Abstract
SailfishOS is a Linux kernel-based embedded device operation system, mostly deployed on cell phones. Currently, there is no sufficient research in this space, and at the same time, this operating system is gaining popularity, so it is likely for investigators to encounter it in the field. This paper focuses on mapping the digital artifacts pertinent to an investigation, which can be found on the filesystem of a phone running SailfishOS 3.2. Currently, there is no other known publicly available research and no commercially available solutions for the acquisition and analysis of this platform. This is a major gap, as the adoption of this OS is accelerating in emerging markets on low-cost devices. This paper presents many of the major forensics points of interest, such as call and text, log, phonebook, web browser artifacts as well as hardware-specific features.
Keywords
SailfishOS, MeeGo, Mer project, Digital forensics, Mobile forensics
Date of this Version
8-21-2020
Comments
Krassimir Tzvetanov, Umit Karabiyik, A first look at forensic analysis of sailfishos, Computers & Security, Volume 99, 2020, 102054
https://doi.org/10.1016/j.cose.2020.102054.
© 2020 Elsevier Ltd. All rights reserved. This is the accepted manuscript version of the work. The version of record is maintained at the DOI listed above.