How MD-VIDEO AI can perform the world’s best gun recognition feature?

How MD-VIDEO AI can perform the world’s best gun recognition feature?

 

 

Recognizing guns with AI technology can be roughly divided into two stages: Learning and Reasoning.

 

 

At the learning stage, we train the computer with a large amount of image data, and as a result, get a model that can identify a gun. Then at the reasoning stage which the computer already has gun models, the computer determines whether or not a gun is present in the input image.

 

 

Here, what really matters is the learning phase. To make a good model, we need to have a large number of gun images. It also needs to determine whether or not there is a gun in the input image, even if the image is too dark, too bright, small, poor quality, blurred, or partially hidden.

 

In order to perform good recognition, you need to have a variety of training data. However, getting a large scale of various gun images is limited, it’s not easy to build training data.

 

So our research team brought up an idea, what if the computer automatically creates the training data and even automatically labels the guns? We can get a really large amount of gun data. Having a lot of data increases the accuracy of gun recognition, it can respond to various input image environments and quality.

 

 

To this end, we built a virtual gun image rendering platform by researching and developing the following technologies.

 

 

– 3D modeling of 10 pistols and 11 long guns.
– 3D modeling of a hand holding a gun.
– 3D modeling of a total of 4 backgrounds: Parking lot, School, Market, and Construction site.
– Variety of gun placement techniques in the background.
– Technique for placing a part of the gun to be hidden on an object.
– Random parameter adjustment technology such as camera distance, angle, brightness, blur, and shade.
– A technique for accurately labeling parts of a gun in a rendered image (Calculated in pixels).

 

 

 

 

Based on this, 200,000 virtual gun images were created, and a gun recognition model was created by training with real gun images. Having a lot of data increases the accuracy of gun recognition, it can respond to various input image environments and quality.

Throughout this effort, MD-VIDEO AI could perform the world’s best gun recognition feature among video forensic tools.

 

 

Find out more useful features that can empower your investigation.

If you have any support from our team, submit your inquiry!

Inquiry

New Extraction Feature – Samsung Galaxy S22 Qualcomm Series.

We are excited to release the latest extraction feature of MD-NEXT.

It’s the market’s first extraction of Samsung Galaxy S22 Qualcomm Series.
This feature is supported with MD-NEXT v1.91.4

 

Supported New Models are..

– Galaxy S22 5G (SM-S901N, SM-S901U, SM-S901U1, SM-S901W, SM-S9010, SM-S901E, SM-S901E_DS)
– Galaxy S22+ 5G (SM-S906N, SM-S906U, SM-S906U1, SM-S906W, SM-S9060, SM-S906E, SM-S906E_DS)
– Galaxy S22 Ultra 5G (SM-S908N, SM-S908U, SM-S908U1, SM-S908W, SM-S9080, SM-S908E, SM-S908E_DS)

 

 

 

If you want to have a datasheet of MD-NEXT, please send us your inquiry!

MD-NEXT Datasheet Inquiry

Empower Your On-Site Investigation with MD-LIVE

Whenever to access the evidence phone at the crime scene, you may always suffer from insufficient time and its complicated steps to use the mobile forensic tool.
MD-LIVE has armed itself with various useful features to save the investigation time and to meet these needs for smartphone forensics.
Go check the features and find out how you can empower your investigation with MD-LIVE.

Check our YouTube channel and catch up with our latest product videos!

 

Analyze and Review the Data of ‘MeWe’ and ‘Threema’

We’ve been keeping up with the research on the globally rising social media apps, today we’ll introduce MeWe and Threema. MD-RED is supporting data analysis of MeWe Android from MD-RED v3.7.29 and Threema Android, MD-RED v3.7.31. Follow the below article and find out major features and how MD-RED displays the analysis results. 

 

1. MeWe 

 

  • What’s MeWe?

MeWe is the uplifting social network service app with awesome social features people love along with no ads, no targeting, and no newsfeed manipulation.  It has a timeline, groups, pages you can join, friends can make, a built-in messaging tool, and a profile page for users to customize.

