New Brain and Whole Body Tissue Clearing|Register Now
»
Android Forensics
 
 

Android Forensics, 1st Edition

Investigation, Analysis and Mobile Security for Google Android

 
Android Forensics, 1st Edition,Andrew Hoog,ISBN9781597496513
 
 
 

  

Syngress

9781597496513

9781597496520

432

235 X 191

This book provides the background, techniques and analysis tools you need to effectively investigate an Android phone.

Print Book + eBook

USD 83.94
USD 139.90

Buy both together and save 40%

Print Book

Paperback

In Stock

Estimated Delivery Time
USD 69.95

eBook
eBook Overview

ePUB format

PDF format

VST format

USD 69.95
Add to Cart
 
 

Key Features

  • Named a 2011 Best Digital Forensics Book by InfoSec Reviews
  • Ability to forensically acquire Android devices using the techniques outlined in the book
  • Detailed information about Android applications needed for forensics investigations
  • Important information about SQLite, a file based structured data storage relevant for both Android and many other platforms.

Description

Android Forensics: Investigation, Analysis, and Mobile Security for Google Android examines the Android mobile platform and shares techniques for the forensic acquisition and subsequent analysis of Android devices. Organized into seven chapters, the book looks at the history of the Android platform and its internationalization; it discusses the Android Open Source Project (AOSP) and the Android Market; it offers a brief tutorial on Linux and Android forensics; and it explains how to create an Ubuntu-based virtual machine (VM). The book also considers a wide array of Android-supported hardware and device types, the various Android releases, the Android software development kit (SDK), the Davlik VM, key components of Android security, and other fundamental concepts related to Android forensics, such as the Android debug bridge and the USB debugging setting. In addition, it analyzes how data are stored on an Android device and describes strategies and specific utilities that a forensic analyst or security engineer can use to analyze an acquired Android device. Core Android developers and manufacturers, app developers, corporate security officers, and anyone with limited forensic experience will find this book extremely useful.

Readership

Computer forensic and incident response professionals. This includes LE, federal government, commercial/private sector contractors, consultants, etc.

Andrew Hoog

Andrew Hoog is a computer scientist, certified forensic analyst (GCFA and CCE), computer and mobile forensics researcher, former adjunct professor (assembly language) and owner of viaForensics, an innovative computer and mobile forensic firm. He divides his energies between investigations, research and training about the computer and mobile forensic discipline. He writes computer/mobile forensic how-to guides, is interviewed on radio programs and lectures and trains both corporations and law enforcement agencies. As the foremost expert in Android Forensics, he leads expert level training courses, speaks frequently at conferences and is writing a book on Android forensics.

Affiliations and Expertise

is a computer scientist, certified forensic analyst (GCFA and CCE), computer and mobile forensics researcher, former adjunct professor (assembly language) and owner of viaForensics, an innovative computer and mobile forensic firm.

