This project developed forensic extraction and analysis tools for NAND and NOR flash chip technologies common to mobile devices.  As devices proliferate in form and function, these chips — ubiquitous in iPhones, Android phones, other smart phones, flash drives, e-readers, tablets, and other solid state devices — contain significant data needed in investigative techniques.  However, extracting this data in a usable format from smashed, soaked, or otherwise broken and discarded devices requires significant expertise.  Such data includes GPS tracks, texting logs, Twitter accounts, Facebook accounts, email accounts, images, and user internet histories and account information. We determined optimal data extraction techniques, and we created an initial toolkit to analyze the raw flash images obtained from the resulting data. The current capabilities include reading Ext2/3/4 and FAT filesystems, basic analysis on unused or discarded blocks, and includes a design to extend the toolkit to more formats as future funding allows.




View Other Programs

Making the Future Possible

Let’s begin a conversation about making your version of the future possible.