How Forensic Investigators Can Find Meaningful Data From ‘Factory Reset’ Devices

We are excited to release the white paper of this year.

In this whitepaper, you can find the definition of Factory Reset, how its method differs by OS and device environment, why mobile forensic investigators should understand the important meanings of Factory Reset, and lastly, how MD-RED analyzes the log of Factory Reset.

When Factory Reset is executed, a record (log file) is left in a file for various actions performed on the system depending on the device environment. Not only recent records but also previous records exist, and in some cases, you can check Factory Reset method and Factory Reset time. Through this, it is possible to know when Factory Reset is executed and to determine whether the purpose of Factory Reset is for anti-forensics or destruction of evidence.

Therefore, Factory Reset records can be considered as very important artifacts because they can specify the user’s behavior from a forensic point of view.

Get The Latest News!

Don't miss our top stories every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

Contents

01. Summary
02. How To execute Factory Reset?
03. Analysis of Factory Reset Log
04. Analysis Result of MD-RED
05. Conclusion
06. Appendix

Download – HancomWITH White paper ‘Factory Reset(iOS, Android)’ 

This is the preview version of the white paper, and if you want to find out the full version please contact our team. [email protected]

Leave a Comment

Latest Videos

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles

Share to...