In digital forensics, the term logical extraction is typically used to refer to extractions that don't recover deleted data or do not include a full bit-by-bit copy of the evidence. However, a more correct definition of logical extraction, also defined in Chapter 1, Introducing Android Forensics, is any method that requires communication with the base operating system. Because of this interaction with the operating system, a forensic examiner cannot be sure that they have recovered all of the data possible; the operating system is choosing which data it allows the examiner to access. In traditional computer forensics, logical extraction is analogous to copying and pasting a folder in order to extract data from a system; this process will only copy files that the user can access and see. If any hidden or deleted files are present in the folder being...
- Tech Categories
- Best Sellers
- New Releases
- Books
- Videos
- Audiobooks
Tech Categories Popular Audiobooks
- Articles
- Newsletters
- Free Learning
You're reading from Learning Android Forensics - Second Edition
Oleg Skulkin is the Head of Digital Forensics and Malware Analysis Laboratory at Group-IB. Oleg has worked in the fields of digital forensics, incident response, and cyber threat intelligence and research for over a decade, fueling his passion for uncovering new techniques used by hidden adversaries. Oleg has authored and co-authored multiple blog posts, papers, and books on related topics and holds GCFA and GCTI certifications.
Read more about Oleg Skulkin
Donnie Tindall is a Principal Incident Response Consultant with the Crypsis Group, where he handles incident response engagements encompassing the full lifecycle of cyber security events. His corporate and consulting background is primarily in conducting sensitive forensics examinations for federal government clients, particularly the U.S. military and the Intelligence Community. Before moving into Incident Response, Donnie had an extensive background in mobile forensics, application security research, and exploitation. He is also an IACIS Certified Forensic Computer Examiner and former Community Instructor of FOR585, the SANS Institute's smartphone forensics course.
Read more about Donnie Tindall
Rohit Tamma is a security analyst currently working with Microsoft. With over 7 years of experience in the field of security, his background spans consulting/analyst roles in the areas of application security, mobile security, penetration testing, and security training. His past experiences include working with Accenture, ADP, and TCS, driving security programs for various client teams. Rohit has also coauthored Learning Android Forensics, which explains various techniques to perform forensics on the Android platform. You can contact him at tamma.rohit5@gmail.com or on Twitter at @RohitTamma.
Read more about Rohit Tamma
Unlock this book and the full library FREE for 7 days
Authors (3)
Oleg Skulkin is the Head of Digital Forensics and Malware Analysis Laboratory at Group-IB. Oleg has worked in the fields of digital forensics, incident response, and cyber threat intelligence and research for over a decade, fueling his passion for uncovering new techniques used by hidden adversaries. Oleg has authored and co-authored multiple blog posts, papers, and books on related topics and holds GCFA and GCTI certifications.
Read more about Oleg Skulkin
Donnie Tindall is a Principal Incident Response Consultant with the Crypsis Group, where he handles incident response engagements encompassing the full lifecycle of cyber security events. His corporate and consulting background is primarily in conducting sensitive forensics examinations for federal government clients, particularly the U.S. military and the Intelligence Community. Before moving into Incident Response, Donnie had an extensive background in mobile forensics, application security research, and exploitation. He is also an IACIS Certified Forensic Computer Examiner and former Community Instructor of FOR585, the SANS Institute's smartphone forensics course.
Read more about Donnie Tindall
Rohit Tamma is a security analyst currently working with Microsoft. With over 7 years of experience in the field of security, his background spans consulting/analyst roles in the areas of application security, mobile security, penetration testing, and security training. His past experiences include working with Accenture, ADP, and TCS, driving security programs for various client teams. Rohit has also coauthored Learning Android Forensics, which explains various techniques to perform forensics on the Android platform. You can contact him at tamma.rohit5@gmail.com or on Twitter at @RohitTamma.
Read more about Rohit Tamma