Android Forensics: Investigation, Analysis and Mobile Security for Google Android Review
Posted by
Pearlene McKinley
on 6/12/2012
/
Labels:
android,
android development,
google,
hp,
java,
mobile,
programming,
tcpip,
webos,
wireshark
Average Reviews:
(More customer reviews)As Brian Carrier is to file system forensics and Harlan Carvey is to Windows registry analysis, Andrew Hoog is to the Android operating system. The level of detail in this book demonstrates a deep understanding of this complex and unique operating system. Chapter 1 begins with an overview of both Android and Linux in general. Instructions are provided for creating a virtual machine environment so the reader can follow along with the examples in the book. Throughout, the reader is encouraged to follow along, and ample opportunities are provided. This is highly appreciated as most technical books overwhelm the reader with information rather than guide them along the way. Chapter 2 presents an overview of the hardware that is supported by the Android OS. Chapter 3 begins the discussion of the Android OS proper. Included in this chapter are instructions on augmenting the previously created VM with the Android SDK providing additional tools for use in analysis. Chapter 4 is devoted to discussing the file systems likely to be encountered in the Android environment. Special attention is paid to YAFFS and YAFFS2. Chapter 5 discusses securing the data within the device. Also presented are recommendations for securely using Android devices in an enterprise environment. Additional advice is given for both users and developers to limit the exposure of sensitive data. Chapter 6 covers the most significant portion of the book with instructions on acquiring the data from device. Logical and physical acquisitions from the handset as well as the removable storage are discussed. The issue of passcode circumvention is discussed along with potential solutions. Chapter 7 finishes with timeline analysis techniques for the YAFFS file system and the FAT file system. Additional locations of interest to both security researchers and forensic analysts are also presented. Overall the book is enjoyable to read and will be a valuable asset for both forensic analysts and researchers.
Click Here to see more reviews about: Android Forensics: Investigation, Analysis and Mobile Security for Google Android
The open source nature of the platform has not only established a new direction for the industry, but enables a developer or forensic analyst to understand the device at the most fundamental level. Android Forensics covers an open source mobile device platform based on the Linux 2.6 kernel and managed by the Open Handset Alliance. The Android platform is a major source of digital forensic investigation and analysis. This book provides a thorough review of the Android platform including supported hardware devices, the structure of the Android development project and implementation of core services (wireless communication, data storage and other low-level functions). Finally, it will focus on teaching readers how to apply actual forensic techniques to recover data.
Ability to forensically acquire Android devices using the techniques outlined in the book
Detailed information about Android applications needed for forensics investigations
Important information about SQLite, a file based structured data storage relevant for both Android and many other platforms.
0 comments:
Post a Comment