Forensic Carving of Wireless Network Information from the Android Linux Kernel
暂无分享,去创建一个
v Chapter 1 Introduction 1 1.1 Motivation 1 1.2 Android Operating System 1 1.3 Contributions 2 1.4 Organization 2 Chapter 2 Related Works 4 2.1 Network Structure Carving 4 2.2 Mobile Memory Forensics 5 2.3 Volatile Memory Forensics 7 Chapter 3 Implementation 8 3.1 Methodology 8 3.2 Design 11 3.3 wext_stream_scan plugin 13 3.4 iwe_pull and iwe_carve 15 Chapter 4 Limitations 18 iv 4.1 iw_event streams in memory 18 4.2 Volatility framework 19 4.3 Methodoloy and Testing 20 Chapter 5 Results 22 5.1 Acquiring Viable Memory Capture 22 5.2 Analysis of Memory Captures 23 4.3 Methodoloy and Testing 20 Chapter 6 Conclusion 28 5.1 Wrap-Up 28 5.2 Future Work 28 Appendix A 30 References 32
[1] Golden G. Richard,et al. Acquisition and analysis of volatile memory from android devices , 2012, Digit. Investig..
[2] Simson L. Garfinkel,et al. Forensic carving of network packets and associated data structures , 2011, Digit. Investig..
[3] 余雷,et al. 新生儿Gartner氏囊肿 , 2002 .
[4] Gregory S Cardwell. Residual network data structures in Android devices , 2011 .