 

  • Major features of MeWe and Analysis results of MD-RED

 

 

2. Threema

 

  • What’s Threema?

 

Threema is a paid open-source end-to-end encrypted instant messaging application for iOS and Android. The software is based on privacy by design principles as it does not require a phone number or any other personally identifiable information. Data is stored in an encrypted DB, and more security settings can be added to the settings. Users can do text messaging, make voice, and video calls, send multimedia, locations, voice messages, and files.

 

  • Major features of Threema and Analysis results of MD-RED

 

If you want to read the full article, please download the PDF file.

Analyze and Review the Data of ‘Zepeto’ and ‘Clubhouse’ using MD-RED

Today, Zepeto and Clubhouse are the rising apps, the app user is growing fast, and it’s recognized as a new generation of social media. MD-RED is supporting the data analysis of Zepeto (Android) from v3.7.26, Zepeto (iOS) from v3.7.31, and Clubhouse (iOS) from v3.7.20.  Through this article, you may learn the basic features of Zepeto, Clubhouse, and how MD-RED can analyze and display the data.

 

  • What’s Zepeto

The Zepeto app is a metaverse (virtual platform) of a creative studio developed by Naver Z Corporation. The friends in Zepeto can share a common room and have fun activities by creating 3D avatars with displayed items available in this environment. The pictures and videos taken in the various maps in Zepeto world can be shared through the feed.

– Account information

Account information is displayed in ‘Account’ and you can find out the user’s name, Inner ID, and creation date and time.

– Chat data: Message

Click the speech bubble on the screen to display the chat list. Conversation supports 1:1, group chat and is analyzed as follows. Chat data such as chat room name, chat room ID, group chat status, chat room creation date, participant, chat room creator are analyzed.

In chat rooms, users can send text, images, and video files. MD-RED analyzes and displays those contents as message type, creation date, content, attachment, sender, message ID, chat room.

 

  • What’s Clubhouse

Clubhouse is social audio app which is a voice networking app developed by Alpha Exploration. It’s designed to have audio/voice communication in real-time in the chat room. MD-RED supports Clubhouse (iOS) analysis from v3.7.20, supported targets are the account, contact, and notification message. And a text-based chat room ‘Backchannel’ feature will be supported by MD-RED soon.

 – Account Information

Supports to analyze the Account name, ID, Inner ID, and Profile image.

– Contacts

The information of the chat room participants in the list is displayed in the contact analysis result.

– Alarm message

An alarm message is analyzed and displayed in the message analysis result. This allows us to infer the user’s activity.

 

If you want to read the whole article, download the PDF.

The Smart feature to find Numbers from Car Plate using MD-VIDEO AI

Numberplate Enhancement Forensics

The Number Plate Analysis is a feature that is machine-learned from low-quality of number (0 to 9) images and predicts the number when a low-quality image is added. An existing enhancement feature in MD-VIDEO also can help you to identify numbers from the low-quality images by applying various enhancement options such as Super Resolution and Motion Deblurring feature.

However, this smart feature can support you to get the data without any complicated steps, it’s much easier, time-saving and you’ll get the most reliable results!

 

 

How to Analyze Blurred License Plates                                                            

 

On the frame, drag the area you want to crop on the canvas then right-click in the [Number Plate] area. Click [Add new bounding box] to specify the area for each number then click Analyze.

You can also check why MD-VIDEO got the result via [Show Detail], it shows you the probabilities of each number analyzed by the number plate analysis model.

 

Review the Image Enhancement results

 

You can check the analyzed result from ‘Image Enhancement Results’, it shows Image, Probability, and Attribute.

  1. Image is the number plate file you select to analyze.
  2. Probability shows each number’s numerical probability determined by the number plate analysis model.
  3. Attribute shows the name, source file path, location, resolution of the improved image, history and user can add comment.

 

To read the full article, please download the PDF.

Approach to the Hidden Data in ‘Samsung Secure Folder’ with MD-NEXT  

Why forensic investigators must keep their eye on the Samsung Secure Folder? Like the word ‘Secure Folder’, Samsung Secure Folder is separated from the normal storage space and encrypted based on Samsung’s security technology ‘Knox’. PIN/pattern/password or biometric verification is required to access the secure folder. The data in the secure folder is not accessible from outside and is not visible even when the device is connected to the PC. This means, personal or confidential data can be stored in Samsung Secure Folder, and this can be the core data for your forensic investigation. Today we introduce how MD-NEXT can help you to approach Samsung Secure Folder with various methods by models, MD-NEXT will support Android version 11 soon, and you’ll get more meaningful data!

*’The ‘Knox’ space manages the entire space variably just like many apps manage data in their DB. And when data is deleted from the Knox, it is returned to the non-allocated area of the basic storage space, therefore, ‘Logical Extraction’ is carried out in file unit.

 

MD-NEXT Extraction methods by Models

  • Galaxy A5/S7/S8/S9/Note8/Note9 Series (Exynos & Qualcomm)

If the Android security patch level is before August 2019, you can obtain the security folder using the ADB Pro T4 method. The USERDATA partition is acquired as a physical image, and additionally, the files stored in the secure folder are decrypted and acquired as a separate logical image.

 

  • Galaxy A6/A7/S9/J6/Note9 Series (Exynos)

If the Android OS version is 10, you can obtain the secure folder using the Bootloader Pro method. Like the ADB Pro T4 method, the USERDATA partition is acquired as a physical image, and additionally, the files stored in the secure folder are decrypted and acquired as a separate logical image.

 

  • Galaxy A30/A40/A50/S10/Note10 Series + Galaxy Tab A 10.1 Series (Exynos)

Samsung Galaxy S10 and Note 10 series of devices and some A series of devices, you can obtain a secure folder by using the Full Filesystem (Bootloader Pro2) method (Supports both Android 9,10 and 11). When acquiring the active files of the USERDATA partition, the files stored in the secure folder are decrypted and acquired as a single logical image.

 

How to Review Data?

The data in the secure folder is acquired as a separate logical image from the physical image of the USERDATA partition. The file naming scheme for logical images has been changed in MD-NEXT version 1.89.5(Released date Jul.15, 2020), so the file name may differ depending on the version. Information on the file name and extension of the acquired images can be checked in the acquisition report.

Download PDF_MD-NEXT – Samsung Secure Folder

‘MD-LIVE’ New features to Save your Onsite Investigation Time

‘MD-LIVE’ New features to Save your Onsite Investigation Time

Whenever to access the evidence phone at the crime scene, you may always suffer from insufficient time and its complicated steps to use the mobile forensic tool. The search on the apps to watch and the pinpoint of the keywords from the piles of text messages are getting crucial for the first responders. MD-LIVE has armed itself with two useful features to save the investigation time and to meet these needs for smartphone forensics.

 

  1. ‘Keyword’

The keywords that are frequently searched such as drug, sexual assault, murder cases can be grouped and registered by category. Users can select a category that matches the case, it can save much time from repetitive searching keyword routine and prevent missing important search terms. Moreover, user can continuously update the keyword list and share with their colleagues by Import/Export feature.

–                How to register keywords?

Click the ‘Keyword’ icon in the upper right corner of MD-LIVE. Enter the keyword group name in ‘Name’ and list the search terms to be included in the ‘keyword’, separated by ‘;’, and click the ‘Add keyword’ button.

 –                How to search with keywords?

Select the target you want to search from the list of registered keywords and click the ‘Search by selected keyword’. Then MD-LIVE performs a multi-search on the targets registered in the keyword group.

 

  1. ‘Watch List’

If there are apps to be scanned every time or need to quickly scan a specific list of apps according to your institution’s needs, ‘Watch List’ is a preferentially considerable feature. This supports you to easily determine whether a specific app is installed in the device in advance. By selecting a forensic target at a time, it saves you a lot of time from searching multiple apps each time and selecting them as targets. And once app scanning is completed you can quickly determine whether an in-depth forensic investigation is needed on the specific target.

–                How to use Watch List feature?

Connect the device and operate Watch List feature on the [Select Data] step. Target apps can be added by right-clicking on the desired app and the list of apps can be managed by ‘Manage Watch List’ at the top right of MD-LIVE. Select ‘Manage Watch List’ and add the package name of the app you want to specify.

An eye-shaped badge will be displayed next to the app, and you can easily review all the listed apps through the ‘Watch List’ filter and select them as an extraction target at once.

 

 

New Product Introduction – Portable MD-RED’s Viewer program ‘MD-Explorer’

We are excited to introduce MD-RED’s Viewer program ‘MD-Explorer’.
It’s separately executable and portable viewer solution which can support your team to share the analyzed result with your colleagues.
Go check out the video and if you have any inquiry, feel free to contact us!
sales@gmdsoft.com
https://youtu.be/fIH_0-Kkx3c?si=aOhulaa07OG5YCbi

How to acquire cloud data with MD-CLOUD

How to acquire cloud data with MD-CLOUD

‘175 Zettabytes’, this is the number of data IDC estimates will be generated annually by 2025, and among those numbers, the cloud traffic is expected to grow and reach ‘18.9 Zettabytes’ by 2021.

This tremendous amount of cloud data is generated and fueled in the course of building driver assistance and autonomous vehicle technologies, IoT devices including sensors in our bodies, homes, factories, and cities, creating high-resolution content for 360 video and augmented reality and 5G communications globally.

As many digital forensic investigators are facing so-called ‘digital transformation’, finding evidence data from various cloud services is a highly demanding and important mission for digital forensic investigators. Cloud forensics is no more optional but an essential solution since many law enforcement professionals work on the cases with devices with deleted data, which needs further investigation on the backup data. Plus, there is tremendous growing number of smartphones, IoT devices, automobile and many more smart things which stores the whole data only stored in cloud services.

 

This article is to introduce cloud forensic solution of GMDSOFT, a step by step guide about data extraction and data view using MD-CLOUD. Various cloud and email services are supported, and data stored in social networking services such as Twitter, Facebook, Tumblr can be extracted by MD-CLOUD.

MD-CLOUD Overview

 

Product Highlights

–        Supports extraction from global cloud services such as Google and iCloud

–        Supports extraction of Cloud-based IoT device data

–        Supports extraction from cloud services based in East Asia, such as Baidu and Naver Cloud

–        Authenticates via ID and password, two-factor authentication, Captcha, and token credential information found locally on smartphone images, such as iOS Keychain

–        Includes automated web scraping tool for recursively capturing public webpages

–        Provides automatic evidence-tagging feature for intuitive searching

–        Natively integrates with MD-RED

 

Key Features

Supports a wide variety of cloud services

Google, iCloud, Samsung Cloud, Naver Cloud, Evernote, One Drive, Baidu

Supports email extraction

POP3 and IMAP, as well as specific support for Gmail and Naver Mail

Supports extraction from social media services

Current support for Twitter and Tumblr, with Facebook support under active development

Specializes in East Asian cloud services

Baidu Cloud in China

Naver Cloud in South Korea

Acquisition of cloud-based IoT device data

IoT data extraction from AI Speakers and Smart Home equipment

Supports authentication via both public and unofficial APIs

Supports various authentication methods

ID and Password

Captcha image tests

Two-Factor Authentication messages

Credential data pulled from smartphone dump images (such as iOS Keychain)

Provides automated web capture feature

Automated web-crawler capable of recursively extracting from a target web page

Real-time extraction progress monitoring

Displays the progress of ongoing extraction jobs in real time, from zero to one hundred percent

User-friendly interface

Features a simple, intuitive, and effective user experience that warrants little training

Native MD-RED integration

Imports credential information found in suspect smartphone images that have been analyzed in MD-RED

Intuitive ‘Evidence Tagging’ based search feature

Automatically tags and categorizes data as it’s extracted from the cloud so that it can be quickly searched, grouped, and organized.

