Android forensics : investigation, analysis, and mobile security for Google Android

Select an Action

Title:

Author:

Hoog, Andrew.

ISBN:

9781597496513

Personal Author:

Hoog, Andrew.

Publication Information:

Waltham, MA : Elsevier/Syngress, c2011.

Physical Description:

xix, 372 p. : ill. ; 24 cm.

Contents:

Machine generated contents note: ch. 1 Android and Mobile Forensics -- Introduction -- Android Platform -- History of Android -- Google's Strategy -- Linux, Open Source Software, and Forensics -- Brief History of Linux -- Android Open Source Project -- AOSP Licenses -- Development Process -- Value of Open Source in Forensics -- Downloading and Compiling AOSP -- Internationalization -- Unicode -- Keyboards -- Custom Branches -- Android Market -- Installing an App -- Application Statistics -- Android Forensics -- Challenges -- Summary -- References -- ch. 2 Android Hardware Platforms -- Introduction -- Overview of Core Components -- Central Processing Unit -- Baseband Modem/Radio -- Memory (Random-Access Memory and NAND Flash) -- Global Positioning System -- Wireless (Wi-Fi.com and Bluetooth) -- Secure Digital Card -- Screen -- Camera -- Keyboard -- Battery -- Universal Serial Bus -- Accelerometer/Gyroscope -- Speaker/Microphone -- Overview of Different Device Types --

Contents note continued: Smartphone -- Tablet -- Netbook -- Google TV -- Vehicles (In-board) -- Global Positioning System -- Other Devices -- ROM and Boot Loaders -- Power On and On-chip Boot ROM Code Execution -- Boot Loader (Initial Program Load/Second Program Loader) -- Linux Kernel -- The Init Process -- Zygote and Dalvik -- System Server -- Manufacturers -- Android Updates -- Custom User Interfaces -- Aftermarket Android Devices -- Specific Devices -- T-Mobile G1 -- Motorola Droid -- HTC Incredible -- Google Nexus One -- Summary -- References -- ch. 3 Android Software Development Kit and Android Debug Bridge -- Introduction -- Android Platforms -- Android Platform Highlights Through 2.3.3 (Gingerbread) -- Software Development Kit (SDK) -- SDK Release History -- SDK Install -- Android Virtual Devices (Emulator) -- Android OS Architecture -- Dalvik VM -- Native Code Development -- Android Security Model -- Forensics and the SDK --

Contents note continued: Connecting an Android Device to a Workstation -- USB Interfaces -- Introduction to Android Debug Bridge -- Summary -- References -- ch. 4 Android File Systems and Data Structures -- Introduction -- Data in the Shell -- What Data are Stored -- App Data Storage Directory Structure -- How Data are Stored -- Type of Memory -- RAM -- File Systems -- rootfs, devpts, sysfs, and cgroup File Systems -- proc -- tmpfs -- Extended File System (EXT) -- FAT32/VFAT -- YAFFS2 -- Mounted File Systems -- Mounted File Systems -- Summary -- References -- ch. 5 Android Device, Data, and App Security -- Introduction -- Data Theft Targets and Attack Vectors -- Android Devices as a Target -- Android Devices as an Attack Vector -- Data Storage -- Recording Devices -- Security Considerations -- Security Philosophy -- US Federal Computer Crime Laws and Regulations -- Open Source Versus Closed Source -- Encrypted NAND Flash -- Individual Security Strategies --

Contents note continued: Corporate Security Strategies -- Policies -- Password/Pattern/PIN Lock -- Remote Wipe of Device -- Upgrade to Latest Software -- Remote Device Management Features -- Application and Device Audit -- App Development Security Strategies -- Mobile App Security Testing -- App Security Strategies -- Summary -- References -- ch. 6 Android Forensic Techniques -- Introduction -- Types of Investigations -- Difference Between Logical and Physical Techniques -- Modification of the Target Device -- Procedures for Handling an Android Device -- Securing the Device -- Network Isolation -- How to Circumvent the Pass Code -- Imaging Android USB Mass Storage Devices -- SD Card Versus eMMC -- How to Forensically Image the SD Card/eMMC -- Logical Techniques -- ADB Pull -- Backup Analysis -- AFLogical -- Commercial Providers -- Physical Techniques -- Hardware-Based Physical Techniques -- JTAG -- Chip-off -- Software-Based Physical Techniques and Privileges --

Contents note continued: AFPhysical Technique -- Summary -- References -- ch. 7 Android Application and Forensic Analysis -- Introduction -- Analysis Techniques -- Timeline Analysis -- File System Analysis -- File Carving -- Strings -- Hex: A Forensic Analyst's Good Friend -- Android Directory Structures -- FAT Forensic Analysis -- FAT Timeline Analysis -- FAT Additional Analysis -- FAT Analysts Notes -- YAFFS2 Forensic Analysis -- YAFFS2 Timeline Analysis -- YAFFS2 File System Analysis -- YAFFS2 File Carving -- YAFFS2 Strings Analysis -- YAFFS2 Analyst Notes -- Android App Analysis and Reference -- Messaging (sms and mms) -- MMS Helper Application -- Browser -- Contacts -- Media Scanner -- YouTube -- Cooliris Media Gallery -- Google Maps -- Gmail -- Facebook -- Adobe Reader -- Summary -- References.

Title Subject:

Android (Electronic resource)

Google.

Subject Term:

Smartphones -- Security measures.

Mobile computing -- Security measures.

Data recovery (Computer science)

Computer crimes -- Investigation.

Added Author:

McCash, John.

Copies:

Available:*

Library	Material Type	Item Barcode	Shelf Number	Copy	Status
Searching... 1:IIEMSA	1:GEN-BOOK	23168001678828	005.446 H779A 2011	1	Searching... Unknown
Searching... 1:IIEMSA	1:GEN-BOOK	23168001678661	005.446 H779A 2011	2	Searching... Unknown

Bound With These Titles

On Order

Summary

Android Forensics: Investigation, Analysis, and Mobile Security for Google Android provides the background, techniques and analysis tools you need to effectively investigate an Android phone. This book offers a thorough review of the Android platform, including the core hardware and software components, file systems and data structures, data security considerations, and forensic acquisition techniques and strategies for the subsequent analysis require d. this book is ideal for the classroom as it teaches readers not only how to forensically acquire Android devices but also how to apply actual forensic techniques to recover data.

The book lays a heavy emphasis on open source tools and step-by-step examples and includes information about Android applications needed for forensic investigations. It is organized into seven chapters that cover the history of the Android platform and its internationalization; the Android Open Source Project (AOSP) and the Android Market; a brief tutorial on Linux and Android forensics; and how to create an Ubuntu-based virtual machine (VM). The book also considers a wide array of Android-supported hardware and device types, the various Android releases, the Android software development kit (SDK), the Davlik VM, key components of Android security, and other fundamental concepts related to Android forensics, such as the Android debug bridge and the USB debugging setting. In addition, it analyzes how data are stored on an Android device and describes strategies and specific utilities that a forensic analyst or security engineer can use to examine an acquired Android device.

Core Android developers and manufacturers, app developers, corporate security officers, and anyone with limited forensic experience will find this book extremely useful. It will also appeal to computer forensic and incident response professionals, including commercial/private sector contractors, consultants, and those in federal government.