A study of user data integrity during acquisition of Android devices |
| |
Institution: | 1. Center for Information Security Technologies (CIST), Korea University, Anam-Dong, Seongbuk-Gu, Seoul 135-713, Republic of Korea;2. UCD Digital Forensic Investigation Research Group (DigitalFIRE), University College Dublin, Belfield, Dublin 4, Ireland |
| |
Abstract: | At the time of this writing, Android devices are widely used, and many studies considering methods of forensic acquisition of data from Android devices have been conducted. Similarly, a diverse collection of smartphone forensic tools has also been introduced. However, studies conducted thus far do not normally guarantee data integrity required for digital forensic investigations. Therefore, this work uses a previously proposed method of Android device acquisition utilizing ‘Recovery Mode’. This work evaluates Android Recovery Mode variables that potentially compromise data integrity at the time of data acquisition. Based on the conducted analysis, an Android data acquisition tool that ensures the integrity of acquired data is developed, which is demonstrated in a case study to test tool's ability to preserve data integrity. |
| |
Keywords: | Digital forensic investigation Android forensics Data acquisition Data integrity Android Recovery Mode JTAG |
本文献已被 ScienceDirect 等数据库收录! |
|