Android anti-forensics through a local paradigm

Mobile devices are among the most disruptive technologies of the last years, gaining even more diffusion and success in the daily life of a wide range of people categories. Unfortunately, while the number of mobile devices implicated in crime activities is relevant and growing, the capability to perform the forensic analysis of such devices is limited both by technological and methodological problems. In this paper, we focus on Anti-Forensic techniques applied to mobile devices, presenting some fully automated instances of such techniques to Android devices. Furthermore, we tested the effectiveness of such techniques versus both the cursory examination of the device and some acquisition tools.

[1]  Ryan Harris,et al.  Arriving at an anti-forensics consensus: Examining how to define and control the anti-forensics problem , 2006, Digit. Investig..

[2]  Kinam Kim Memory Technologies for Mobile Era , 2005 .

[3]  Fabio Dellutri,et al.  MIAT-WM 5 : FORENSIC ACQUISITION FOR WINDOWS MOBILE POCKETPC , 2008 .

[4]  Ing. M. F. Breeuwsma Forensic imaging of embedded systems using JTAG (boundary-scan) , 2006, Digit. Investig..

[5]  Matthew Geiger,et al.  Evaluating Commercial Counter-Forensic Tools , 2005, DFRWS.

[6]  MeGianluigi,et al.  Android anti-forensics through a local paradigm , 2010 .

[7]  Wayne Jansen,et al.  Guidelines on Cell Phone Forensics , 2007 .

[8]  James E. Regan The Forensic Potential of Flash Memory , 2009 .

[9]  Brian D. Carrier,et al.  Open Source Digital Forensics Tools The Legal Argument 1 , 2003 .

[10]  Gianluigi Me,et al.  An overall assessment of Mobile Internal Acquisition Tool , 2008, Digit. Investig..

[11]  Wayne Jansen,et al.  Overcoming Impediments to Cell Phone Forensics , 2008, Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008).

[12]  Hal Berghel,et al.  Hiding data, forensics, and anti-forensics , 2007, CACM.

[13]  Maurizio Rossi,et al.  Internal forensic acquisition for mobile equipments , 2008, 2008 IEEE International Symposium on Parallel and Distributed Processing.

[14]  Mark Roeloffs,et al.  Forensic Data Recovery from Flash Memory , 2007 .

[15]  Kas Kalba,et al.  The Adoption of Mobile Phones in Emerging Markets: Global Diffusion and the Rural Challenge , 2008 .