Abstract
In this paper, we explore the data recovery procedures from e∙MMCs. The e∙MMC is one of the “managed” flash memory devices that are popularly used in modern digital devices as their storage media. The e∙MMC, which consists of flash memory and the flash memory controller, optimizes the data input/output between the host device and the non-volatile memory through its standardized protocol. Its standardized structure and protocol makes forensic physical data acquisition simpler than handling the raw flash memory. However, its secure data purging features, such as Secure Erase and Sanitize, make data recovery from e∙MMC a challenging task. In this research, we investigate inside the e∙MMCs, and evaluate advanced data recovery procedures. By reverse engineering the structures of e∙MMCs and accessing the internal flash memory, we discover that securely erased data is still recoverable from the internal flash memory. In some models, more than 99% of the securely erased data can still be recoverable by accessing the flash memory inside the e∙MMCs. The data extraction method, along with experimental data recovery evaluation, will be explored in this paper.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: IEEE Transactions on Information Forensics and Security
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
