Andrew Hoog
Andrew Hoog is a computer scientist, certified forensic analyst (GCFA and CCE), computer and mobile forensics researcher, former adjunct professor (assembly language), and owner of viaForensics, an innovative digital forensics, security, and e-discovery firm. He divides his energies between investigations, research, and training about the computer and mobile forensic discipline. He writes computer/mobile forensic how-to guides, is interviewed on radio programs and lectures, and trains both corporations and law enforcement agencies. As the foremost expert in Android Forensics, he leads expert level training courses, speaks frequently at conferences, and is writing a book on Android forensics.
An Introduction to Android Forensics
Applications for Android are developed in Java and run in a separate Dalvik virtual machine with a unique user id and process which is a key mechanism used to enforce data security. As a result, forensic examiners do not have a built-in mechanism we can use on the phone to extract core user data. Instead, new techniques must be developed which require some interaction with the device.