Android Forensics, 1st Edition

Acknowledgments Introduction About the Author Chapter 1 Android and Mobile Forensics     Introduction     Android Platform          History of Android          Google’s Strategy     Linux, Open Source Software, and Forensics          Brief History of Linux     Android Open Source Project          AOSP Licenses          Development Process          Value of Open Source in Forensics          Downloading and Compiling AOSP     Internationalization          Unicode          Keyboards          Custom Branches     Android Market          Installing an App          Application Statistics     Android Forensics          Challenges     Summary     References Chapter 2 Android Hardware Platforms     Introduction     Overview of Core Components          Central Processing Unit          Baseband Modem/Radio          Memory (Random-Access Memory and NAND Flash)          Global Positioning System          Wireless (Wi-Fi.com and Bluetooth)          Secure Digital Card          Screen          Camera          Keyboard          Battery          Universal Serial Bus          Accelerometer/Gyroscope          Speaker/Microphone     Overview of Different Device Types          Smartphone          Tablet          Netbook          Google TV          Vehicles (In-board)          Global Positioning System          Other Devices     ROM and Boot Loaders          Power On and On-chip Boot ROM Code Execution          Boot Loader (Initial Program Load/Second Program Loader)          Linux Kernel          The Init Process          Zygote and Dalvik          System Server     Manufacturers     Android Updates          Custom User Interfaces          Aftermarket Android Devices     Specific Devices          T-Mobile G1          Motorola Droid          HTC Incredible          Google Nexus One     Summary     References Chapter 3 Android Software Development Kit and Android Debug Bridge     Introduction     Android Platforms          Android Platform Highlights Through 2.3.3 (Gingerbread)     Software Development Kit (SDK)          SDK Release History          SDK Install          Android Virtual Devices (Emulator)          Android OS Architecture          Dalvik VM          Native Code Development     Android Security Model     Forensics and the SDK          Connecting an Android Device to a Workstation          USB Interfaces          Introduction to Android Debug Bridge     Summary     References Chapter 4 Android File Systems and Data Structures     Introduction     Data in the Shell          What Data are Stored          App Data Storage Directory Structure          How Data are Stored     Type of Memory          RAM     File Systems          rootfs, devpts, sysfs, and cgroup File Systems          proc          tmpfs          Extended File System (EXT)          FAT32/VFAT          YAFFS2     Mounted File Systems          Mounted File Systems     Summary     References Chapter 5 Android Device, Data, and App Security     Introduction     Data Theft Targets and Attack Vectors          Android Devices as a Target          Android Devices as an Attack Vector          Data Storage          Recording Devices     Security Considerations          Security Philosophy          US Federal Computer Crime Laws and Regulations          Open Source Versus Closed Source          Encrypted NAND Flash     Individual Security Strategies     Corporate Security Strategies          Policies          Password/Pattern/PIN Lock          Remote Wipe of Device          Upgrade to Latest Software          Remote Device Management Features          Application and Device Audit     App Development Security Strategies          Mobile App Security Testing          App Security Strategies     Summary     References Chapter 6 Android Forensic Techniques     Introduction          Types of Investigations          Difference Between Logical and Physical Techniques          Modification of the Target Device     Procedures for Handling an Android Device          Securing the Device          Network Isolation          How to Circumvent the Pass Code     Imaging Android USB Mass Storage Devices          SD Card Versus eMMC          How to Forensically Image the SD Card/eMMC     Logical Techniques          ADB Pull          Backup Analysis          AFLogical          Commercial Providers     Physical Techniques          Hardware-Based Physical Techniques          JTAG          Chip-off          Software-Based Physical Techniques and Privileges          AFPhysical Technique     Summary     References Chapter 7 Android Application and Forensic Analysis     Introduction     Analysis Techniques          Timeline Analysis          File System Analysis          File Carving          Strings          Hex: A Forensic Analyst’s Good Friend          Android Directory Structures     FAT Forensic Analysis          FAT Timeline Analysis          FAT Additional Analysis          FAT Analysts Notes     YAFFS2 Forensic Analysis          YAFFS2 Timeline Analysis          YAFFS2 File System Analysis          YAFFS2 File Carving          YAFFS2 Strings Analysis          YAFFS2 Analyst Notes     Android App Analysis and Reference          Messaging (sms and mms)          MMS Helper Application          Browser          Contacts          Media Scanner          YouTube          Cooliris Media Gallery          Google Maps          Gmail          Facebook          Adobe Reader     Summary     References Index

Quotes and reviews

"If you want to truly understand and perform forensics on Android this is the book. There is no other reference that goes to this level of detail on the Android operating systems idiosyncrasies and quirks. Android Forensics is a must have for the mobile device examiner’s bookshelf."-Jim Steele, Director of Digital Forensics , a Tier 1 Wireless Carrier

"Andrew Hoog in his latest book, Android Forensics, provides exceptionally well written coverage of Android for the Computer Forensics Investigator. No small task given the ever changing nature of Google’s preeminent mobile operating system."--Matthew M. Shannon, Principal, F-Response

"…provides an excellent and comprehensive coverage of the Android platform, including its design, implementation, operation, investigation and analysis. At 364 pages of content, organized over seven chapters, with a focus on the ‘practical’ - demonstrating system design, implementation, operation and investigation, for instance, through hands-on "experiments" - this sizable text will resonate particularly well with readers disposed to activity-centric, learning-by-doing styled narrative. The text is peppered throughout with device and application (GUI) screenshots, as well as command line execution/output and directory listings."--InfosecReviews.com

"In conclusion, we feel that Android Forensics is a good introduction to a field that still seems very ‘fresh’ and new to forensic examiners… As a quick reference during forensic analysis, the last chapter proves to be an excellent resource."--Computer and Security

"At 364 pages of content, organized?over seven chapters, with a focus on?the ‘practical’ - demonstrating system design, implementation, operation and investigation, for instance, through hands- on "experiments" - this sizable text will resonate particularly well with readers disposed to activity-centric, learning-by- doing styled narrative…With a practical focus from the outset that includes how to acquire and install the Android SDK and build an Android Virtual Device (AVD), this text is particularly suited to those disposed to?a hands-on approach to learning about the Android platform from a security and investigation perspective."--Best Digital Forensics Book in InfoSecReviews Book Awards

 
 

Shop with Confidence

Free Shipping around the world
▪ Broad range of products
▪ 30 days return policy
FAQ

Contact Us