Book Description
A comprehensive guide to Android forensics, from setting up the workstation to analyzing key artifacts
Key Features
- Get up and running with modern mobile forensic strategies and techniques
- Analyze the most popular Android applications using free and open source forensic tools
- Learn malware detection and analysis techniques to investigate mobile cybersecurity incidents
Book Description
Many forensic examiners rely on commercial, push-button tools to retrieve and analyze data, even though there is no tool that does either of these jobs perfectly.
Learning Android Forensics will introduce you to the most up-to-date Android platform and its architecture, and provide a high-level overview of what Android forensics entails. You will understand how data is stored on Android devices and how to set up a digital forensic examination environment. As you make your way through the chapters, you will work through various physical and logical techniques to extract data from devices in order to obtain forensic evidence. You will also learn how to recover deleted data and forensically analyze application data with the help of various open source and commercial tools. In the concluding chapters, you will explore malware analysis so that you’ll be able to investigate cybersecurity incidents involving Android malware.
By the end of this book, you will have a complete understanding of the Android forensic process, you will have explored open source and commercial forensic tools, and will have basic skills of Android malware identification and analysis.
What you will learn
- Understand Android OS and architecture
- Set up a forensics environment for Android analysis
- Perform logical and physical data extractions
- Learn to recover deleted data
- Explore how to analyze application data
- Identify malware on Android devices
- Analyze Android malware
Who this book is for
If you are a forensic analyst or an information security professional wanting to develop your knowledge of Android forensics, then this is the book for you. Some basic knowledge of the Android mobile platform is expected.
Table of Contents
- Introducing Android Forensics
- Setting up Android Forensic Environment
- Understanding Data Storage on Android Devices
- Extracting Data Logically from Android Devices
- Extracting Data Physically from Android Devices
- Recovering Deleted Data from an Android Device
- Forensic Analysis of Android Applications
- Android Forensic Tools Overview
- Identifying Android malware
- Reverse engineering Android malware
中文:
书名:Learning Android Forensics, 2nd Edition
Android取证的全面指南,从设置工作站到分析关键构件
Key Features
- 使用现代移动取证策略和技术启动和运行
- 使用免费和开源的取证工具分析最流行的Android应用程序
- Learn malware detection and analysis techniques to investigate mobile cybersecurity incidents
Book Description
许多法医检查员依靠商业的按钮工具来检索和分析数据,尽管没有工具可以完美地完成这两项工作。
学习Android Forensics将向您介绍最新的Android平台及其架构,并提供Android Forensics所需内容的高级概述。您将了解数据是如何存储在Android设备上的,以及如何设置数字取证考试环境。在您阅读本章的过程中,您将通过各种物理和逻辑技术从设备中提取数据,以获取法医证据。您还将学习如何在各种开源和商业工具的帮助下恢复已删除的数据并对应用程序数据进行取证分析。在最后一章中,您将探索恶意软件分析,以便能够调查涉及Android恶意软件的网络安全事件。
到本书结束时,您将对Android取证流程有一个完整的了解,您将探索开源和商业取证工具,并将拥有Android恶意软件识别和分析的基本技能。
你将学到什么
- Understand Android OS and architecture
- 为Android分析设置取证环境
- 执行逻辑和物理数据提取
- 学习恢复已删除的数据
- 探索如何分析应用程序数据
- Identify malware on Android devices
- 分析Android恶意软件
这本书是为谁而写的
如果你是一名法医分析师或信息安全专业人士,想要发展你的Android取证知识,那么这本书是为你准备的。预计会有一些Android移动平台的基本知识。
Table of Contents
- Introducing Android Forensics
- 构建Android取证环境
- 了解Android设备上的数据存储
- 从Android设备中逻辑地提取数据
- 从Android设备物理提取数据
- Recovering Deleted Data from an Android Device
- Android应用程序的取证分析
- Android Forensic Tools Overview
- 识别Android恶意软件
- Reverse engineering Android malware
评论前必须登录!
注册