Forensic Discovery
An overall assessment of Mobile Internal Acquisition Tool
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Live memory forensics of mobile phones
Digital Investigation: The International Journal of Digital Forensics & Incident Response
All your droid are belong to us: a survey of current android attacks
WOOT'11 Proceedings of the 5th USENIX conference on Offensive technologies
The impact of the antivirus on the digital evidence
International Journal of Electronic Security and Digital Forensics
Hi-index | 0.00 |
The Android platform has been deployed across a wide range of devices, predominately mobile phones, bringing unprecedented common software features to a diverse set of devices independent of carrier and manufacturer. Modern digital forensics processes differentiate collection and analysis, with collection ideally only occurring once and the subsequent analysis relying upon proper collection. After exploring special device boot modes and Android's partitioning schema we detail the composition of an Android bootable image and discuss the creation of such an image designed for forensic collection. The major contribution of this paper is a general process for data collection of Android devices and related results of experiments carried out on several specific devices.