With　the　popularity　of　digital　devices,　digital　forensic　research　targeted　at　Android-based　devices　has　drawn　increasing　attention.　Among　the　many　issues　in　digital　forensics,　data　recovery　has　received　a　great　deal　of　attention.　In　data　recovery,　deleted　or　updated　data　may　contain　important　information　about　past　activities　of　the　user,　making　such　information　viable　evidence　as　far　as　digital　forensics　is　concerned.　In　this　paper,　according　to　special　characteristics　of　YAFFS2,　we　propose　a　new　method　based　on　the　notions　of　Hash　and　timestamp　to　recover　multiple　versions　of　YAFFS2　files　during　which　the　relationship　between　timestamps　and　file　operations　is　analysed.　To　verify　the　effectiveness　of　our　proposed　method,　we　will　simulate　a　NAND　chip　under　Linux　and　perform　some　experiments　to　show　that　the　proposed　method　is　both　effective　and　efficient　in　the　recovery　of　multiple　versions　of　different　types　of　YAFFS2　files　as　well　as　Android　images.　Copyright　©　2018　Inderscience　Enterprises　Ltd.