FORENSIC ANALYSIS OF THE GARMIN CONNECT ANDROID APPLICATION

Detalhes bibliográficos
Autor(a) principal: Nunes, Fabian Pereira
Data de Publicação: 2023
Tipo de documento: Dissertação
Idioma: eng
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: http://hdl.handle.net/10400.8/9262
Resumo: Wearable smart devices are becoming more prevalent in our lives. These tiny devices read various health signals such as heart rate and pulse and also serve as companion devices that store sports activities and even their coordinates. This data is typically sent to the smartphone via a companion application installed. These applications hold a high forensic value because of the users’ private information they store. They can be crucial in a criminal investigation to understand what happened or where that person was during a given period. They also need to guarantee that the data is secure and that the application is not vulnerable to any attack that can lead to data leaks. The present work aims to do a complete forensic analysis of the companion application Garmin Connect for Android devices. We used a Garmin Smartband to generate data and test the application with a rooted Android device. This analysis is split into two parts. The first part will be a traditional Post Mortem analysis where we will present the application, data generation process, acquisition process, tools, and methodologies. Lastly, we analyzed the data extracted and studied what can be considered a forensic artifact. In the second part of this analysis, we performed a dynamic analysis. We used various offensive security techniques and methods to find vulnerabilities in the application code and network protocol to obtain data in transit. Besides completing the Garmin Connect application analysis, we contributed various modules and new features for the tool Android Logs Events And Protobuf Parser (ALEAPP) to help forensic practitioners analyze the application and to improve the open-source digital forensics landscape. We also used this analysis as a blueprint to explore six other fitness applications that can receive data from Garmin Connect. With this work, we could conclude that Garmin Connect stores a large quantity of private data in its device, making it of great importance in case of a forensic investigation. We also studied its robustness and could conclude that the application is not vulnerable to the tested scenarios. Nevertheless, we found a weakness in their communication methods that lets us obtain any data from the user even if it was not stored in the device. This fact increased its forensic importance even more.
id RCAP_9b5d9a2d22398c6ceb4c17f4d2553656
oai_identifier_str oai:iconline.ipleiria.pt:10400.8/9262
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling FORENSIC ANALYSIS OF THE GARMIN CONNECT ANDROID APPLICATIONAnálise forense digitalCompanion Garmin Connet x SmartphoneSmart BandAndroidInformática forenseSegurança da informaçãoCibersegurançaDomínio/Área Científica::Engenharia e Tecnologia::Engenharia Eletrotécnica, Eletrónica e InformáticaWearable smart devices are becoming more prevalent in our lives. These tiny devices read various health signals such as heart rate and pulse and also serve as companion devices that store sports activities and even their coordinates. This data is typically sent to the smartphone via a companion application installed. These applications hold a high forensic value because of the users’ private information they store. They can be crucial in a criminal investigation to understand what happened or where that person was during a given period. They also need to guarantee that the data is secure and that the application is not vulnerable to any attack that can lead to data leaks. The present work aims to do a complete forensic analysis of the companion application Garmin Connect for Android devices. We used a Garmin Smartband to generate data and test the application with a rooted Android device. This analysis is split into two parts. The first part will be a traditional Post Mortem analysis where we will present the application, data generation process, acquisition process, tools, and methodologies. Lastly, we analyzed the data extracted and studied what can be considered a forensic artifact. In the second part of this analysis, we performed a dynamic analysis. We used various offensive security techniques and methods to find vulnerabilities in the application code and network protocol to obtain data in transit. Besides completing the Garmin Connect application analysis, we contributed various modules and new features for the tool Android Logs Events And Protobuf Parser (ALEAPP) to help forensic practitioners analyze the application and to improve the open-source digital forensics landscape. We also used this analysis as a blueprint to explore six other fitness applications that can receive data from Garmin Connect. With this work, we could conclude that Garmin Connect stores a large quantity of private data in its device, making it of great importance in case of a forensic investigation. We also studied its robustness and could conclude that the application is not vulnerable to the tested scenarios. Nevertheless, we found a weakness in their communication methods that lets us obtain any data from the user even if it was not stored in the device. This fact increased its forensic importance even more.Frade, Miguel Monteiro de SousaDomingues, Patrício RodriguesIC-OnlineNunes, Fabian Pereira2024-01-12T14:24:31Z2023-10-062023-10-06T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisapplication/pdfhttp://hdl.handle.net/10400.8/9262TID:203463633enginfo:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2024-01-17T15:59:15Zoai:iconline.ipleiria.pt:10400.8/9262Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-20T01:51:50.581454Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv FORENSIC ANALYSIS OF THE GARMIN CONNECT ANDROID APPLICATION
title FORENSIC ANALYSIS OF THE GARMIN CONNECT ANDROID APPLICATION
spellingShingle FORENSIC ANALYSIS OF THE GARMIN CONNECT ANDROID APPLICATION
Nunes, Fabian Pereira
Análise forense digital
Companion Garmin Connet x Smartphone
Smart Band
Android
Informática forense
Segurança da informação
Cibersegurança
Domínio/Área Científica::Engenharia e Tecnologia::Engenharia Eletrotécnica, Eletrónica e Informática
title_short FORENSIC ANALYSIS OF THE GARMIN CONNECT ANDROID APPLICATION
title_full FORENSIC ANALYSIS OF THE GARMIN CONNECT ANDROID APPLICATION
title_fullStr FORENSIC ANALYSIS OF THE GARMIN CONNECT ANDROID APPLICATION
title_full_unstemmed FORENSIC ANALYSIS OF THE GARMIN CONNECT ANDROID APPLICATION
title_sort FORENSIC ANALYSIS OF THE GARMIN CONNECT ANDROID APPLICATION
author Nunes, Fabian Pereira
author_facet Nunes, Fabian Pereira
author_role author
dc.contributor.none.fl_str_mv Frade, Miguel Monteiro de Sousa
Domingues, Patrício Rodrigues
IC-Online
dc.contributor.author.fl_str_mv Nunes, Fabian Pereira
dc.subject.por.fl_str_mv Análise forense digital
Companion Garmin Connet x Smartphone
Smart Band
Android
Informática forense
Segurança da informação
Cibersegurança
Domínio/Área Científica::Engenharia e Tecnologia::Engenharia Eletrotécnica, Eletrónica e Informática
topic Análise forense digital
Companion Garmin Connet x Smartphone
Smart Band
Android
Informática forense
Segurança da informação
Cibersegurança
Domínio/Área Científica::Engenharia e Tecnologia::Engenharia Eletrotécnica, Eletrónica e Informática
description Wearable smart devices are becoming more prevalent in our lives. These tiny devices read various health signals such as heart rate and pulse and also serve as companion devices that store sports activities and even their coordinates. This data is typically sent to the smartphone via a companion application installed. These applications hold a high forensic value because of the users’ private information they store. They can be crucial in a criminal investigation to understand what happened or where that person was during a given period. They also need to guarantee that the data is secure and that the application is not vulnerable to any attack that can lead to data leaks. The present work aims to do a complete forensic analysis of the companion application Garmin Connect for Android devices. We used a Garmin Smartband to generate data and test the application with a rooted Android device. This analysis is split into two parts. The first part will be a traditional Post Mortem analysis where we will present the application, data generation process, acquisition process, tools, and methodologies. Lastly, we analyzed the data extracted and studied what can be considered a forensic artifact. In the second part of this analysis, we performed a dynamic analysis. We used various offensive security techniques and methods to find vulnerabilities in the application code and network protocol to obtain data in transit. Besides completing the Garmin Connect application analysis, we contributed various modules and new features for the tool Android Logs Events And Protobuf Parser (ALEAPP) to help forensic practitioners analyze the application and to improve the open-source digital forensics landscape. We also used this analysis as a blueprint to explore six other fitness applications that can receive data from Garmin Connect. With this work, we could conclude that Garmin Connect stores a large quantity of private data in its device, making it of great importance in case of a forensic investigation. We also studied its robustness and could conclude that the application is not vulnerable to the tested scenarios. Nevertheless, we found a weakness in their communication methods that lets us obtain any data from the user even if it was not stored in the device. This fact increased its forensic importance even more.
publishDate 2023
dc.date.none.fl_str_mv 2023-10-06
2023-10-06T00:00:00Z
2024-01-12T14:24:31Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/masterThesis
format masterThesis
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/10400.8/9262
TID:203463633
url http://hdl.handle.net/10400.8/9262
identifier_str_mv TID:203463633
dc.language.iso.fl_str_mv eng
language eng
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv
_version_ 1799137009387700224

Registros relacionados