Forensics Analysis of Xbox One Game Console
Ali M. Al-Haj

TL;DR
This paper investigates the forensic potential of the Xbox One console by analyzing physical and logical data sources, providing insights and best practices for forensic examinations of this gaming device.
Contribution
It introduces a dual approach to Xbox One forensics, combining physical hard drive analysis with logical GUI examination, and offers best practices for data collection.
Findings
Identification of valuable timestamp data on the hard drive
Logical examination reveals user activity traces
Guidelines for forensically sound data collection
Abstract
Games console devices have been designed to be an entertainment system. However, the 8th generation games console have new features that can support criminal activities and investigators need to be aware of them. This paper highlights the forensics value of the Microsoft game console Xbox One, the latest version of their Xbox series. The Xbox One game console provides many features including web browsing, social networking, and chat functionality. From a forensic perspective, all those features will be a place of interest in forensic examinations. However, the available published literature focused on examining the physical hard drive artefacts, which are encrypted and cannot provide deep analysis of the user's usage of the console. In this paper, we carried out an investigation of the Xbox One games console by using two approaches: a physical investigation of the hard drive to identify…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsDigital and Cyber Forensics · Advanced Malware Detection Techniques · Digital Media Forensic Detection
