Sunday, May 19, 2013
Android Forensics: Investigation, Analysis and Mobile Security for Google Android 1st edition, Andrew Hoog
"If you want to truly understand and perform forensics on Android this is the book. There is no other reference that goes to this level of detail on the Android operating systems idiosyncrasies and quirks. Android Forensics is a must have for the mobile device examiner's bookshelf."-Jim Steele, Director of Digital Forensics , a Tier 1 Wireless Carrier
"Andrew Hoog in his latest book, Android Forensics, provides exceptionally well written coverage of Android for the Computer Forensics Investigator. No small task given the ever changing nature of Google's preeminent mobile operating system."--Matthew M. Shannon, Principal, F-Response
".provides an excellent and comprehensive coverage of the Android platform, including its design, implementation, operation, investigation and analysis. At 364 pages of content, organized over seven chapters, with a focus on the 'practical' - demonstrating system design, implementation, operation and investigation, for instance, through hands-on "experiments" - this sizable text will resonate particularly well with readers disposed to activity-centric, learning-by-doing styled narrative. The text is peppered throughout with device and application (GUI) screenshots, as well as command line execution/output and directory listings."--InfosecReviews.com
"In conclusion, we feel that Android Forensics is a good introduction to a field that still seems very 'fresh' and new to forensic examiners. As a quick reference during forensic analysis, the last chapter proves to be an excellent resource."--Computer and Security
"At 364 pages of content, organized?over seven chapters, with a focus on?the 'practical' - demonstrating system design, implementation, operation and investigation, for instance, through hands- on "experiments" - this sizable text will resonate particularly well with readers disposed to activity-centric, learning-by- doing styled narrative.With a practical focus from the outset that includes how to acquire and install the Android SDK and build an Android Virtual Device (AVD), this text is particularly suited to those disposed to?a hands-on approach to learning about the Android platform from a security and investigation perspective."--Best Digital Forensics Book in InfoSecReviews Book Awards
As Brian Carrier is to file system forensics and Harlan Carvey is to Windows registry analysis, Andrew Hoog is to the Android operating system. The level of detail in this book demonstrates a deep understanding of this complex and unique operating system. Chapter 1 begins with an overview of both Android and Linux in general. Instructions are provided for creating a virtual machine environment so the reader can follow along with the examples in the book. Throughout, the reader is encouraged to follow along, and ample opportunities are provided. This is highly appreciated as most technical books overwhelm the reader with information rather than guide them along the way. Chapter 2 presents an overview of the hardware that is supported by the Android OS. Chapter 3 begins the discussion of the Android OS proper. Included in this chapter are instructions on augmenting the previously created VM with the Android SDK providing additional tools for use in analysis. Chapter 4 is devoted to discussing the file systems likely to be encountered in the Android environment. Special attention is paid to YAFFS and YAFFS2. Chapter 5 discusses securing the data within the device. Also presented are recommendations for securely using Android devices in an enterprise environment. Additional advice is given for both users and developers to limit the exposure of sensitive data. Chapter 6 covers the most significant portion of the book with instructions on acquiring the data from device. Logical and physical acquisitions from the handset as well as the removable storage are discussed. The issue of passcode circumvention is discussed along with potential solutions. Chapter 7 finishes with timeline analysis techniques for the YAFFS file system and the FAT file system. Additional locations of interest to both security researchers and forensic analysts are also presented. Overall the book is enjoyable to read and will be a valuable asset for both forensic analysts and researchers.
One reviewer commented that code samples are unreadable for the Kindle version. That seems to be true for standard, small screen, non-color devices (i.e. classic Kindles). However, on my iPad Kindle app the code samples are fine. In fact you can unpinch them to zoom in, and rotate your device to portrait mode if needed. Also, the online Kindle Cloud Reader shows the code samples clearly. Hopefully future conversions of technical texts such as this one will be done with more care to allow resizing of special text. For now you will need your PC with the free Cloud Reader, or some large screen tablet device to take advantage of this ebook.
Andrew Hoog has done an outstanding job presenting a complex topic that should interest not only advanced forensic practitioners but the typical Android Smartphone user as well. Highly recommended, whether its for work, or you want to know what "rooting" your Android phone actually does to the device.
Product Details :
Paperback: 432 pages
Publisher: Syngress; 1 edition (June 29, 2011)
Language: English
ISBN-10: 1597496510
ISBN-13: 978-1597496513
Product Dimensions: 7.5 x 0.8 x 9.2 inches
More Details about Android Forensics: Investigation, Analysis and Mobile Security for Google Android 1st edition
or
Download Android Forensics: Investigation, Analysis and Mobile Security for Google Android 1st edition PDF Ebook
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment