Android Forensics book cover

Android Forensics

Investigation, Analysis and Mobile Security for Google Android

The open source nature of the platform has not only established a new direction for the industry, but enables a developer or forensic analyst to understand the device at the most fundamental level. Android Forensics covers an open source mobile device platform based on the Linux 2.6 kernel and managed by the Open Handset Alliance. The Android platform is a major source of digital forensic investigation and analysis. This book provides a thorough review of the Android platform including supported hardware devices, the structure of the Android development project and implementation of core services (wireless communication, data storage and other low-level functions). Finally, it will focus on teaching readers how to apply actual forensic techniques to recover data.

Audience

Computer forensic and incident response professionals. This includes LE, federal government, commercial/private sector contractors, consultants, etc.

Paperback, 432 Pages

Published: June 2011

Imprint: Syngress

ISBN: 978-1-59749-651-3

Reviews

  • "If you want to truly understand and perform forensics on Android this is the book. There is no other reference that goes to this level of detail on the Android operating systems idiosyncrasies and quirks. Android Forensics is a must have for the mobile device examiner’s bookshelf."-Jim Steele, Director of Digital Forensics , a Tier 1 Wireless Carrier

    "Andrew Hoog in his latest book, Android Forensics, provides exceptionally well written coverage of Android for the Computer Forensics Investigator. No small task given the ever changing nature of Google’s preeminent mobile operating system."--Matthew M. Shannon, Principal, F-Response

    "…provides an excellent and comprehensive coverage of the Android platform, including its design, implementation, operation, investigation and analysis. At 364 pages of content, organized over seven chapters, with a focus on the ‘practical’ - demonstrating system design, implementation, operation and investigation, for instance, through hands-on "experiments" - this sizable text will resonate particularly well with readers disposed to activity-centric, learning-by-doing styled narrative. The text is peppered throughout with device and application (GUI) screenshots, as well as command line execution/output and directory listings."--InfosecReviews.com

    "In conclusion, we feel that Android Forensics is a good introduction to a field that still seems very ‘fresh’ and new to forensic examiners… As a quick reference during forensic analysis, the last chapter proves to be an excellent resource."--Computer and Security

    "At 364 pages of content, organized
over seven chapters, with a focus on
the ‘practical’ - demonstrating system design, implementation, operation and investigation, for instance, through hands- on "experiments" - this sizable text will resonate particularly well with readers disposed to activity-centric, learning-by- doing styled narrative…With a practical focus from the outset that includes how to acquire and install the Android SDK and build an Android Virtual Device (AVD), this text is particularly suited to those disposed to
a hands-on approach to learning about the Android platform from a security and investigation perspective."--Best Digital Forensics Book in InfoSecReviews Book Awards


Contents

  • Chapter 1 Android and Mobile Forensics
    Introduction
    Android Platform 
    Linux, Open Source Software and Forensics
    Android Open Source Project
    Internationalization 
    Android Market 
    Android Forensics
    Summary
    References
    Chapter 2 Android Hardware Platforms
    Introduction
    Overview of Core Components
    Overview of Different Device Types 
    ROM and Boot Loaders 
    Manufacturers 
    Specific Devices 
    Summary
    References
    Chapter 3 Android Software Development Kit and Android Debug Bridge
    Introduction
    Android Platforms 
    Software Development Kit (SDK) 
    Android Security Model
    Forensics and the SDK 
    Summary
    References
    Chapter 4 Android File Systems and Data Structures
    Introduction
    Data in the Shell
    Type of Memory
    File Systems 
    Mounted File Systems
    Summary
    References
    Chapter 5 Android Device, Data and App Security
    Introduction
    Data Theft Targets and Attack Vectors 
    Security Considerations
    Individual security strategies
    Corporate Security Strategies 
    App Development Security Strategies 
    Summary
    References
    Chapter 6 Android Forensic Techniques
    Introduction 
    Procedures for Handling an Android Device 
    Imaging Android USB Mass Storage Devices 
    Logical Techniques
    Physical Techniques 
    Summary
    References
    Chapter 7 Android Application and Forensic Analysis
    Introduction
    Analysis Techniques
    FAT Forensic Analysis 
    YAFFS2 Forensic Analysis 
    Android App Analysis and Reference
    Summary
    References

Advertisement

advert image