Description |
1 online resource (324 pages) |
Contents |
Cover; Title Page; Copyright and Credits; About Packt; Contributors; Table of Contents; Preface; Chapter 1: Introducing Android Forensics; Mobile forensics; The mobile forensics approach; Investigation preparation; Seizure and isolation; The acquisition phase; Examination and analysis; Reporting; Challenges in mobile forensics; Android architecture; The Linux kernel; Hardware abstraction level; Android Runtime; Native C/C++ Libraries; Java API Framework; The application layer; Android security; Security at OS level through the Linux kernel; Permission model; Sample permission model in Android |
|
Application sandboxingSELinux in Android; Application signing; Secure inter-process communication; Binder communication model; Android hardware components; Core components; Central Processing Unit (CPU); Baseband processor; Memory; SD Card; Display; Battery; Android boot process; Boot ROM code execution; The bootloader; The Linux kernel; The init process; Zygote and Dalvik; System server; Summary; Chapter 2: Setting up the Android Forensic Environment; Android forensic setup; Android SDK; Installing the Android SDK; Android Virtual Device |
|
Connecting and accessing Android devices from the workstationIdentifying the correct device cable; Installing device drivers; Accessing the device; Android Debug Bridge; Using ADB to access the device; Detecting a connected device; Directing commands to a specific device; Issuing shell commands; Basic Linux commands; Installing an application; Pulling data from the device; Pushing data to the device; Restarting the ADB server; Viewing log data; Rooting Android; What is rooting?; Why root?; Recovery and fastboot; Recovery mode; Accessing recovery mode; Custom recovery; Fastboot mode |
|
Locked and unlocked boot loadersHow to root; Rooting an unlocked boot loader; Rooting a locked boot loader; ADB on a rooted device; Summary; Chapter 3: Understanding Data Storage on Android Devices; Android partition layout; Common partitions in Android; Identifying partition layout; Android file hierarchy; Overview of directories; The acct directory; The cache directory; The config directory; The data directory; The dev directory; The mnt directory; The proc directory; The sbin directory; The storage directory; The system directory; Application data storage on the device; Shared preferences |
|
Internal storageExternal storage; SQLite database; Network; Android filesystem overview; Viewing filesystems on an Android device; Common Android filesystems; Flash memory filesystems; Media-based filesystems; Pseudo filesystems; Summary; Chapter 4: Extracting Data Logically from Android Devices; Logical extraction overview; What data can be recovered logically?; Root access; Manual ADB data extraction; USB Debugging; Using adb shell to determine if a device is rooted; adb pull; Recovery Mode; Fastboot mode; Determining bootloader status; Booting to a custom recovery image |
Summary |
This book will introduce you to Android forensics helping you to set up a forensic environment, handle mobile evidence, analyze how and where common applications store their data. You will also learn to identify malware on a device, and how to analyze it |
Notes |
ADB backup extractions |
|
Print version record |
SUBJECT |
Android (Electronic resource) http://id.loc.gov/authorities/names/n2009043077
|
|
Android (Electronic resource) fast |
Subject |
Mobile computing.
|
|
Data recovery (Computer science)
|
|
Computer crimes -- Investigation.
|
|
Mobile & handheld device programming / Apps programming.
|
|
Computer viruses, Trojans & worms.
|
|
Computer security.
|
|
COMPUTERS -- Operating Systems -- Android.
|
|
Computer crimes -- Investigation
|
|
Data recovery (Computer science)
|
|
Mobile computing
|
Form |
Electronic book
|
Author |
Tindall, Donnie
|
|
Tamma, Rohit
|
ISBN |
9781789137491 |
|
1789137497 |
|