Chapter 5. Extracting Data Physically from Android Devices
This chapter will be covering physical data extraction using free and open source tools wherever possible. The majority of the material covered in this chapter will use the ADB methods previously discussed in this book. By the end of this chapter, the reader should be familiar with the following concepts:
- What physical extraction means
- What data to expect from physical extractions
- Physical data extractions using the
ddandnanddumpcommands - RAM imaging and analysis
- SD card acquisitions
- JTAG and chip-off methods
Physical extraction overview
In digital forensics, a physical extraction is an exact bit-for-bit image of the electronic media, and this definition remains true for mobile devices too. ...
Get Learning Android Forensics now with O’Reilly online learning.
O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.