Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                

To read this content please select one of the options below:

Logical acquisition and analysis of data from android mobile devices

Himanshu Srivastava (Department of Information Technology, ABV-Indian Institute of Information Technology and Management, Gwalior, India.)
Shashikala Tapaswi (Department of Information Technology, ABV-Indian Institute of Information Technology and Management, Gwalior, India.)

Information and Computer Security

ISSN: 2056-4961

Article publication date: 9 November 2015

1509

Abstract

Purpose

The purpose of this paper is to propose an approach that helps in acquisition of live data as well as data stored in the internal/external memory of android mobile device considering that the data on the device are not much altered during the extraction process. Also, the emphasis is laid on testing the validity of existing forensic tools against the data obtained manually and by using this approach. Smartphones have spurred the mobile computing technology, and Android is widely used as an Operating System in these devices. These days, users store most of their personal information like emails, images, contacts etc., on Phones/Tablets as their data would be readily accessible and thus convenient for them.

Design/methodology/approach

Android Operating System is built on the Linux Kernel and scripts to extract data from Android Mobile Device with the use of Android Debugging Bridge have been written. The approach is more focused on the logical acquisition of data from devices rather than acquisition using physical methods.

Findings

Live data of the Facebook application running on the device can be extracted. Also, the password of the LuksManager application (used to create an encrypted volume on the device), which is stored in the internal memory, is also extracted and identified.

Research limitations/implications

The study has been conducted in an academic environment, thereby limiting external validity. Another limitation is the limited edition of some of the software forensics tools that are used. The full access to these software tools are restricted by Law enforcement and Investigation policies. The research provides a different approach which could aid in criminal investigation activities on mobile devices.

Practical implications

The devices which have the latest versions of Android not only store messages and mails, but a lot of information about GPS, as well as information about popular applications like Facebook, WhatsApp, etc. This could practically help a lot in criminal investigation.

Originality/value

This study is important because very few works have been done on recent versions (Jellybean and Kitkat) of Android. The proposed approach could extract large amounts of information as compared to earlier approaches with the newer versions of Android having larger memory and new features.

Keywords

Citation

Srivastava, H. and Tapaswi, S. (2015), "Logical acquisition and analysis of data from android mobile devices", Information and Computer Security, Vol. 23 No. 5, pp. 450-475. https://doi.org/10.1108/ICS-02-2014-0013

Publisher

:

Emerald Group Publishing Limited

Copyright © 2015, Emerald Group Publishing Limited

Related articles