Research Output

Garmin satnav forensic methods and artefacts: an exploratory study.

  Over ten years ago, major changes in the Global Positioning System (GPS) technology led to its explosion in popularity. GPS devices are now ubiquitous, escorting their users everywhere they go, and potentially recording the entirety of their whereabouts. As such, they represent invaluable assets to forensic practitioners. Amongst the different brands, Garmin and Tom-Tom are by far the most widespread, and are regularly encountered as part of investigations. GPS forensics is a relatively new field of study, in which tools and methodologies are very reliant upon the device itself. Whereas several tools and methodologies have been developed to address Tom-Tom devices, the lack of knowledge concerning Garmin devices may lead to investigators missing evidence. This thesis aims to explore forensic methods applicable to Garmin devices, and highlight locational artefacts located on them, which may be of use in a digital investigation. To do so, three series of experiments have been designed and performed, intending to document the behaviour of the device, the methods to acquire and analyse its content efficiently, and the reliability of the data recovered. This thesis shows successful acquisition of data from a range of Garmin devices. It also demonstrates that various forensic artefacts can be recovered from Garmin devices, with the results compared to similar research into Tom-Tom GPS devices. This highlights that Garmin devices potentially have a greater forensic potential than Tom-Tom devices, as it was found they typically hold up to 6 month of their user’s daily locations, regardless of whether the navigation was in use or not. Using carving techniques and file signatures discovered through the project, this thesis shows how to recover further location tracking data from unallocated clusters. However, it also highlights that such information should be considered carefully, since the work also demonstrates that the data can be manipulated using anti-forensic techniques.

  • Type:

    Thesis

  • Date:

    30 November 2013

  • Publication Status:

    Unpublished

  • Library of Congress:

    QA75 Electronic computers. Computer science

  • Dewey Decimal Classification:

    005.8 Data security

Citation

Arbelet, A. (2013). Garmin satnav forensic methods and artefacts: an exploratory study. (Thesis)

Authors

Keywords

Global Positioning System (GPS); Garmin; Tom-Tom; GPS forensics; locational artefacts; digital investigation; carving techniques; file signatures; location tracking data; ant-forensics;

Monthly Views:

Available Documents