Android Forensics

1st Edition

Investigation, Analysis and Mobile Security for Google Android

Authors: Andrew Hoog
Paperback ISBN: 9781597496513
eBook ISBN: 9781597496520
Imprint: Syngress
Published Date: 15th June 2011
Page Count: 432
53.95 + applicable tax
42.99 + applicable tax
69.95 + applicable tax
Unavailable
Compatible Not compatible
VitalSource PC, Mac, iPhone & iPad Amazon Kindle eReader
ePub & PDF Apple & PC desktop. Mobile devices (Apple & Android) Amazon Kindle eReader
Mobi Amazon Kindle eReader Anything else

Institutional Access


Description

Android Forensics: Investigation, Analysis, and Mobile Security for Google Android examines the Android mobile platform and shares techniques for the forensic acquisition and subsequent analysis of Android devices. Organized into seven chapters, the book looks at the history of the Android platform and its internationalization; it discusses the Android Open Source Project (AOSP) and the Android Market; it offers a brief tutorial on Linux and Android forensics; and it explains how to create an Ubuntu-based virtual machine (VM).
The book also considers a wide array of Android-supported hardware and device types, the various Android releases, the Android software development kit (SDK), the Davlik VM, key components of Android security, and other fundamental concepts related to Android forensics, such as the Android debug bridge and the USB debugging setting. In addition, it analyzes how data are stored on an Android device and describes strategies and specific utilities that a forensic analyst or security engineer can use to analyze an acquired Android device. Core Android developers and manufacturers, app developers, corporate security officers, and anyone with limited forensic experience will find this book extremely useful.

Key Features

  • Named a 2011 Best Digital Forensics Book by InfoSec Reviews
  • Ability to forensically acquire Android devices using the techniques outlined in the book
  • Detailed information about Android applications needed for forensics investigations
  • Important information about SQLite, a file based structured data storage relevant for both Android and many other platforms.

Readership

Computer forensic and incident response professionals. This includes LE, federal government, commercial/private sector contractors, consultants, etc.

Table of Contents

Dedication

Acknowledgements

Introduction

Chapter 1

Chapter 2

Chapter 3

Chapter 4

Chapter 5

Chapter 6

Chapter 7

Website

About the Author

About the Technical Editor

Chapter 1. Android and mobile forensics

Introduction

Android platform

Linux, Open source software, and forensics

Android Open Source Project

Internationalization

Android Market

Android forensics

Summary

References

Chapter 2. Android hardware platforms

Introduction

Overview of core components

Overview of different device types

ROM and boot loaders

Manufacturers

Android updates

Specific devices

Summary

References

Chapter 3. Android software development kit and android debug bridge

Introduction

Android platforms

Software development kit (SDK)

Android security model

Forensics and the SDK

Summary

References

Chapter 4. Android file systems and data structures

Introduction

Data in the Shell

Type of memory

File systems

Mounted file systems

Summary

References

Chapter 5. Android device, data, and app security

Introduction

Data theft targets and attack vectors

Security considerations

Individual security strategies

Corporate security strategies

App development security strategies

Summary

References

Chapter 6. Android forensic techniques

Introduction

Procedures for handling an Android device

Imaging Android USB mass storage devices

Logical techniques

Physical techniques

Summary

References

Chapter 7. Android application and forensic analysis

Introduction

Analysis techniques

<p

Details

No. of pages:
432
Language:
English
Copyright:
© Syngress 2011
Published:
Imprint:
Syngress
eBook ISBN:
9781597496520
Paperback ISBN:
9781597496513

About the Author

Andrew Hoog

Andrew Hoog is a computer scientist, certified forensic analyst (GCFA and CCE), computer and mobile forensics researcher, former adjunct professor (assembly language) and owner of viaForensics, an innovative computer and mobile forensic firm. He divides his energies between investigations, research and training about the computer and mobile forensic discipline. He writes computer/mobile forensic how-to guides, is interviewed on radio programs and lectures and trains both corporations and law enforcement agencies. As the foremost expert in Android Forensics, he leads expert level training courses, speaks frequently at conferences and is writing a book on Android forensics.

Affiliations and Expertise

is a computer scientist, certified forensic analyst (GCFA and CCE), computer and mobile forensics researcher, former adjunct professor (assembly language) and owner of viaForensics, an innovative computer and mobile forensic firm.

Awards

Best Digital Forensics Books 2011, InfoSec Reviews

Reviews

"If you want to truly understand and perform forensics on Android this is the book. There is no other reference that goes to this level of detail on the Android operating systems idiosyncrasies and quirks. Android Forensics is a must have for the mobile device examiner’s bookshelf."-Jim Steele, Director of Digital Forensics , a Tier 1 Wireless Carrier

"Andrew Hoog in his latest book, Android Forensics, provides exceptionally well written coverage of Android for the Computer Forensics Investigator. No small task given the ever changing nature of Google’s preeminent mobile operating system."--Matthew M. Shannon, Principal, F-Response

"…provides an excellent and comprehensive coverage of the Android platform, including its design, implementation, operation, investigation and analysis. At 364 pages of content, organized over seven chapters, with a focus on the ‘practical’ – demonstrating system design, implementation, operation and investigation, for instance, through hands-on "experiments" – this sizable text will resonate particularly well with readers disposed to activity-centric, learning-by-doing styled narrative. The text is peppered throughout with device and application (GUI) screenshots, as well as command line execution/output and directory listings."--InfosecReviews.com

"In conclusion, we feel that Android Forensics is a good introduction to a field that still seems very ‘fresh’ and new to forensic examiners… As a quick reference during forensic analysis, the last chapter proves to be an excellent resource."--Computer and Security

"At 364 pages of content, organized
over seven chapters, with a focus on
the ‘practical’ – demonstrating system design, implementation, operation and investigation, for instance, through hands- on "experiments" – this sizable text will resonate particularly well with readers disposed to activity-centric, learning-by- doing styled nar