Android Forensics. Investigation, Analysis, Google Android. and Mobile Security for. Andrew Hoog. John McCash, Technical Editor SYNGRESS

Similar documents
Android Forensics Concept

Embedded Systems Architecture

Coding for Penetration

Coding for Penetration Testers Building Better Tools

Managed. Code Rootkits. Hooking. into Runtime. Environments. Erez Metula ELSEVIER. Syngress is an imprint of Elsevier SYNGRESS

Android Forensics. Presented By: Mohamed Khaled. Thanks to: Ibrahim Mosaad Mohamed Shawky

Android Forensics: Simplifying Cell Phone Examinations

and Security Testing Shawn Valle gmail. com May 2013

Android Forensics Techniques. Zlatko Jovanovic. Instructor Dr DeAndre Redd. International Academy of Design and Technology

IJRDTM Kailash ISBN No Vol.17 Issue

Android Forensics: Investigation, Analysis And Mobile Security For Google Android PDF

MSP430 Microcontroller Basics

Computers as Components Principles of Embedded Computing System Design

Programming 8-bit PIC Microcontrollers in С

Android AOSP Overview. Karthik Dantu and Steve Ko

A Study of User Data Integrity During Acquisition of Android Devices

The Definitive Guide to the ARM Cortex-M3

IJREAT International Journal of Research in Engineering & Advanced Technology, Volume 1, Issue 5, Oct-Nov, 2013 ISSN:

Android forensics. Part 1 boot process, security, system, rooting, dumping, analysis, etc.

Understand and Implement Effective PCI Data Security Standard Compliance

Open-Source Robotics and Process Control Cookbook

Maya Python. for Games and Film. and the Maya Python API. A Complete Reference for Maya Python. Ryan Trowbridge. Adam Mechtley ELSEVIER

ITG Software Engineering

An Introduction to Parallel Programming

Cellebrite Digital Forensics for Legal Professionals (CDFL)

Release Notes Zebra TC51 and TC56 Android M MG (GMS)

Android Overview. Francesco Mercaldo, PhD

Moving to the Cloud. Developing Apps in. the New World of Cloud Computing. Dinkar Sitaram. Geetha Manjunath. David R. Deily ELSEVIER.

Android Gingerbread Manually Update To Jelly Bean Features

Modern Embedded Computing Designing Connected, Pervasive, Media-Rich Systems

Why Android? Why Android? Android Overview. Why Mobile App Development? 20-Nov-18

FISMAand the Risk Management Framework

Revisiting Storage for Smartphones. Nitin Agrawal

Tethering an Android Smartphone to USB Devices

CompTIA A+ Accelerated course for & exams

Proactive Forensic Support to Android Device

Security for Microsoft Windows System Administrators

CompTIA A+s. Guide to 802: Managing. and Troubleshooting PCs. Mike Meyers' (Exam ) Fourth Edition. Mike Meyers.

Windows Forensic Analysis Toolkit Third Edition Advanced Analysis Techniques For Windows 7

Windows Forensic Analysis Toolkit Third Edition Advanced Analysis Techniques For Windows 7

HTML5 MOBILE WEBSITES

The Case for Security Enhanced (SE) Android. Stephen Smalley Trusted Systems Research National Security Agency

Mobile Internet Devices and the Cloud

Mobile Forensics: Android Platforms and WhatsApp Extraction Tools

Android OS. Operating System based on Linux [ ] [Jonas Teuscher, Alex Cuordileone, Cédric Glaus]

Android. Lesson 1. Introduction. Android Developer Fundamentals. Android Developer Fundamentals. to Android 1

Survey on Android Forensic Tools and Methodologies

FPGAs: Instant Access

Android System Development Training 4-day session

Release Notes Zebra VC80x Android N Update 003 based on NG-00-A (GMS)

Android - open source mobile platform

Securing Android-Powered Mobile Devices Using SELinux

Algorithmic Graph Theory and Perfect Graphs

Android Forensics. Android Forensics Mobile Forensics World 2009

Department of Computer Science and Engineering, Sri Jayachamarajendra College of Engineering, Mysore, Karnataka

M (~ Computer Organization and Design ELSEVIER. David A. Patterson. John L. Hennessy. University of California, Berkeley. Stanford University

