Learning Android Forensics
暫譯: 學習 Android 取證技術

A hands-on guide to Android forensics, from setting up the forensic workstation to analyzing key forensic artifacts

About This Book

• A professional, step-by-step approach to forensic analysis complete with key strategies and techniques
• Analyze the most popular Android applications using free and open source tools
• Learn forensically-sound core data extraction and recovery techniques

Who This Book Is For

If you are a forensic analyst or an information security professional wanting to develop your knowledge of Android forensics, then this is the book for you. Some basic knowledge of the Android mobile platform is expected.

What You Will Learn

• Understand the Android system architecture and its significance for Android forensics
• Build a forensically sound workstation
• Utilize ADB to acquire data
• Bypass Android security such as PINs and passwords
• Perform both logical and full physical extractions to retrieve data
• Reverse-engineer applications  
• Analyze data from many popular applications including Gmail, WhatsApp, and Snapchat
• Discover free and open source tools to aid in data acquisition and analysis

In Detail

Many forensic examiners rely on commercial, push-button tools to retrieve and analyze data, even though there is no tool that does either of these jobs perfectly. This book will introduce you to the Android platform and its architecture, and provides a high-level overview of what Android  forensics entails. You will see how data is stored on Android devices and how to set up a digital forensic examination environment. Next, you will go through the various physical and logical techniques to extract data from devices to obtain forensic evidence. You will also learn how to reverse-engineer applications and forensically analyze the data with the help of various open source and commercial tools.

By the end of this book, you will have a complete understanding of the Android forensic process.