Organizing Sponsor
Messaging App Forensics with Autopsy
Brian Carrier
Basis Technology
Main
Messages are increasingly important to digital investigations. They can tell you who the victim or suspect was communicating with. In this talk, we will cover how you can more efficiently analyze messages using Autopsy’s new interface and framework.
Autopsy has a new interface that allows you to quickly focus on which accounts communicated most and what they said. You can sort and filter using the table interface or visualize connections with the link analysis interface.
For developers, we’ll also talk about how easy it is to get data into the new interfaces. All you need to do is parse the app database and call some methods in our API. This new feature was built with funding from US DHS.
Brian Carrier
Brian leads the digital forensics team at Basis Technology, which builds software for incident response, digital forensics, and custom mission needs. He is the author of the book File System Forensic Analysis and developer of several open source digital forensics analysis tools, including The Sleuth Kit and Autopsy. Brian has a Ph.D. in computer science from Purdue University and worked previously for @stake as a research scientist and the technical lead for their digital forensics lab and incident response team. Brian is the chairperson for the Open Source Digital Forensics Conference (OSDFCon) and involved with many conferences, workshops and technical working groups, including the Annual DFRWS Conference and the Digital Investigation Journal.