Performance of Android Forensics Data Recovery Tools
نویسندگان
چکیده
Recovering deleted or hidden data is among most important duties of forensics investigators. Extensive utilisation of smartphones as subject, objects or tools of crime made them an important part of residual forensics. This chapter investigates the effectiveness of mobile forensic data recovery tools in recovering evidences from a Samsung Galaxy S2 i9100 Android phone. We seek to determine the amount of data that could be recovered using Phone image carver, Access data FTK, Foremost, Diskdigger, and Recover My File forensic tools. The findings reflected the difference between recovery capacities of studied tools showing their suitability in their specialised contexts only.
منابع مشابه
DroidSpotter: A Forensic Tool for Android Location Data Collection and Analysis
Since the surge in popularity of Android smartphones, creating Android applications and using location data in these applications have soared. Due to how quickly Android applications are being created, it is difficult for companies who have created forensics tools to keep updating their programs in a timely manner for investigators to use. This has created a need for a forensics tool which allo...
متن کاملLive acquisition of main memory data from Android smartphones and smartwatches
Recent research in Android device forensics has largely focused on evidence recovery from NAND flash memory. However, pervasive deployment of NAND flash encryption technologies and the increase in malware infections which reside only in main memory have motivated an urgent need for the forensic study of main memory. Existing Android main memory forensics techniques are hardly being adopted in p...
متن کاملAndroid forensics: Automated data collection and reporting from a mobile device
In this research, a prototype enterprise monitoring system for Android smartphones was developed to continuously collect many data sets of interest to incident responders, security auditors, proactive security monitors, and forensic investigators. Many of the data sets covered were not found in other available enterprise monitoring tools. The prototype system neither requires root privileges no...
متن کاملMobile device forensics: A snapshot
Christopher Tassone, Ben Martini, Kim-Kwang Raymond Choo and Jill Slay Foreword | In the increasingly dynamic environment of mobile forensics, this paper provides an overview of the capabilities of three popular mobile forensic tools on three mobile phones based on Apple’s iOS, Google’s Android and RIM’s BlackBerry operating systems. The paper identifies where each specific tool is best applied...
متن کاملEfficient Generalized Forensics Framework for extraction and documentation of evidence from mobile devices
The Google’s Android mobile platform is the most popular mobile operating system in terms of shipment of devices [21]. The Android platform provided significant advantages for consumers with respect to competition and features. Due to lack of knowledge and supported tools for investigating Android powered devices, the forensic investigators have struggled [1, 2]. In this paper, we present the e...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1709.05144 شماره
صفحات -
تاریخ انتشار 2017