDD are read and stored on the ac-
quisition computer in a file. While many commercial
software tools exist to perform this action, the well-
known Linux command dd can also be used. If the
entire HDD is acquired in this way, the resulting file
is usually called an imaged copy (or simply image)
of the original HDD. The result is an image file con-
taining a bitwise 1:1 copy of the original disk. Since
this process does not involve the interpretation of
any data structures like partitions or file systems on
the disk, the current practice of evidence acquisi-
tion for HDDs also allows to retrieve inconsistent, in-
complete, or otherwise damaged data from the disk.
To increase trust in the copying process, it is
advised that the content of the image is once com-
pared with the content of the original disk. All this
must be reliably documented as part of the chain of
custody. It has become a standard practice to docu-
ment the content of the image file by computing a
cryptographic hash value of the file. Similar to a fin-
gerprint, the hash value is characteristic to the con-
tent of the file, meaning that a change of just 1 bit
results in a completely different hash value. Although
it is still popular to use a single hash algorithm like
MD5 today, it is recommended to use at least two dif-
ferent hash algorithms and to use more secure ones
like Secure Hash Algorithm (SHA)-2 or SHA-3.
For HDDs, the initial hash value taken during
evidence acquisition is one of the most important
pieces of information related to the evidence since
it can be used to prove that any further copy taken
during the investigation also is equal to the original.
Therefore, hash values preserve the integrity of the
evidence. Note that this is based on the assumption
that the contents of the HDD do not change if no
write command is issued through its interface, an
assumption that is generally justified with modern
HDDs, but not so with SDDs, as we will see below.
Problems. Today, disk encryption is the most com-
mon threat to evidence acquisition for HDDs. Al-
though it is also possible to protect individual files
using cryptography, we focus here on full disk encryp-
tion (FDE) meaning the process of encrypting the en-
tire disk volumes, meaning whole drives or partitions.
As illustrated in Figure 1, disk encryption can either
be performed inside the operating system, i.e., on
kernel level (software-based FDE), or inside a hard
September/October 2018
Authorized licensed use limited to: Charles Sturt University. Downloaded on March 26,2021 at 05:38:03 UTC from IEEE Xplore. Restrictions apply.
Figure 1. Software-based FDE compared to
hardware-based FDE. Shaded areas repre-
sent encrypted data.
drive, i.e., on firmware level (hardware-based FDE).
Historically, FDE became widely available to users
through software-based solutions such as BitLocker
(Windows), FileVault (Mac), and dm-crypt (Linux/
Android). Hardware-based FDE is more relevant in
the field of SSDs.These drives are commonly referred
to as self-encrypting drives (SEDs), because they per-
form encryption inside the disk drive controller, such
that encryption keys are not present in a computer’s
main memory or CPU. Note that investigators can still
copy the content of an encrypted disk. However, the
resulting data cannot be interpreted without access
to a secret key or passphrase necessary for the de-
cryption. If the suspect does not cooperate and re-
veals the passphrase, investigators must use of brute
force or, as we explain in “Disk encryption and SEDs,”
the rather new form of hot plug attacks.
Flash storage
Flash storage, as it is used in USB sticks, mem-
ory cards, or SSDs, is based on transistor cells that
can, briefly spoken, persistently store 1 bit, even is no
active current is provided. For the technology com-
monly in use today (NAND flash based on floating
gate transistors) and in contrast to HDDs, reading
and writing data are two completely different oper-
ations (not the same operation with a different lead-
ing sign + or −): deleting data involves applying a
rather high voltage to the memory cell which causes
“wear.” This results in a maximum number of write/
delete cycles for this technology, an inherent limita-
tion of the activity lifetime of such flash storage.
To optimize the lifetime of flash memory, it is
possible to distribute the “wear” of memory cells to
the entire block of memory. To this end, memory
65
 Tutorial
controllers apply proprietary wear leveling algo-
rithms. To optimize wear leveling, a specific com-
mand called TRIM was introduced to the ATA
standard. With TRIM, the operating system can tell
the disk which sectors it has just deleted. These sec-
tors can then be reclaimed by the disk (using gar-
bage collection algorithms). For the case of SSDs, the
controller pretends to be spinning HDD performing
read and write accesses. But in the background, con-
tinuous remapping and garbage collection are taking
place asynchronously. Nisbet et al. [6] showed that
the deleted data vanish from the disk rather quickly
for the current SDDs. This means that the content of
a disk can change if merely switched on. This has
severe consequences toward forensic data handling:
calculating hashes over the entire disk is not a relia-
ble technique anymore to prove that evidence has
not changed. Only logically existing content is guar-
anteed to remain, but raw data can disappear from
SSD that makes it harder to argue that it was there
previously. If evidence acquisition and hashing are
restricted to logically existing content, previous pro-
cedures can be maintained.
The situation is slightly different for storage
based on MultiMedia Card (MMC) or eMMC technol-
ogy, compact memory chips with a built-in control-
ler, which are commonly used in USB drives or SD
memory cards. The eMMC standard defines 64 com-
mands that can be issued to memory (including of
course read and write to a memory block). While the
current standard for eMMC [7] specifies a command
called TRIM, its semantics do not necessarily require
that any future read to that block returns zeros. In
practice, eMMC chips hardly do any garbage collec-
tion, and therefore, the risks of losing evidence as
with SSDs are considerably reduced. Therefore, USB
sticks and memory cards can usually be acquired
like HDDs, i.e., by acquiring a 1:1 image copy and
computing a hash value.
