STYX
Abstract
This tool brings together two different IoT forensic workflows — Android-based Smartwatches and Smart Assistant cloud data — into a single, practical framework. This tool focuses on giving a scalable framework to multiple smart devices such as smart home systems, security systems, smart rings, etc.
Smartwatch:- Our tool gets the artifacts from the watch using adb commands such as wifi information, bluetooth information, IP address information and other such device information. The tool also summarises basic information from the artifacts extracted into a preliminary report. File system extraction is done via adb pull and displayed along with the SHA-256 hashed values in the website. Each forensic artifact is viewable on the website along with being able to be downloaded on the local filesystem.
Smart Assistant: The pipeline uses the credentials of the person of interest to automate the login process. Common 2 factor authentication methods such as OTP and push notifications are also handled within the pipeline but require access to a paired phone. The tool acquires the voice transcripts for the last 7 days of commands being sent to the Smart Assistant. The tool then generates a report with the audio fields and the transcripts for the audio’s extracted from the Smart Assistant.