Go-Go Gadget Smartwatch: Open Source Forensic Tools & Methodologies for Wearable Devices

Josh Brunty
Marshall University

Nicole Odom
Marshall University

Track 2

Due to the vast increase in smartwatch wearable device usage, a greater amount of personally sensitive data is being created, modified, and accessed, which can be employed to establish causality in forensic investigations. With features like standalone cellular network connectivity, automation through applications, and sensors that might result in persistent and invariable probative data, smartwatch wearable devices have the potential for an even broader scope and depth of information; therefore, it has become imperative to understand how these devices operate and the forensic challenges they present in order to provide insight on the implementation of data acquisition methodologies. Very few studies have explored the acquisition of smartwatch data, with those performed having utilized limited methods that are time-consuming, incomplete, or forensically unsound. Furthermore, none of the commonly-used commercial or open source forensic tools support native extractions from popular wearable devices, such as the Apple Watch and Samsung Gear. This presentation will seek to provide a methodology for the forensically sound acquisition of data from these standalone wearable devices, in addition to sharing GearGadget: an open-source smartwatch data extraction tool developed by the presenters.

About Josh Brunty

Josh Brunty is an Associate Professor of Digital Forensics at Marshall University in Huntington, WV. Prior to entering academia Josh worked as an examiner and technical leader with the West Virginia State Police’s Digital Forensic Unit. Josh has also participated in various national and international committees and panels focusing on the advancement of digital forensic science in the US. He currently serves as a member of the NIST OSAC subcommittee on Digital Evidence and also serves in various capacities within the Scientific Working Group on Digital Evidence and ASTM E30.12 digital evidence subcommittee.

About Nicole Odom

Nicole Odom is a Forensic Scientist Trainee in the Virginia Department of Forensic Science's (DFS) Digital & Multimedia Evidence (DME) section with concentrations in both Mobile Device and Computer Analysis. She is a graduate of Marshall University's Forensic Science Graduate Program, earning her MSFS with an emphasis in Digital Forensics and an additional Graduate Certificate in Digital Forensics. She has had experience working with the WV State Police Digital Forensics Lab during her time as a student, and has created and authored GearGadget, a data extraction tool for wearables, through her research completed as an intern of the Virginia DFS's DME section. She currently holds certifications with Cellebrite and AccessData, and is a Student Affiliate Member of the American Academy of Forensic Sciences Digital & Multimedia Sciences section, and a Member of ASTM 30.12.

View Presentation