Android Forensics
Investigation, Analysis and Mobile Security for Google Android
By- Andrew Hoog, is a computer scientist, certified forensic analyst (GCFA and CCE), computer and mobile forensics researcher, former adjunct professor (assembly language) and owner of viaForensics, an innovative computer and mobile forensic firm.
The open source nature of the platform has not only established a new direction for the industry, but enables a developer or forensic analyst to understand the device at the most fundamental level. Android Forensics covers an open source mobile device platform based on the Linux 2.6 kernel and managed by the Open Handset Alliance. The Android platform is a major source of digital forensic investigation and analysis. This book provides a thorough review of the Android platform including supported hardware devices, the structure of the Android development project and implementation of core services (wireless communication, data storage and other low-level functions). Finally, it will focus on teaching readers how to apply actual forensic techniques to recover data.
Audience
Computer forensic and incident response professionals. This includes LE, federal government, commercial/private sector contractors, consultants, etc.
Paperback, 432 Pages
Published: June 2011
Imprint: Syngress
ISBN: 978-1-59749-651-3
Reviews
-
"If you want to truly understand and perform forensics on Android this is the book. There is no other reference that goes to this level of detail on the Android operating systems idiosyncrasies and quirks. Android Forensics is a must have for the mobile device examiner s bookshelf." -Jim Steele, Director of Digital Forensics , a Tier 1 Wireless Carrier"Andrew Hoog in his latest book, Android Forensics,provides exceptionally well written coverage of Android for the Computer Forensics Investigator. No small task given the ever changing nature of Googles preeminent mobile operating system." --Matthew M. Shannon, Principal, F-Response" provides an excellent and comprehensive coverage of the Android platform, including its design, implementation, operation, investigation and analysis. At 364 pages of content, organized over seven chapters, with a focus on the practical - demonstrating system design, implementation, operation and investigation, for instance, through hands-on "experiments" - this sizable text will resonate particularly well with readers disposed to activity-centric, learning-by-doing styled narrative. The text is peppered throughout with device and application (GUI) screenshots, as well as command line execution/output and directory listings."-- InfosecReviews.com"In conclusion, we feel that Android Forensics is a good introduction to a field that still seems very fresh and new to forensic examiners As a quick reference during forensic analysis, the last chapter proves to be an excellent resource." --Computer and Security"At 364 pages of content, organized¿over seven chapters, with a focus on¿the practical - demonstrating system design, implementation, operation and investigation, for instance, through hands- on "experiments" - this sizable text will resonate particularly well with readers disposed to activity-centric, learning-by- doing styled narrative With a practical focus from the outset that includes how to acquire and install the Android SDK and build an Android Virtual Device (AVD), this text is particularly suited to those disposed to¿ a hands-on approach to learning about the Android platform from a security and investigation perspective." --Best Digital Forensics Book in InfoSecReviews Book Awards
Contents
Chapter 1 Android and Mobile Forensics
Introduction
Android Platform
Linux, Open Source Software and Forensics
Android Open Source Project
Internationalization
Android Market
Android Forensics
Summary
References
Chapter 2 Android Hardware Platforms
Introduction
Overview of Core Components
Overview of Different Device Types
ROM and Boot Loaders
Manufacturers
Specific Devices
Summary
References
Chapter 3 Android Software Development Kit and Android Debug Bridge
Introduction
Android Platforms
Software Development Kit (SDK)
Android Security Model
Forensics and the SDK
Summary
References
Chapter 4 Android File Systems and Data Structures
Introduction
Data in the Shell
Type of Memory
File Systems
Mounted File Systems
Summary
References
Chapter 5 Android Device, Data and App Security
Introduction
Data Theft Targets and Attack Vectors
Security Considerations
Individual security strategies
Corporate Security Strategies
App Development Security Strategies
Summary
References
Chapter 6 Android Forensic Techniques
Introduction
Procedures for Handling an Android Device
Imaging Android USB Mass Storage Devices
Logical Techniques
Physical Techniques
Summary
References
Chapter 7 Android Application and Forensic Analysis
Introduction
Analysis Techniques
FAT Forensic Analysis
YAFFS2 Forensic Analysis
Android App Analysis and Reference
Summary
References