Manual Flash Install Android Adobe Tablet >>>CLICK HERE<<<

BECOMING MORE EFFECTIVE WITH THE ANDROID EMULATOR

Introduction to Embedded Systems

Manually Adobe Flash Player For Android Phone 4.0 4

Mobile Hacking & Security. Ir. Arthur Donkers & Ralph Moonen, ITSX

Computer Architecture A Quantitative Approach

D1S - Embedded Linux with Ac6 System Workbench

CompTIA A+ Certification ( ) Study Guide Table of Contents

REQUIRED TEXT: Mobile Phone Examiner Training Manual. Various articles and white papers. as assigned by instructor

Logging and Log Management

Introduction. Assessment Test. Part I

Understanding Storage I/O Behaviors of Mobile Applications. Louisiana State University Department of Computer Science and Engineering

The Essential Guide to Video Processing

Release Notes Zebra MC92 Android KK LifeGuard Update 02 Release

Galaxy Note Root Guide. by Max Lee

Engineering Real- Time Applications with Wild Magic

Release Notes Zebra VC80x AndroidN Update005 based on NG-00-A Release for GMS

Introduction to Android

Manual Update To Android 4.4 Kitkat Cyanogenmod 11 Rom For Galaxy S I9000

Android: Under the Hood. GDG-SG DevFest 5th Nov 2016 Jason Zaman

Android Gingerbread Manually Update To Jelly Bean Features

Traditional vs. Mobile Operating Systems

Release Notes Zebra VC80x Android N LifeGuard Update 08 for GMS

Application Programming

CS260 Intro to Java & Android 04.Android Intro

PTC Mathcad Prime 3.0

User Guide. Android x86 Modified System. Sponsor: Huan Ren. Compiled by: Zachary Bair, Taronish Daruwalla, Joshua Duong, and Anthony Nguyen

Presentation Outline 10/16/2016

Android Gingerbread Manually Update To Jelly Bean

Android Jelly Bean Manual Install Application On Sd Card

Open Mobile Platforms. EE 392I, Lecture-6 May 4 th, 2010

Xperia TM. Read about how Xperia TM devices can be administered in a corporate IT environment

AT&T Developer Program

Install ADB on Windows

A Design and Implementation of Universal Container

ATV520 User Manual V1.1

Android In Industrial Applications. A Field Report

System Assurance. Beyond Detecting. Vulnerabilities. Djenana Campara. Nikolai Mansourov

Embedded Linux Primer, Second Edition

Research on Improving performance and Battery Backup of Android Mobile with help of Cyanogen Mod, and latest kernel

Quick Heal Total Security for Android. Anti-Theft Security. Web Security. Backup. Real-Time Protection. Safe Online Banking & Shopping.

Faheem, Muhammad; Le-Khac, Nhien-An; Kechadi, Tahar. Journal of Information Security, 5 :

Studio 5.5. User Manual

Virtualization from the Trenches

Transcription:

Android Forensics Investigation, Analysis, and Mobile Security for Google Android Andrew Hoog John McCash, Technical Editor AMSTERDAM BOSTON. HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO. SINGAPORE SYDNEY TOKYO SYNGRESS Syngress is an imprint of Elsevier

Contents Acknowledgements Introduction About the Author xiii xv xix CHAPTER 1 Android and Mobile Forensics i Introduction 1 Android Platform 1 History of Android 3 Google's Strategy 7 Linux, Open Source Software, and Forensics 10 Brief History of Linux 11 Android Open Source Project 25 AOSP Licenses 26 Development Process 27 Value of Open Source in Forensics 27 Downloading and Compiling AOSP 29 Internationalization 31 Unicode 31 Keyboards 31 Custom Branches 32 Android Market 33 Installing an App 34 Application Statistics 37 Android Forensics 37 Challenges 38 Summary 38 References 39 CHAPTER 2 Android Hardware Platforms...41 Introduction 41 Overview of Core Components 41 Central Processing Unit 41 Baseband Modem/Radio 42 Memory (Random-Access Memory and NAND Flash) 42 Global Positioning System 43 Wireless (Wi-Fi.com and Bluetooth) 43 Secure Digital Card 44 Screen 44 Camera 44 Keyboard 45

