Examining Vehicle Data With Magnet AXIOM

by

Hi, this is Kim Bradley with Magnet Forensics. Today, we’ll be learning how to process vehicle data by using an exported extraction from Berla’s iVe software. 

First, to get the extraction you’ll need to export using iVe. You can do this by going to “Tools”, “Export” and “Magnet”. This will generate an export with an IVO extension. Now we’re ready to bring the exported file into AXIOM. With the AXIOM Process already open, we’ll go to our evidence sources. we’ll select “Vehicle”, “IVO”, “Files and folders” and then we’re going to browse to the file that we need. I’ll select the IVO file that was exported using iVe software. 

You can rename the evidence if you would like and go to “Processing details”. We’ll skip on down to the vehicle artifacts, and you’ll see that we have the Location & Travel category that has been selected for us. Go to “Analyze evidence”, and then we’ll come back and take a look at our process case.

Within the AXIOM Process case, let’s take a look at the artifacts. Within “Communication” you see “Call logs” and “Contacts”. It’s important to note that these categories may include data that was downloaded from a mobile device connected to the vehicle.

Depending on what is allowed at the time of connectivity, phone data may be saved. This will vary depending on the type of phone and vehicle. These categories may also include calls initiated using the vehicle’s console or interface. Other categories include media that contains files and the exported extraction. 


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

After selecting an individual artifact, the examiner can always use source linking to navigate to the selected file within the File System Explorer, or use information in the “Details” pane for further analysis.

  • “Metadata” will contain details extracted from the export related to the original acquisition of data from the vehicle or the vehicle itself. 
  • “Attached Devices” will help examiners know of other potential evidence items. 
  • In “Location & Travel” there are track points for logged entries of location coordinates.
  • “Velocity Points” for the velocity of the vehicle at particular dates and times.
  • and also “Waypoints” for street addresses the user has entered on the vehicle. 

For a visual depiction of location data, you can always use the world map view. Thanks for watching.

Leave a Comment

Latest Videos

Forensic Focus

Forensic Focus
In this webinar, David Spreadborough, Forensic Analyst at Amped Software, provides a closer look at those important early stages in investigations involving video evidence. Starting with establishing the integrity of the digital data and evaluating the authenticity of the produced visual image. From demonstrative timelines to speed estimation, the evidential foundations are paramount in every case. Failure to consider these steps and misinterpreting the data can cause unnecessary delays, mistakes, and potentially even miscarriages of justice. Amped FIVE is used to conduct data analysis, file conversion, and assessment of image reliability. Useful links: Amped FIVE - https://ampedsoftware.com/five Video Evidence Principles - https://blog.ampedsoftware.com/2023/0... CCTV Acquisition introduction - https://blog.ampedsoftware.com/2023/0...

In this webinar, David Spreadborough, Forensic Analyst at Amped Software, provides a closer look at those important early stages in investigations involving video evidence. Starting with establishing the integrity of the digital data and evaluating the authenticity of the produced visual image.

From demonstrative timelines to speed estimation, the evidential foundations are paramount in every case.

Failure to consider these steps and misinterpreting the data can cause unnecessary delays, mistakes, and potentially even miscarriages of justice.

Amped FIVE is used to conduct data analysis, file conversion, and assessment of image reliability.

Useful links:

Amped FIVE - https://ampedsoftware.com/five
Video Evidence Principles - https://blog.ampedsoftware.com/2023/0...
CCTV Acquisition introduction - https://blog.ampedsoftware.com/2023/0...

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_dnSPwNdMn5M

Investigating Video: The Vital First Steps

Forensic Focus 13 hours ago

Read more at https://www.forensicfocus.com/news/forensic-focus-digest-may-10-2024/ #dfir #digitalforensics

Read more at https://www.forensicfocus.com/news/forensic-focus-digest-may-10-2024/ #dfir #digitalforensics

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_QVjq2Xu_MQ8

Forensic Focus Digest, May 10 2024 #dfir #digitalforensics

Forensic Focus 10th May 2024 12:43 pm

In this webinar, Jordan Portfleet from the Oxygen Forensic Training Team introduces KeyDiver, a new module integrated into Oxygen Forensic Detective. KeyDiver is designed to find passwords to decrypt various encrypted data sources like BitLocker and FileVault2 encrypted volumes, encrypted ZIP files, Apple Notes, Telegram Desktop app, and more. Jordan provides an in-depth walkthrough of KeyDiver's features and demonstrates how to create different types of brute force attacks like mask attacks, dictionary attacks, and custom password guessing. He explains the various settings available for customizing attacks, managing GPU utilization, monitoring progress, and more. Jordan also shares tips on leveraging additional data sources and social engineering techniques to improve password guessing success rates.

In this webinar, Jordan Portfleet from the Oxygen Forensic Training Team introduces KeyDiver, a new module integrated into Oxygen Forensic Detective.

KeyDiver is designed to find passwords to decrypt various encrypted data sources like BitLocker and FileVault2 encrypted volumes, encrypted ZIP files, Apple Notes, Telegram Desktop app, and more.

Jordan provides an in-depth walkthrough of KeyDiver's features and demonstrates how to create different types of brute force attacks like mask attacks, dictionary attacks, and custom password guessing. He explains the various settings available for customizing attacks, managing GPU utilization, monitoring progress, and more.

Jordan also shares tips on leveraging additional data sources and social engineering techniques to improve password guessing success rates.

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_3hDBpcA9rdw

Oxygen Forensic® KeyDiver

Forensic Focus 9th May 2024 11:08 am

Load More... Subscribe
This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feeds settings page to add an API key after following these instructions.

Latest Articles

Investigating Video: The Vital First Steps
Webinars

Investigating Video: The Vital First Steps

ByAmpedSoftwareMay 13, 2024
Forensic Focus Digest, May 10 2024
News

Forensic Focus Digest, May 10 2024

ByForensic FocusMay 10, 2024
Oxygen Forensic® KeyDiver
Webinars

Oxygen Forensic® KeyDiver

ByOxygenForensicsMay 9, 2024
Detego Global Announces Webinar To Demonstrate The Powerful New Features Of Detego v4.16
News

Detego Global Announces Webinar To Demonstrate The Powerful New Features Of Detego v4.16

ByDetego Digital ForensicsMay 8, 2024
Digital Forensics Round-Up, May 08 2024
News

Digital Forensics Round-Up, May 08 2024

ByForensic FocusMay 8, 2024
UK Parliamentary Legislation Introduced Against Deepfakes
News

UK Parliamentary Legislation Introduced Against Deepfakes

ByForensic FocusMay 2, 2024