Built-In data preview

Supports previewing any selected image, video, document, web page, email, and many more

Supports filtering by date range and file type

Allows users to limit the results of their analysis only to the time period and file types relevant to their case

Hash based data integrity assurance

Guarantees the integrity of the evidence data through powerful hash algorithms such as MD5 and SHA256

Report generation

Provides simple-yet-powerful report generation tool that supports both PDF and Excel formats

Here comes also simple but useful guide on MD-CLOUD for those investigators who would like to maximize their digital forensic skills and be prepared for the cloud data Tsunami.

1. Data extraction using ‘Credential information’

1-1 Create New Case

MD-CLOUD can access cloud services in several ways, specific services may ask the user to complete an additional verification process such as a Captcha entry or Two-factor authentication process. To start new cloud data acquisition, select ‘New Case’ and set the case name and its’ path. This time we’ll try accessing using credential information.

 

1-2 Select service and proceed the Data extraction

Various services such as Cloud, Email, SNS, IoT devices are supported by MD-CLOUD and those are displayed and categorized by types.

In this sample case we will try extracting data from Google. Select Google icon on the left side of the screen, and with the checkboxes user can perform selective data extraction. Date range and extraction type can be set before proceeding the extraction process, then the result data will be collected on the extraction filter conditions. Furthermore, even after the extraction is completed additional data sources can be added to the existing case without having to create a new case.

2. Data View: Contact/Event/Note/Email/SNS/Web Capture/Timeline Feed/Search View

2-1 Extraction Summary Dashboard

Once you start the extraction a Summary View will appear and display the progress of ongoing

extractions and some other miscellaneous information.

  1. Timeline Chart: Displays the amount of data that has been extracted so far relative to the dates associated with the extracted files (created/modified/uploaded time).
  2. Tag Statistics: MD-CLOUD automatically categorizes extracted files using tags that are generated through file metadata. The statistics of the tags are displayed here.
  3. List of Site: Summarizes the progress of extraction from data sources. It can be completely stopped by clicking on the stop icon.

 

2-2 Contact View

Displays contact information such as Contact Name, Nick Name, Contact Numbers, Email Address, Address, Profile, Birthdays, etc.

 

 

2-3 Event View

Event data such as Birthdays, Shopping, Meeting, Driving, Celebrations, Conference, Seminar, and other events.

 

 

2-4 Note View

Displays notes collected from Cloud services such as iCloud Notes, Evernotes, etc.

 

 

2-5 Email View

Email View allows users to apply to group and sort based on Date, Subject, From, Credential, etc. Email items can be searched by using the inline search box.

 

 

2-6 SNS View

Posts, multimedia, files and other information extracted from Social Network Services such as Twitter, Facebook, etc. are displayed here.

 

 

2-7 Web Capture View

Contents that have been extracted through data crawling on the provided links and their sublinks will be displayed in the Web (Web Capture) View. Multimedia, Posts and other public contents can be extracted from some sites like Facebook, Instagram, LinkedIn or any other webpages. It displays the below information.

  • Link information: A list of extracted main links and their sub-links are displayed here.
  • Content View: Displays the content of the selected link.
  • Preview: Displays the overall look of the webpage.

 

2-8 Timeline Feed View

Displays the data from every category and arranges them by the Date(Default), Subject, Content, Type or Credential.

 

 

2-9 Search View

When searching keys from anywhere in the entire application, those search keys are maintained in the Search View. Double-clicking on the search key, you can see a list of the search results.

 

3. Generate Report: Case Info/Options/Layout

After the data extraction, user can generate a PDF report of that particular case which will display all the information of the extracted files and thumbnails of multimedia data. Below we have attached the screenshot of extraction report for Google Home.

The call for MD-CLOUD will gradually increase as it has great practical value and importance as a complimentary data acquisition tool that can investigate mobile data backup and new data stored only in cloud storage. Our effort to add various data extraction sources and product advancement on MD-CLOUD will continue.

If you are interested in cloud forensics and want to learn more about MD-CLOUD, please check the product specification from the below link and reach our team via sales@gmdsoft..com 

GMDSOFT Product Brochure – MD-CLOUD