Smartphones
Data acquisition on smartphones can be per-
formed by several methods that are divided into
software and hardware-based methods. While direct
hardware access to flash memory is often cum-
bersome and unrewarding due to the small fragile
design of the embedded integrated circuits, respec-
tively, circuit boards and device-dependent FDE,
software-based methods are more promising and
oftentimes easier to perform.
66
Authorized licensed use limited to: Charles Sturt University. Downloaded on March 26,2021 at 05:38:03 UTC from IEEE Xplore. Restrictions apply.
The software-based approaches are different,
dependent on the targeted smartphone model.
Since the smartphone market is mainly dominated
by Android and iOS, a brief overview of tools and
techniques for data acquisition for these OSs is given
in the following.
Android. On Android, a bitwise 1:1 copy of the
entire storage can be acquired by using the Linux
command dd if the Android Debug Bridge (ADB)
is enabled. This method requires root privileges on
the smartphone. Root privileges can be gained by
booting a custom recovery image, which requires
the bootloader to be unlocked, or alternatively,
the su command can be used, typically present
on rooted devices. Rooting a device must be per-
formed by booting into a recovery image or with
exploiting a vulnerability in the Android OS. With
bootloaders that cannot be unlocked, as enforced
by some manufacturers, only the exploit-based
method is feasible when an unpatched known
vulnerability is present.
Some manufacturers allow unlocking their boot-
loaders, including Google’s Nexus and Pixel series.
Also in this case, however, the unlocking wipes the
entire user data partition, thus rendering this method
infeasible for forensic data acquisition. For data
acquisition, the bootloader of an Android smart-
phone must typically be unlocked before the seizure,
which is commonly not the case. All manufacturers
ship smartphones with the bootloader being locked
as the default.
If unlocking the bootloader is not feasible, only
logical data acquisition can be performed. Logical
data acquisition via ADB, however, is oftentimes also
difficult in practice for the same reasons. Virtually all
manufacturers ship their phones with the ADB being
disabled by default. Therefore, first, USB debugging
would have to be enabled, and second, the specific
ADB host PC would have to be confirmed. Both can
be enabled with user access to the phone, e.g., if
none or only a weak screen lock is present. In that
case, ADB subcommands like pull, backup, or shell
dumpsys can subsequently be called to extract the
user data. Only specific information can be extracted
with those commands, not a full disk image. Shell
dumpsys allows to access service information, e.g.,
saved Wi-Fi points and application usage statistics.
With a pull, individual files can be extracted if the
user permissions allow so. Backup can be used
IEEE Design&Test
to extract the application data but needs another
confirmation on the device, only possible if the
screen is unlocked.
iOS. For iOS smartphones, there exist two methods
for data extraction. The first method uses the provid-
ed backup functionality of iOS. The other requires a
jailbroken device, but allows to extract the complete
filesystem.
Backups of iOS can be created by connecting
the seized device to a PC and using iTunes to start
the backup process. The first time if an iOS device
is connected to an unknown PC, access must be
confirmed by entering the device PIN code. A lock-
down record will be created for the PC which allows
feature connections without confirmation. If the
PIN code is unknown, it can be extracted from the
lockdown record of PCs the device was already con-
nected to. Such PCs may also serve as a source of
evidence from previously created iTunes backups.
Backups contain all personal data including pho-
tos, SMS, and calendar entries. Note that emails
are not included in backups. For the first time, if a
backup is created from an iPhone, the user can set
a device-dependent password. If a password is set,
feature backups will be encrypted; otherwise, the
backups are unencrypted.
What is known as rooting on Android is called
jailbreaking on iOS. All jailbreaks must exploit vul-
nerabilities in the iOS system, an official approach
from Apple, e.g., via unlocked bootloaders, does not
exist. With a jailbroken device, access to the com-
plete file system can be gained and so basically all
data can be copied via Secure Shell. This method,
however, requires the device to be jailbroken and
the root password to be known, and hence, is often
not feasible in practice. Some people leave the
default root password alpine unchanged.
RAM
The content of RAM is an increasingly valuable
piece of digital evidence, because it can be used
to witness actions by the computer that not neces-
sarily manifests themselves persistently. Examples
are searches for information on just-terminated pro-
cesses or network connections [8], investigations
into malicious software that runs only in memory
[9], or retrieving cryptographic keys or passwords
from memory (used for encrypted email, password
managers, or software-based FDE).
September/October 2018
Authorized licensed use limited to: Charles Sturt University. Downloaded on March 26,2021 at 05:38:03 UTC from IEEE Xplore. Restrictions apply.
Software-based methods. Standard practice
t­ oday is to acquire the contents of RAM using special
software applications [10] which use a kernel driver
to systematically run through the virtual or physical
address space and copy the contents of each mem-
ory page to a file. Similar to disk images, a copy of a
machine’s RAM is called a memory image. Memory
images can later be analyzed with special tools like
Volatility [11] or Rekall [12].
