Streamlining extraction and analysis of android RAM images
- The Android operating system powers the majority of the world’s mobile devices and has been becoming increasingly important in day-to-day digital forensics. Therefore, technicians and analysts are in need of reliable methods for extracting and analyzing memory images from live Android systems. This paper takes different existing, extraction methods and derives a universal, reproducible, reliably documented method for both extraction and analysis. In addition the VOLIX II front-end for the Volatility Framework is extended with additional functionality to make the analysis of Android memory images easier for technically non-adept users.
Author: | Simon Broenner, Hans-Wilhelm Höfken, Marko SchubaORCiD |
---|---|
DOI: | https://doi.org/10.5220/0005652802550264 |
ISBN: | 978-989-758-167-0 |
Parent Title (English): | Proceedings of the 2nd International Conference on Information Systems Security and Privacy - ICISSP |
Publisher: | SciTePress |
Place of publication: | Setúbal |
Document Type: | Conference Proceeding |
Language: | English |
Year of Completion: | 2016 |
Creating Corporation: | ICISSP International Conference on Information Systems Security and Privacy <2, 2016, Rome, Italy> |
First Page: | 255 |
Last Page: | 264 |
Link: | https://doi.org/10.5220/0005652802550264 |
Zugriffsart: | weltweit |
Institutes: | FH Aachen / ECSM European Center for Sustainable Mobility |
FH Aachen / Fachbereich Elektrotechnik und Informationstechnik | |
Licence (German): | Creative Commons - Namensnennung-Nicht kommerziell-Keine Bearbeitung |