Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL

Introduction > Website - Pg. xvii

Introduction xvii CHAPTER 6 This chapter covers specific techniques that are useful in the forensic acquisition of Android devices. After clarifying the different types of acquisitions and providing procedures for handling an Android device, seven different strategies for circum- venting a pass code are discussed. Next, techniques and a specific script for acquiring an SD card and, if present, the Embedded MultiMediaCard (eMMC) are covered. Logical acquisition techniques are then covered including ones built into Android and the SDK, a solution free to law enforcement and government agencies called AFLogical, and finally a review of six commercial forensic software pack- ages. Finally, techniques for acquiring a physical image of the NAND flash are described in detail including six strategies for gaining root privileges and the AFPhysical technique developed by viaForensics. CHAPTER 7 In this final chapter, strategies and specific utilities are provided, which enable a forensic analyst or security engineer to analyze an acquired Android device. Although many of the techniques used in traditional forensic investigations are