Software tools have two main problems. First,
they change the contents of RAM before they start
creating the image. This reduces the soundness of
the acquisition approach because the evidence is
changed, but it is accepted as long as changes in
RAM are small and well documented. Second (and
more importantly), software methods rely on the ser-
vices of the underlying operating system to perform
correctly (hardware drivers and interrupt handlers).
Therefore, if the investigated system is subverted by
malicious software, there is no guarantee that the
result of memory imaging will be correct.
Cold boot attacks. Halderman et al. [13] published
an ingenious method to acquire a memory image of
a running computer by exploiting the remanence
effect of the modern RAM technology [14], [15]. In
contrast to common belief, memory contents do not
disappear immediately after power is cut, but rather
fade away gradually over time. In practice, it can take
as long as 30 seconds for memory contents to fade
away completely. One aspect of this effect is that low
temperatures slow down the fading process, such that
by cooling down RAM chips, the remanence interval
can be extended from 30 seconds up to 10 minutes.
The basic idea of memory acquisition using cold
boot is to reboot a system with a small operating sys-
tem from a USB drive and then to read out RAM and
write it into a file. In principle, cooled down RAM
chips can also be physically unplugged from one sys-
tem, replugged into another PC, and read out there.
This variant is more generic than the reboot variant,
because it works irrespectively of Basic Input Output
System and boot sequence settings. However, it
requires a compatible target system for the specific
memory technology and a lot of practice.
Problems. In contrast to software-based approach-
es, memory acquisition via cold boot cannot be
subverted by malicious software, because the oper-
ating system is fully controlled by the investigator.
67
 Tutorial
Therefore, regarding forensic soundness, cold boot
is a very good approach. Cold-boot attacks, howev-
er, have been observed to be impractical for modern
systems based on double data rate (DDR)3/DDR4
RAM [16], an issue which was investigated (and
partly solved only recently, see “Recent advances”).
Recent advances
The current practices in forensic data acquisition
are well developed in most parts, but they always must
adapt to technological changes. We now outline sev-
eral recent results that highlight certain problem areas
and need to be incorporated into current practices.
HDDs
Although the acquisition of HDDs appears to be
an established practice, Gruhn [17] recently revis-
ited this area and raised several noteworthy issues
that challenge the state of the art. Since the data
handling on disk is performed by the firmware of the
HDD, successful manipulations of the firmware can
result in incorrect data acquisition [18]. By analyz-
ing several Western Digital hard drives, Gruhn [17]
described possibilities to check the firmware of a
device and investigated possibilities to perform data
acquisition despite manipulated firmware.
To understand his results, it is necessary to look
into the anatomy of a typical HDD in more detail. As
mentioned above, an HDD is a small embedded com-
puter into itself, and as such, it performs a boot process
when it is switched on. It executes a small initial piece
of code taken from an unmodifiable ROM which loads
a larger piece of code from a (larger and modifiable)
electrically erasable programmable read-only memory
(EEPROM) [17, p. 139]. Since the size of the complete
firmware is considerable, the remaining part of the
firmware that does not fit into the EEPROM is stored
directly on the disk in a special Service Area. This is
a hidden area on the platter that cannot be used by
normal users. Gruhn [17] reports that there often are
vendor specific commands that allow to access and
update this area using the standard (SATA) interface.
These commands, however, are not generally known.
Obviously, the authenticity of the data delivered
by the HDD depends on the correctness of its firm-
ware running. To verify that this firmware has not
been altered, it is necessary to check the content
of the EEPROM as well as the content of the service
area. Reading the content of the EEPROM can be
cumbersome in some cases [17, p. 142], and there
68
Authorized licensed use limited to: Charles Sturt University. Downloaded on March 26,2021 at 05:38:03 UTC from IEEE Xplore. Restrictions apply.
appears to exist no obvious way to verify that the
firmware on the EEPROM is original since there exist
many small differences between EEPROM contents
even on drives of the same model. More dramat-
ically, it is impossible to verify the content of the
service area because this requires executing code
(from the EEPROM) that cannot be verified. Ideally,
vendors would use mechanisms like signed firmware
to protect against simple firmware manipulations.
Ideally, manufacturers should offer a standardized
low-level interface to the HDD contents that cannot
be subverted. With the current state of affairs, a small
shadow of doubt remains on the authenticity of HDD
data if firmware manipulations cannot be ruled out.
Disk encryption and SEDs
As mentioned above, even if a disk drive is deliv-
ering data to the user, this data must not necessar-
ily be of any use to an investigator if it is encrypted
and the encryption key is unknown. Recently, Müller
and Freiling [19] published a comprehensive survey
on how to circumvent disk encryption techniques. To
attack software-based FDE techniques like Microsoft
Bitlocker, it is usually sufficient to be able to access
the machine’s RAM where the encryption key is
stored. Accessing the unencrypted content of a hard
disk therefore can be reduced to accessing the con-
tent of RAM. This procedure, however, is futile when
trying to access SEDs, because the encryption key is
always kept within the disk and never leaks to RAM.
