One area of digital forensics that interests me is the investigation of video game devices (Xbox, PS3, etc) used to commit or facilitate crimes. Unfortunately, very little seems to be written about it (I run consoleforensics.com and post every paper I find on there. There aren't many).
I was wondering if anybody here in law enforcement has ever worked a case involving a video game device, and if so, are you able to talk about the procedures used to analyze it?
I replied to a similar post some time age and not much has changed since then. You can read it here
neddy
I've just completed my MSc dissertation on the forensic analysis of the Nintendo Wii (Using homebrew software to dump the filesystem). Only one previous paper that I could find there!
I included an overview of Xbox/Xbox360 and PS3 forensics in my report and found a few papers that don't seem to be on your website. I don't have them all to hand right now, but I'll try to take another look over the weekend and post them up here.
Off the top of my head, I recall that the PS3 was the subject of the
As I said, I don't have my report to hand right now but I'll try to get my references posted up here over the net couple of days.
EDIT Just to add, my favourite paper involved using a saved game buffer overflow exploit to grab a copy of virtual memory on the original Xbox. It was relatively similar to what I wanted to do. If I remember correctly, it was by Rabaiotti & Hargreaves and may well have been in the same issue of Digital Investigation. It could well be available elsewhere online though.
Hope that helps,
Peter
Okay, here's a list of the papers I cited. I had access to the journals through my university library, but Google Scholar etc may have copies too.
Xbox / Xbox 360 Papers
Xbox 360 A digital forensic investigation of the hard disk drive. Xynos, Konstantinos, et al. 3-4, 2010 s.n., May 2010, Digital Investigation, Vol. 6, pp. 104- 111.
XFT a forensic toolkit for the original Xbox game console. Collins, David. 2, 2009, International Journal of Electronic Security and Digital Forensics, Vol. 2, pp. 199-205.
Xbox Forensics. Burke, Paul K and Craiger, Philip. 4, 2006, Journal of Digital Forensic Practice, Vol. 1, pp. 275-282.
Xbox security issues and forensic recovery methodology (utilising Linux). Vaughan, Chris. 3, 2004, Digital Investigation, Vol. 1, pp. 165-172.
Using a software exploit to image RAM on an embedded system. Rabaiotti, J R and Hargreaves, C J. 3-4, May 2010, Digital Investigation, Vol. 6, pp. 95-103.
PlayStation 3 Papers
Forensic Analysis of a Sony Play Station 3 Gaming Console. Conrad, Scott, Dorn, Greg and Craiger, Philip. 2010. Proceedings of the Sixth Annual IFIP WG 11.9 International Conference.
van Dongen, Wouter S and van Hoof, Alain. Digital Forensics Research Workshop Challenge 2009 Report. Digital Forensics Research Workshop. [Online] July 2009. [Cited 2 August 2010.] http//
Lee, Byungkil, Yang, Hongsuk and Yu, Hyeon. 2009 DFRWS Challenge Report. Digital Forensics Research Workshop. [Online] July 2009. [Cited 2 August 2010.] http//
Wii
Forensic Investigation of the Nintendo Wii A First Glance. Turnbull, Benjamin. 1, 2008, Small Scale Digital Device Forensics, Vol. 2, pp. 1-7.
Using JTAG
Forensic imaging of embedded systems using JTAG (boundary-scan). Breeuwsma, Ing. M.F. 1, 2006, Digital Investigation, Vol. 3, pp. 32-42.