This talk will provide a technical introduction to digital forensics geared towards fellow geeks who think tinkering with data in hex is fun and interesting. The talk will provide a brief background on forensics and important concepts including acquisition and verification techniques. Forensic analysis, the really fun stuff, will be covered in detail including specific a walkthrough on how to carve YAFFS2 timestamps from a nandump of an Android device. Finally, we will cover the emerging intersection of digital forensics and traditional security, specifically mobile app security and continuous forensic monitoring of key systems.
Presented by Andrew Hoog