Interestingly, it is often possible to directly read out
the contents of an SED if the computer to which it is
attached is found to be switched on. Müller [20], [21]
observed that standard SEDs commonly do not
detect whether SATA cables are unplugged, as
long as they stay connected to power. An SED gets
“locked” only if its power connection is cut. If its
data connection is cut, it stays unlocked and data
can be read out. This leads to the following hot plug
attack scenario: with physical access to a running
PC, the SATA connector of an SED is unplugged
and then replugged to a PC that is under control
of the investigator. During this procedure, the orig-
inal PC acts as an energy supplier and keeps the
disk powered on. The second PC, which is under the
control of the investigator, acts as a data collector.
While the original PC crashes a few seconds after disk
removal, the SED stays unlocked and the investigator
can create a disk image of the SED in unencrypted
form without the need to know the password.
IEEE Design&Test
 Obviously, the approach requires the system
to be running. Since server systems are commonly
running 24/7, they constitute a perfect target for
hotplug attacks. Another advantage of desktop and
server systems is their construction type: most often,
SEDs are connected to the motherboard with flexi-
ble SATA cables that can be replugged into nearby
machines easily. In laptops, however, the power and
data connection of an SED often cannot be han-
dled independently as in most desktops. However,
rather surprisingly, while SATA SEDs require an ATA
password on boot, they unlock the disk automati-
cally on wakeup from suspend-to-RAM (Advanced
Configuration and Power Interface state S3) [19].
Therefore, a disk being in state S3 can be accessed
as follows. In state S3, power extension cables can
be installed between the drive and the laptop. Then,
the laptop is woken up and, the SED gets unlocked,
and a usual hot-plug attack can be performed.
Smartphones
While encrypting laptops and desktop PCs is still
uncommon today, because Bitlocker is still not part
of the Windows 10 Home edition, more and more
end-users encrypt their smartphones. Both Android
and iOS offer easy-to-use encryption for free and
many vendors, such as Apple, and encrypt their smart-
phones even by default.As a consequence, the case of
encrypted phones is of gaining importance for practi-
cal investigation cases. Particularly, unlocking iPhones,
which are encrypted by default, was often requested
by law enforcement agencies in the past [1].
Due to its closed source nature, however, unlock-
ing iPhones is a difficult task not well documented
by the academic community. According to our knowl-
edge, professional companies such as Cellebrite and
Grayshift offer unlocking services for iPhones starting
at USD 15,000 per unlock [22], [23]. It is not publicly
known how these products work, but most likely
they combine exploits against iOS with brute force
attacks against the user PIN. As it is not acceptable for
most users to enter a secure password each time using
their phone, most users rely on insecure PINs of five
digits only, being a perfect target for brute force attacks.
On Android, due to the market fragmentation of
different vendors and devices, the situation depends
on the exact phone model. While Android versions
up to 4.0 support no encryption at all, Android ver-
sions from 4.0 to 6.0 use FDE [24], and Android ver-
sions since 7.0 use file-based encryption (FBE). The
September/October 2018
Authorized licensed use limited to: Charles Sturt University. Downloaded on March 26,2021 at 05:38:03 UTC from IEEE Xplore. Restrictions apply.
advantages of FBE are mainly usability, such as a
direct boot with single sign-on.
For a Galaxy Nexus from Samsung with Android
4.0, the first Android device that was ever availa-
ble with FDE, Muller and Spreitzenbarth [25] have
shown how to break disk encryption using cold boot
attacks to retrieve the encryption key from RAM.Their
approach requires the bootloader to be unlocked
before the attack to recover full-disk images, since the
user partition gets wiped during unlocking the boot-
loader. For devices with a locked bootloader, Muller
and Spreitzenbarth [25] were able to retrieve RAM
images, including recently visited websites, taken
photos, and more. Nevertheless, the reproducibility of
their results for other devices than the Galaxy Nexus
and newer Android versions remains a difficult task.
RAM
Based on the quality criteria developed by Vomel
and Freiling [26] for memory images, several recent
works have investigated the strengths and weak-
nesses of different techniques to acquire a memory
image of a computer. Vomel and Stuttgen [27] were
the first to systematically evaluate different memory
acquisition tools. Their approach instruments the
software and therefore relies on the availability of the
source code. In contrast to that, Gruhn and Freiling
[28] presented an approach that can evaluate acqui-
sition tools by having programs write a predictable
memory pattern and later analyze the images taken
by different tools regarding that pattern. In their stud-
ies, cold boot performed best, closely followed by
software-based approaches.
Software-based memory acquisition. The vast
majority of today’s memory acquisition tools is im-
plemented as kernel drivers. Besides easy develop-
ment and fast deployment, kernel drivers allow to
be installed even after the occurrence of a potential
incident. The well-known memory forensics frame-
work Rekall integrates a sophisticated memory ac-
quisition tool called Pmem [29]. The tool supports
the acquisition of physical memory on the most
considerable operating systems, namely, Linux, Win-
dows, and MacOS. In contrast to other driver-based
acquisition tools, Pmem only relies on a minimal set
of kernel Application Programmers’ Interface (APIs).