viii Contents Battery 45 Universal Serial Bus 46 Accelerometer/Gyroscope 46 Speaker/Microphone 46 Overview of Different Device Types 47 Smartphone 47 Tablet 47 Netbook 48 Google TV 48 Vehicles (In-board) 48 Global Positioning System 49 Other Devices 49 ROM and Boot Loaders 49 Power On and On-chip Boot ROM Code Execution 50 Boot Loader (Initial Program Load/Second Program Loader) 50 Linux Kernel 51 The Init Process 51 Zygote and Dalvik 54 System Server 54 Manufacturers 56 Android Updates 57 Custom User Interfaces 58 Aftermarket Android Devices 58 Specific Devices 59 T-MobileGl 59 Motorola Droid 59 HTC Incredible 60 Google Nexus One 60 Summary 62 References 62 CHAPTER 3 Android Software Development Kit and Android Debug Bridge 65 Introduction 65 Android Platforms 65 Android Platform Highlights Through 2.3.3 (Gingerbread) 67 Software Development Kit (SDK) 71 SDK Release History 71 SDK Install 72 Android Virtual Devices (Emulator) 81 Android OS Architecture 86 Dalvik VM 87

Contents ix Native Code Development 88 Android Security Model 88 Forensics and the SDK 90 Connecting an Android Device to a Workstation 90 USB Interfaces 94 Introduction to Android Debug Bridge 100 Summary References 103 CHAPTER 4 Android File Systems and Data Structures 105 Introduction 105 Data in the Shell 105 What Data are Stored 106 App Data Storage Directory Structure 106 How Data are Stored 107 Type of Memory RAM 125 102 File Systems 132 rootfs, devpts, sysfs, and cgroup File Systems 133 proc 125 136 137 tmpfs Extended File System (EXT) 140 FAT32/VFAT 140 YAFFS2 141 Mounted File Systems Mounted File Systems 154 Summary 153 157 References 157 CHAPTER 5 Android Device, Data, and App Security 159 Introduction 159 Data Theft Targets and Attack Vectors 160 Android Devices as a Target 160 Android Devices as an Attack Vector 168 Data Storage 168 Recording Devices 169 Security Considerations 170 Security Philosophy 170 US Federal Computer Crime Laws and Regulations 172 Open Source Versus Closed Source 173 Encrypted NAND Flash 175 Individual Security Strategies 176 Corporate Security Strategies 178 Policies 178

X Contents Password/Pattern/PIN Lock 178 Remote Wipe of Device 179 Upgrade to Latest Software 180 Remote Device Management Features 181 Application and Device Audit 183 App Development Security Strategies 184 Mobile App Security Testing 184 App Security Strategies 186 Summary 192 References 193 CHAPTER 6 Android Forensic Techniques 195 Introduction 195 Types of Investigations 195 Difference Between Logical and Physical Techniques 196 Modification of the Target Device 197 Procedures for Handling an Android Device 198 Securing the Device 199 Network Isolation 200 How to Circumvent the Pass Code 203 Imaging Android USB Mass Storage Devices 211 SD Card Versus emmc 211 How to Forensically Image the SD Card/eMMC 212 Logical Techniques 218 ADB Pull 218 Backup Analysis 219 AFLogical 220 Commercial Providers 228 Physical Techniques 266 Hardware-Based Physical Techniques 268 JTAG 268 Chip-off 270 Software-Based Physical Techniques and Privileges 270 AFPhysical Technique 278 Summary 284 References 284 CHAPTER 7 Android Application and Forensic Analysis 285 Introduction 285 Analysis Techniques 285 Timeline Analysis 285 File System Analysis 288 File Carving 291 Strings 293

Contents xi Hex: A Forensic Analyst's Good Friend 296 Android Directory Structures 301 FAT Forensic Analysis 308 FAT Timeline Analysis 309 FAT Additional Analysis 316 FAT Analysts Notes 317 YAFFS2 Forensic Analysis 321 YAFFS2 Timeline Analysis 324 YAFFS2 File System Analysis 330 YAFFS2 File Carving 332 YAFFS2 Strings Analysis 334 YAFFS2 Analyst Notes 335 Android App Analysis and Reference 340 Messaging (sms and mms) 340 MMS Helper Application 341 Browser 342 Contacts 347 Media Scanner 349 YouTube 350 Cooliris Media Gallery 353 Google Maps 354 Gmail 358 Facebook 360 Adobe Reader 363 Summary 363 References 364 Index 365

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback