Hi, this is Kim Bradley with Magnet Forensics. Today, we’ll be learning how to process vehicle data by using an exported extraction from Berla’s iVe software.
First, to get the extraction you’ll need to export using iVe. You can do this by going to “Tools”, “Export” and “Magnet”. This will generate an export with an IVO extension. Now we’re ready to bring the exported file into AXIOM. With the AXIOM Process already open, we’ll go to our evidence sources. we’ll select “Vehicle”, “IVO”, “Files and folders” and then we’re going to browse to the file that we need. I’ll select the IVO file that was exported using iVe software.
You can rename the evidence if you would like and go to “Processing details”. We’ll skip on down to the vehicle artifacts, and you’ll see that we have the Location & Travel category that has been selected for us. Go to “Analyze evidence”, and then we’ll come back and take a look at our process case.
Within the AXIOM Process case, let’s take a look at the artifacts. Within “Communication” you see “Call logs” and “Contacts”. It’s important to note that these categories may include data that was downloaded from a mobile device connected to the vehicle.
Depending on what is allowed at the time of connectivity, phone data may be saved. This will vary depending on the type of phone and vehicle. These categories may also include calls initiated using the vehicle’s console or interface. Other categories include media that contains files and the exported extraction.
After selecting an individual artifact, the examiner can always use source linking to navigate to the selected file within the File System Explorer, or use information in the “Details” pane for further analysis.
- “Metadata” will contain details extracted from the export related to the original acquisition of data from the vehicle or the vehicle itself.
- “Attached Devices” will help examiners know of other potential evidence items.
- In “Location & Travel” there are track points for logged entries of location coordinates.
- “Velocity Points” for the velocity of the vehicle at particular dates and times.
- and also “Waypoints” for street addresses the user has entered on the vehicle.
For a visual depiction of location data, you can always use the world map view. Thanks for watching.
