Organizing Sponsor
Analyzing Apps and Communications with Autopsy
Raman Arora
Basis Technology
Daniel Smyda
Basis Technology
Track 2
Digital evidence from apps plays an increasingly important role in digital investigations. In this talk, we will discuss the capabilities of Autopsy to parse apps, analyze the results, and display communications. This has been a recent priority for Autopsy and we will also discuss how to add support for additional apps with minimal Python code.
Autopsy has long had support for basic Android databases and the number of support apps has recently increased quite a bit. This increase was enabled by a new way of locating and parsing databases. We’ll discuss those new apps and how you can contribute to the project.
Once you parse the data, you need to be able to see it. This talk will also show our new methods for displaying communications with recently added support for threading messages and correlating accounts.
About Raman AroraRaman is a senior software engineer at Basis Technology. During his time at Basis, he has worked on several products and projects pertaining to forensics, and incident response. Prior to joining Basis, he was developing telephony, messaging, and VoIP applications. Raman has a Masters from BU in Information Security and Forensics. Away from his desk, he enjoys hiking, biking, kayaking, and trail running, and totally blames Ann Priestman on getting him mildly hooked to obstacle racing. :)
About Daniel SmydaDaniel is a software engineer working on the digital forensics team at Basis Technology. He is a newcomer to the field, but has already contributed to a number of Autopsy features. Prior to Basis, he attended Brandeis University where he earned a B.S. in Computer Science and Math.