Hence, only the loading mechanism depends on the
operating system functionality. As this is a very com-
mon procedure, a malware cannot simply restrict
69
 Tutorial

Rogue Page Virtual Address

Virtual Address #PML4 #PDPT #PD #PT Physical Page Offset Physical Address
Space Space
47 38 29 20 11 0
8 8 8 8

Rogue Page
Arbitrary Frame
PDPTE
PTE
PML4E

PDE Rogue Frame

PML4 PDPT PD PT

CR3

Figure 2. To systematically access physical memory, Pmem allocates a single rogue page in its cor-
responding rogue page frame, and then manipulates the rogue page’s PTE entry to remap the page
to an arbitrary page frame in physical memory. By doing this, it is possible to systematically access
the entire physical memory without much support from the underlying operating system.

the system from loading a driver, as this would likely
reveal its own presence.
Instead of requesting the kernel to map portions of
the physical memory, Pmem entirely implements the
procedure on its own. Therefore, it allocates a single
page in nonpageable memory, called a rogue page.
Instead of trusting the kernel functionality to obtain
the rogue’s corresponding page table entry, Pmem
initially walks the paging hierarchy itself. This ensures
protection against malicious modifications during the
translation process. By remapping the frame number
of the rogue’s page table entry to an arbitrary physical
frame, Pmem has the chance to access the entire phys-
ical address space. To create a dump of the physical
memory, the driver subsequently maps each physical
frame before accessing its contents through the corre-
sponding virtual address of the rogue page. To prevent
Pmem from acquiring a cached version of a page, it
ensures to flush both caches and translation lookaside
buffers before accessing the rogue page. From there
on, the system’s MMU redirects further access to the
rogue’s virtual address to the physical target page. To
finally create an image of the system’s memory, Pmem
copies the rogue page’s content to its user space buff-
ers from where they are written into a file. Figure 2
depicts Pmem’s process of remapping physical mem-
ory through the rogue page.
Compared to other operating systems, Linux
comes with a wide variety of possible kernel
­configurations. To be able to load Pmem’s driver,
the driver needs to be built in a way that matches
the kernel configuration. Since many systems lack
the availability of compatible build tools, it is not
always possible to overcome this problem. To avoid
the necessity of building the acquisition tool on the
target system, Stüttgen and Cohen [30] came up with
a method to inject a stripped down and precompiled
version of Pmem into a compatible host driver. After
statically relinking and manually relocating Pmem’s
driver, it can be loaded together with the host driver.
Currently, this approach is also a part of the Rekall
framework.
Cold-boot on DDR3 and DDR4
In 2013, Gruhn and Müller [16] reported on
problems while performing cold boot attacks in the
modern DDR3 RAM technology, since the memory
images appeared to be random for reasons inherent
in that technology. With increasing speed of semi-
conductors, their undesirable parasitic effects also
grow in magnitude. To counteract this and starting
with DDR3, RAM manufacturers perform memory
scrambling within the memory controllers.
In DDR3, scrambling is performed by running
the data through an LFSR which is initialized with
a seed. Recently, Bauer et al. [31] presented an
approach to successfully “descramble” images of
RAM acquired by cold boot. The approach is based
on reconstructing the LFSR and its seed from a small
piece of memory for which the (unscrambled)
content is known (analogously to a known plain-
text attack). Later, Yitbarek et al. [32] extended
this work to also successfully descramble memory
images of DDR4 RAM.

70 IEEE Design&Test

Authorized licensed use limited to: Charles Sturt University. Downloaded on March 26,2021 at 05:38:03 UTC from IEEE Xplore. Restrictions apply.
Effects of virtualization
Server systems are often virtualized. An inherent
advantage of a virtualized system is that the admin-
istrator is able to halt specific guests and to acquire
data atomically. Thus, an investigator needs the cor-
responding privileges to control the guest, i.e., to
control the host system.
The HDD of a virtualized system is usually repre-
sented as a file, e.g., in the case of VirtualBox1 with
a.vdi filename extension. Therefore, to acquire the
HDD of the guest one only needs to acquire the cor-
responding disk image file. The Forensic OpenStack
Tools (FROST) [33] is a forensic suite for the pop-
ular cloud-computing platform OpenStack.2 FROST
allows to acquire virtual disks, API logs, and guest
firewall logs in a forensically sound manner without
trusting the guest.
Since the hypervisor’s task is to manage the guest’s
RAM, the corresponding virtualization solution often
comes with memory acquisition support. A common
way to acquire the RAM of a guest virtual machine
(VM) is to suspend it, save the suspend file that con-
tains memory, and then resume it. Obviously, the
drawback of that method is that the guest has some
time offline. Virtual Machine Introspection (VMI)
allows to monitor the complete RAM or only specific
objects in RAM while the guest is running. LibVMI
[34] is a library that allows to access the memory of
a running VM. LibVMI also supports Rekall profiles
for VMI of Linux or Windows systems.
Often client systems are not virtualized. However,
virtualization makes it possible for an investiga-
tor to acquire RAM in a stealthy, trustworthy, and
forensically sound way. HyperSleuth [35] is a tiny
forensic framework that virtualizes a running sys-
tem leveraging Intel’s Virtualization Technology
(VT-x) technology. The framework comes with
three forensic applications. First, a lazy memory
dumper uses a dump-on-write and dump-on- idle
technique. This allows an atomic fingerprint at the
time of the request. The other applications are a sys-
tem call tracer and a lie detector, i.e., HyperSleuth
has in-guest tools to get information about the state
of the system. If this information differs from the
hypervisor’s perspective, something is going wrong.
