Survey of Digital Forensics Technologies and Tools for Android based Intelligent Devices

Survey of Digital Forensics Technologies and Tools for Android based Intelligent Devices

Xuejiao Wan (School of Software Engineering, Beijing University of Technology, Beijing, China), Jingsha He (School of Software Engineering, Beijing University of Technology, Beijing, China), Gongzheng Liu (School of Software Engineering, Beijing University of Technology, Beijing, China), Na Huang (School of Software Engineering, Beijing University of Technology, Beijing, China), Xingye Zhu (School of Software Engineering, Beijing University of Technology, Beijing, China), Bin Zhao (School of Software Engineering, Beijing University of Technology, Beijing, China) and Yonghao Mai (Electronic Forensics Laboratory, Hubei University of Police, Hubei, China)
Copyright: © 2015 |Pages: 25
DOI: 10.4018/IJDCF.2015010101

Abstract

During the rapid development of mobile wireless technologies and applications, the Android operating system, due to its open-source characteristics, has become the most popular development platform in the smartphone market. Meanwhile, as Android-based intelligent mobiles devices experience a rapid increase in numbers, high-tech crimes involving such devices have become more versatile, affecting an ever increasing amount of data, thus making digital evidence an indispensable part of the evidence that needs to be seriously dealt with during crime investigations. Consequently, understanding the internal structure of Android and the various data operations in the file systems becomes necessary in Android-based digital forensics. In this paper, we survey the state-of-the-art of technologies in Android-based digital forensics and some popular tools in the aspects of data recovery and acquisition, file system analysis and data analysis. We also discuss some technical challenges and point out future research directions in Android-based digital forensics.
Article Preview

Digital Forensics Technologies

Forensic science is a type of science that brings together a variety of scientific principles and methods to identify, discover, reconstruct and analyze evidence during an investigation. However, a judge is not bound to those that are presented and could take into account others to define what the originals are (Hildebrandt, Kiltz, Grossmann & Vielhauer, 2011). The main objective of digital forensics is to provide methods that meet the requirements for judicial evidence and could involve the acquisition and analysis of any form of digital data. There are generally two types of evidence in the data that can be retrieved from intelligent devices. One type of evidence can be used to prove crimes directly, such as password theft, DOS (Denied of Service) attacks, etc. The other type could be used to support the evidence and build a complete chain of evidence, such as call history, SMS, log files of emails, etc.

Only until the recent past, can digital data, such as messages, call history and address book, be saved in the SIM card. But now, one can store thousands of messages and a large number of card-style phonebooks in the mobile phone. The allocation of storage space has changed from static storage allocation to dynamic storage allocation and the capacity of storage can also be increased by using expansion cards. A research report released on November 15, 2013 by the Gartner Group, a market research firm, showed that the worldwide production of mobile phones has reached 455.6 million units in the third quarter of 2013 in which smartphone production has increased by 46%, reaching 250.2 million units, and sales of smartphones have accounted for 55% of the overall mobile phone sales (Meulen & Rivera, 2013). The report also pointed out that Android smartphones accounted for 81.9% of the smartphone production while Apple's iOS phone accounted for 12.1% and Microsoft's Windows phones accounted for 3.6%. Meanwhile, BlackBerry's market share fell from 5.2% to 1.8%. The above data suggests that with the expansion of the smartphone market and the development of network technologies, portable mobile devices, taking smartphones and tablet PCs as the representative, will become a favored tool to surf the Internet and as a data processing platform. Moreover, intelligent mobile devices with the Android OS as the operation and application platform will take most of the market share.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 11: 4 Issues (2019): Forthcoming, Available for Pre-Order
Volume 10: 4 Issues (2018): 3 Released, 1 Forthcoming
Volume 9: 4 Issues (2017)
Volume 8: 4 Issues (2016)
Volume 7: 4 Issues (2015)
Volume 6: 4 Issues (2014)
Volume 5: 4 Issues (2013)
Volume 4: 4 Issues (2012)
Volume 3: 4 Issues (2011)
Volume 2: 4 Issues (2010)
Volume 1: 4 Issues (2009)
View Complete Journal Contents Listing