PISA AGM cum Feature Talk: Road to Defcon (25 Aug 2018)

PISA AGM cum Feature Talk: Road to Defcon (25 Aug 2018)

PISA AGM cum Feature Talk: Road to Defcon (25 Aug 2018) Date: 25 Aug 2018 (Sat)Time: 14:00 -...

Information Security Summit 2018 (4-5 Sep 2018)

Information Security Summit 2018 (4-5 Sep 2018)

Information Security Summit 2018 Date: 4-5 Sep, 2018Time: 8:30am - 6:00pmVenue: Hong Kong...

Supporting Event: IoT Security Forum (29 Aug 2018)

IoT Security Forum Date :  29 August 2018, WednesdayTime : 2:00 pm - 5:00 pm (Registration start...

  • PISA AGM cum Feature Talk: Road to Defcon (25 Aug 2018)

    PISA AGM cum Feature Talk: Road to Defcon (25 Aug 2018)

  • Information Security Summit 2018 (4-5 Sep 2018)

    Information Security Summit 2018 (4-5 Sep 2018)

  • Supporting Event: IoT Security Forum (29 Aug 2018)

Advanced Mobile Phone Analysis via JTAG and Chip-Off

Speaker: Kelvin Wong (An experienced Computer and Cyber Forensic Expert)

Date: 30 Nov 2015 

Venue: Y305, Block Y, Hong Kong Polytechnic University

Time: 7:00 pm to 9:30 pm

Target: PISA Members, ISC2 Members and Invited Guests only

Language: Cantonese supplemented with English Terminologies

Registrationhttp://goo.gl/8MBPXL

 

Agenda

19:15 – 20:00 Introduction to JTAG and Chip-Off methodology

20:00 – 20:15 Break and hardware preparation

20:15 – 21:15 Live demonstration of JTAG connection and eMMC chip assembly

21:15 – 21:30 Q&A, End of this event

 

JTAG (Joint Test Action Group) forensics is an advanced level data acquisition method which involves connecting to Test Access Ports (TAPs) on a supported device (eg mobile phone) and instructing the processor to transfer the raw data stored on connected memory chips; Alternatively, chip-off is an highly advanced, low-level method to recover/extract data from eMMC storage. Both are an effective technique to acquire an exact physical image from devices (not limited to mobile phones) for in-depth forensics analysis.

It is the first brief and live demonstration on mobile phone analysis via Jtaging and eMMC chip removal in HK. After the presentation, you will learn:

  • JTAG connection
  • Chip-off procedure
  • Soldering and reballing technique
  • Use of Riff Box, other JTAG box and eMMC reader

 

Speaker Background:

Kelvin WONG conducts researches on computer security and forensics analysis for several years. He is the first Asian who delivered speeches in SANS DFIR Summit and Digital Forensics Research Workshop Europe (DFRSW EU). He is also a frequent speaker at industrial-known conference such as DEF CON, HITCON, APWG, ICCCF, AVTokyo and HTICA. The topics cover DDoS revealed, Network Forensics, Mac Memory Forensics and Investigation & Intelligence Framework. Besides, he is one of the authors of famous media: Digital Forensics Magazine and Forensics Focus. 

- Conduct digital forensics examination and investigation since 2002 and start research on 2010

- Publications

1. Facebook Forensics (2011) on Hakin9 Magazine and reference on The Financial and Banking Information Infrastructure Committee (FBIIC)

2. Mac Memory Forensics (2014) on Digital Forensics Magazine

3. One of the Authors at Forensics Focus Blog (www.forensicfocus.com)

- Trainer

1. Memory, Application and Network Forensics workshop at HKEx 

2. Guest Lecturer on MSc and BSc Program at HKUST and CityU

3. SANS GCFA (mentor course) hidden trainer*

4. Digital Forensics Research Workshop, Europe Chapter (DFRWS EU 2014)

5. Real Network Forensics Kungfu* 

- Conference Speaker

1. SANS DFIR Summit 2015, US - Investigation and Intelligence Frameworks*

2. ICCCF 2015, Macau - INIS Hacking and Forensics

3. ICCCF 2014, Taiwan – Mac Memory Forensics

4. HITCON 2014, Taiwan – WeChat Analysis in a Live System

5. CeCOS VIII (APWG) 2014, HK – Best Practice in Network Forensics

6. AVTokyo 2012, Japan – Black DDoS Kungfu (Japan Edition)

7. The 20th DefCON 2012, US – Black and White DDoS Kungfu revealed*

8. 6th HTCIA 2012, APAC Chapter – Network Attack Investigation

9. 5th HTCIA 2011, APAC Chapter – Facebook Forensics 

10. Guest Lecturer on MSc and BSc Program at HKUST and CityU

 

* CPE: 2 CPE will be obtained for those ISC2 CISSP credential holder.

For any questions, please email to This email address is being protected from spambots. You need JavaScript enabled to view it.