Unfortunately, HyperSleuth’s code and binary are
not publicly available.
1
https://www.virtualbox.org
2
https://www.openstack.org
September/October 2018
Authorized licensed use limited to: Charles Sturt University. Downloaded on March 26,2021 at 05:38:03 UTC from IEEE Xplore. Restrictions apply.
All virtualization-based acquisition tools assume
to be deployed before malware is installed on the
system or present malware is not sophisticated and
so does not compromise their results. HyperSleuth
addresses this issue with a challenge–response
protocol for the installation process. However,
the effectiveness cannot be evaluated. Furthermore,
the investigator usually needs high privileges to the
system to either install a hot-pluggable hypervisor
like HyperSleuth or to access the forensic respec-
tively built-in acquisition functionalities.
Recently, Palutke and Freiling [36] researched
ways to counter software-based memory acquisition
tools that claim to be resilient against antimemory
forensics. In this regard, they presented a novel root-
kit technique that combines hidden memory with vir-
tualization that is based on Intel’s VT-x technology.
The rootkit, called Styx, virtualizes running ×64 Linux
systems while entirely residing in hidden memory.
Stuttgen and Cohen [37] define hidden memory as
certain address ranges that are backed by accessible
RAM, but neither used by the operating system nor
any device. To isolate and protect its memory foot-
print, Styx virtualizes the guest’s physical memory
through Intel’s extended page tables mechanism.
From the guest’s perspective, the rootkit’s memory
looks like an inaccessible address range that is not
backed by any accessible RAM. As a result, the com-
bination of hidden memory and hardware-based vir-
tualization provides advanced malware in a stealthy
way to subvert the acquisition process of modern
forensic tools. While Styx can be used to hide mali-
cious payloads, it is also possible to use it as a very
stealthy forensic acquisition tool.
Summarizing, virtualization can facilitate the
acquisition process dramatically. However, the
investigator usually needs high privileges to the host
system, first. If the system is not virtualized yet, there
is basically the possibility to virtualize the running
system on-the-fly and to acquire its data.
Open problems and fundamental
challenges
The struggle for forensic evidence acquisition
always faces the dilemma to grant law enforcement
sufficient lawful access to data on the one hand and
at the same time be sensitive to the privacy of cit-
izens. In order to shape the field in sensible ways,
system designers must be aware of the amount of
(personal) data stored on a device and how (easy)
it can be accessed.
71
 Tutorial
Considering the state of practice in digital
evidence acquisition and recent advances in this
field, it appears mandatory for system designers that
1) data that does not need to persist reboots should
not be written to persistent storage and that 2) sensi-
tive data should be explicitly wiped (overwritten) in
RAM to prevent forensic practitioners from intruding
privacy. However, securing data from all forms of
(legal) access is costly and involves user coopera-
tion (e.g., strong PIN codes, pairing of devices, etc.).
So, obviously, security comes at a price. Since foren-
sic data acquisition can have dramatic real-world
consequences, we again believe that users, design-
ers, and manufacturers of embedded systems should
be aware of the problems and prospects regarding
evidence acquisition. At least the manufacturers
of storage devices should offer an effective secure
delete option, e.g., in case the device is sold.
Acknowledgments
This work was supported by the following agen-
cies and projects: Federal Ministry of Education
and Research (BMBF), Germany, as part of the
projects DINGfest FIDI and CELTIC + SENDATE
“Tailored Network for Data cEnters in the Metro”;
German Research Foundation (DFG) as part of
the Transregional Collaborative Research Centre
“Invasive Computing” (SFB/TR 89).  [13] J. A. Halderman et al., “Lest we remember: cold-boot
 References
[1] A. Holpuch, “Tim Cook says Apple’s refusal to
unlock iPhone for FBI is a ‘civil liberties’ issue,” The
Guardian, Feb. 2016. [Online]. Available: https://
www.theguardian.com/technology/2016/feb/22/tim-
cook-apple-refusal-unlock-iphone-fbi-civil-liberties
[2] US Department of Justice/National Institute of Justice,
“Electronic crime scene investigation: A guide to first
responders,” 2nd Edition, 2008. [Online]. Available:
https://www.nqrs.gov/pdffiles1/nij/219941.pdf
[3] US Department of Justice, “Searching and seizing
computers and obtaining electronic evidence in
criminal investigations,” 2009. [Online]. Available:
http://www.justice.gov/criminal/cybercrime/docs/
ssmanual2009.pdf
[4] B. Carrier, File System Forensic Analysis, Addison-
Wesley, 2005.
[5] E. Casey, Digital Evidence and Computer Crime—
Forensic Science, Computers and the Internet,
3rd Edition. Academic Press, 2011. [Online].
Available: http://www.elsevierdirect.com/product.
jsp?isbn=9780123742681
72
Authorized licensed use limited to: Charles Sturt University. Downloaded on March 26,2021 at 05:38:03 UTC from IEEE Xplore. Restrictions apply.
[6] A. Nisbet, S. Lawrence, and M. Ruff, “A forensic
analysis and comparison of solid state drive data
retention with trim enabled file systems,” in Proc. 11th
Aust. Digital Forensics Conf., 2013, pp. 103–111.
[7] Joint Electron Device Engineering Council (JEDEC),
“Embedded multi-media card (emmc), electrical
standard (5.1),” Document JESD84-B51, 2015.
[Online]. Available: https://www.jedec.org/standards-
documents/docs/jesd84-b51
[8] T. M. Vidas, “The acquisition and analysis of random
access memory,” J. Digital Forensic Practice, vol. 1,
no. 4, pp. 315–323, 2006.
[9] L. O’Murchu and F. P. Gutierrez, “The evolution of the
fileless click-fraud malare Poweliks,” Symantec Corp.,
Symantec Security Response Version 1.0, 2015.
[10] S. Vömel and F. C. Freiling, “A survey of main
memory acquisition and analysis techniques for the
windows operating system,” Digital Investigat., vol. 8,
no. 1, pp. 3–22, 2011. [Online]. Available: https://doi.
org/10.1016/j.diin.2011.06.002
[11] The Volatility Foundation, “Volatility foundation
(homepage),” 2018. [Online]. Available: http://
www.volatilityfoundation.org/
[12] M. I. Cohen, “Characterization of the windows kernel
version variability for accurate memory analysis,”
Digital Investigat., vol. 12, no. Supplement-1,
pp. S38–S49, 2015.
attacks on encryption keys,” Commun. ACM, vol. 52,
no. 5, pp. 91–98, 2009. [Online]. Available: http://
doi.acm.org/10.1145/1506409.1506429
[14] P. Gutmann, “Data remanence in semiconductor
devices,” in 10th USENIX Security Symp., Aug. 13–17,
2001, Washington, DC, 2001. [Online]. Available:
http://www.usenix.org/publications/library/proceedings/
sec01/gutmann.html
[15] S. P. Skorobogatov, “Data remanence in flash memory
devices,” in Proc. Cryptogra. Hardware Embed.
Syst.—CHES 2005, 7th Int. Workshop, Edinburgh, UK,
Aug 29–Sep. 1, 2005, pp. 339–353.
[16] M. Gruhn and T. Müller, “On the practicability of cold
boot attacks,” in Proc. 2013 Int. Conf. Availability
Reliability Security (ARES 2013), Regensburg,
Germany, Sep. 2–6, 2013, 2013, pp. 390–397. [Online].
Available: https://doi.org/10.1109/ARES.2013.52
[17] M. Gruhn, “Forensic limbo: Toward subverting hard
disk firmware bootkits,” Digital Investigat., vol. 23, pp.
138–150, 2017. [Online]. Available: https://doi.org/
10.1016/j.diin.2017.10.003
[18] J. Zaddach et al., “Implementation and implications
of a stealth hard-drive backdoor,” in Proc. Ann.
IEEE Design&Test
 Comput. Security Appl. Conf. (ACSAC ’13),
New Orleans, LA, USA, Dec. 9–13, 2013, 2013,
pp. 279–288. [Online]. Available: http://doi.acm.
org/10.1145/2523649.2523661
[19] T. Müller and F. C. Freiling, “A systematic assessment
of the security of full disk encryption,” IEEE Trans.
Dependable Sec. Comput., vol. 12, no. 5, pp. 491–503,
2015. [Online]. Available: https://doi.org/10.1109/
TDSC.2014.2369041
[20] T. Müller, “(Un)Sicherheit Hardware-basierter
Festplattenverschl üsselung,” in The 29th Chaos
Comm. Congress (29c3), University of Erlangen-
Nuremberg. Hamburg, Germany: Chaos Computer
Club (CCC), Dec 2012.
[21] T. Müller, T. Latzo, and F. Freiling, “Self-Encrypting
Disks pose Self-Decrypting Risks: How to Break
Hardware-based Full Disk Encryption,” Technical
Report Friedrich-Alexander University of Erlangen-
Nuremberg, pp. 1–10, 2012.
[22] T. Fox-Brewster, “The feds can now (probably) unlock
every iphone model in existence—Updated,” Forbes,
Feb. 2018. [Online]. Available: https://www.forbes.com/
sites/thomasbrewster/2018/02/26/governmentcan-
access-any-apple-iphone-cellebrite
[23] T. Fox-Brewster, “Mysterious $15,000 ‘GrayKey’
promises to unlock iPhone X for the feds,” Forbes,
Mar. 2018. [Online]. Available: https://www.forbes.
com/sites/thomasbrewster/2018/03/05/appleiphone-
x-graykey-hack
[24] J. Götzfried and T. Müller, “Analysing android’s full
disk encryption feature,” J. Wireless Mobile Networks
Ubiquitous Comput. Dependable Appl., vol. 5,
pp. 84–100, Mar. 2014.
[25] T. Müller and M. Spreitzenbarth, “Frost: Forensic recovery
of scrambled telephones,” in Applied Cryptography
and Network Security, M. Jacobson, M. Locasto, P.
Mohassel, and R. Safavi-Naini, Eds. Berlin, Heidelberg:
Springer Berlin Heidelberg, 2013, pp. 373–388.
[26] S. Vömel and F. C. Freiling, “Correctness, atomicity,
and integrity: Defining criteria for forensically-sound
memory acquisition,” Digital Investigat., vol. 9, no. 2,
pp. 125–137, 2012. [Online]. Available: https://doi.org/
10.1016/j.diin.2012.04.005
[27] S. Vömel and J. Stüttgen, “An evaluation platform for
forensic memory acquisition software,” in Proc. 13th
Ann. DFRWS Conf., 2013, pp. 1–12.
[28] M. Gruhn and F. Freiling, “Evaluating atomicity, and
integrity of correct memory acquisition methods,” in
Proc. 3rd Ann. DFRWS Euro. Conf., Elsevier, 2016,
pp. 1–10. [Online]. Available: https://www.dfrws.
September/October 2018
Authorized licensed use limited to: Charles Sturt University. Downloaded on March 26,2021 at 05:38:03 UTC from IEEE Xplore. Restrictions apply.
org/conferences/dfrwseu-2016/sessions/evaluating-
atomicity-and-integrity-correctmemory-acquisition
[29] M. Cohen, “Rekall memory forensics framework,” 2014.
[Online]. Available: http://www.rekall-forensic.com
[30] J. Stüttgen and M. Cohen, “Robust linux memory
acquisition with minimal target impact,” Digital
Investigat., vol. 11, no. 1, pp. S112–S119, 2014.
[Online]. Available: https://doi.org/10.1016/
j.diin.2014.03.014
[31] J. Bauer, M. Gruhn, and F. Freiling, “Lest we forget:
Cold-boot attacks on scrambled DDR3 memory,” in
Proc. 3rd Ann. DFRWS Euro. Conf., Elsevier,
2016, pp. 65–74. [Online]. Available: https://www.
dfrws.org/conferences/dfrwseu-2016/sessions
/lest-we-forget-cold-boot-attacks-scrambledddr3-
memory
[32] S. F. Yitbarek, M. T. Aga, R. Das, and T. M. Austin,
“Cold boot attacks are still hot: Security analysis of
memory scramblers in modern processors,” in Proc.
2017 IEEE Int. Symp. High Perform. Comput. Arch.
(HPCA 2017), Austin, TX, Feb. 4–8, 2017, 2017, pp.
313–324. [Online]. Available: https://doi.org/10.1109/
HPCA.2017.10
[33] B. Martini and K.-K. R. Choo, “Distributed filesystem
forensics: Xtreemfs as a case study,” Digital
Investigat., vol. 11, no. 4, pp. 295–313, 2014.
[34] H. Xiong, Z. Liu, W. Xu, and S. Jiao, “Libvmi: A library
for bridging the semantic gap between guest OS
and VMM,” in 12th IEEE Int. Conf. Comput. Inform.
Technol. (CIT 2012), Chengdu, Sichuan, China,
Oct. 27–29, 2012, 2012, pp. 549–556. [Online].
Available: https://doi.org/10.1109/CIT.2012.119
[35] L. Martignoni, A. Fattori, R. Paleari, and L. Cavallaro,
“Live and trustworthy forensic analysis of commodity
production systems,” in Proc. Recent Advances in
Intrusion Detection, 13th Int. Symp. (RAID 2010),
Ottawa, Ontario, Canada, Sep. 15–17, 2010,
pp. 297–316.
[36] R. Palutke and F. Freiling, “Styx: Countering robust
memory acquisition,” Digital Investigat., vol. 24,
pp. S18–S28, 2018.
[37] J. Stüttgen and M. Cohen, “Anti-forensic resilient
memory acquisition,” Digital Investigat., vol. 10,
pp. S105–S115, 2013.
Felix Freiling is a Full Professor in the Depart­
ment of Computer Science at Friedrich-Alexander-
Universität Erlangen–Nürnberg, Erlangen, Germany.
His research interests include forensic computing
and offensive IT security.
73
 Tutorial
Tobias Groß is a PhD student in the Department of
Computer Science at Friedrich-Alexander-Universität
Erlangen–Nürnberg, Erlangen, Germany. His research
interests include mobile forensics and system security.
Tobias Latzo is a PhD student in the Department
of Computer Science at Friedrich-Alexander-
Universität Erlangen–Nürnberg, Erlangen, Germany.
His research interests include memory forensics and
system security.
Tilo Müller is a Post-Doctoral Researcher in
the Department of Computer Science at Friedrich-
Alexander-Universität Erlangen–Nürnberg, Erlangen,
Germany. His research interests include mobile
74
Authorized licensed use limited to: Charles Sturt University. Downloaded on March 26,2021 at 05:38:03 UTC from IEEE Xplore. Restrictions apply.
security (Android and iOS) and trusted computing
architectures.
Ralph Palutke is a PhD student in the Department
of Computer Science at Friedrich-Alexander-
Universität Erlangen–Nürnberg, Erlangen, Germany.
His research interests include system security and
the security of virtual machines and hypervisors.
 Direct questions and comments about this
article to Felix Freiling, Department of Computer
Science, Friedrich-Alexander-Universität Erlangen–
Nürnberg, 91054 Erlangen, Germany; e-mail: felix.
freiling@cs.fau.de.
IEEE Design&Test