Data Acquisition From Android Mobile Devices

The function that a Digital Forensics Investigator (DFI) is rife with non-stop learning possibilities, mainly as technology expands and proliferates into each nook of communications, entertainment and business. As a DFI, we address a day by day onslaught of latest gadgets. Many of these gadgets, like the cell telephone or pill, use not unusual running structures that we want to be familiar with. Certainly, the Android OS is important within the tablet and cell phone industry. Given the predominance of the Android OS within the mobile device market, DFIs will run into Android gadgets inside the course of many investigations. While there are numerous models that recommend processes to obtaining records from Android gadgets, this text introduces four viable strategies that the DFI have to recall whilst proof amassing from Android devices.

A Bit of History of the Android OS

Android’s first industrial release changed into in September, 2008 with model 1.Zero. Android is the open supply and ‘unfastened to apply’ operating system for cell gadgets advanced by Google. Importantly, early on, Google and different hardware corporations formed the “Open Handset Alliance” (OHA) in 2007 to foster and support the growth of the Android within the marketplace. The OHA now consists of 84 hardware companies which include giants like Samsung, HTC, and Motorola (to call a few). This alliance was established to compete with corporations who had their own market offerings, along with aggressive devices offered by using Apple, Microsoft (Windows Phone 10 – that’s now reportedly dead to the market), and Blackberry (which has ceased making hardware). Regardless if an OS is defunct or now not, the DFI have to recognise about the numerous variations of multiple running system structures, mainly if their forensics recognition is in a selected realm, together with cellular devices.

Linux and Android

The cutting-edge generation of the Android OS is based on Linux. Keep in mind that “based on Linux” does now not imply the same old Linux apps will always run on an Android and, conversely, the Android apps which you would possibly revel in (or are acquainted with) will not always run in your Linux computer. But Linux is not Android. To clarify the point, please be aware that Google selected the Linux kernel, the essential part of the Linux working machine, to manage the hardware chipset processing in order that Google’s developers would not should be involved with the specifics of ways processing takes place on a given set of hardware. This allows their developers to focus on the broader operating machine layer and the user interface functions of the Android OS.

A Large Market Share

The Android OS has a giant marketplace share of the mobile device market, in general because of its open-supply nature. An excess of 328 million Android gadgets were shipped as of the third quarter in 2016. And, in step with netwmarketshare.Com, the Android operating system had the bulk of installations in 2017 — nearly sixty seven% — as of this writing.

As a DFI, we can assume to stumble upon Android-primarily based hardware within the course of an average research. Due to the open supply nature of the Android OS along with the numerous hardware platforms from Samsung, Motorola, HTC, and so on., the style of mixtures between hardware type and OS implementation presents a further mission. Consider that Android is currently at model 7.1.1, yet every telephone manufacturer and cell device provider will generally modify the OS for the precise hardware and provider services, giving an extra layer of complexity for the DFI, since the approach to statistics acquisition might also range.

Comparing the Widows Mobile and Android

Software giants, like Google are disrupting the otherwise secure and hooked up gamers inside the cell software development enterprise. Newcomers like Android have caused enormous structural modifications on the destiny of mobile utility improvement by using imposing their regulations. This modified surroundings now not handiest brings additional possibilities, however also adds certain constraints. Developers these days, need to assess their options and find out how they could gain from this modified surroundings.

While cell computing has caught the eye of application builders, there has been little or no work done to observe the programming ease of those technologies. Here we can take a look at two of the most extensively to be had cellular development environments – Android and Windows Mobile and discover and check those options from a developer’s perspective.

Android

Android was launched via Google in 2007, as an open supply platform for cell software program improvement for smartphones. The Android platform was launched as a part of the Open Handset Alliance. The primary aim of this alliance become to installation open requirements for smartphones. Android is essentially a Linux based totally, open source operating machine for mobiles. As a cell working system it permits developers to create managed codes in Java, by way of the use of Java libraries evolved through Google. Not most effective does Android offer a cell operating system including a improvement surroundings, it also offers a custom digital machine known as the Dalvik Virtual Machine for strolling applications in addition to acts as the middleware in among the operating system and the code. When it involves application improvement, Android helps the usage of 2D as well as 3-D image libraries, superior network abilities together with 3G, Edge and WLAN and a customized SQL engine for chronic storage.

Windows Mobile

Developed through Microsoft, the Window Mobile is an working machine for cell gadgets. Based on the Microsoft Windows CE 5.0, Windows Mobile is used as an operating system on many smartphones, PDAs and touch display devices. Windows Mobile facilitates the introduction of custom written programs in controlled as well as native codes. The Application Programming Interface (API) in Windows Mobile is extensible and has wealthy functions at the side of a programmable layer. Besides that Windows Mobile also takes advantage of the abilties provided via Microsoft.Net surroundings.

We will compare those structures and closely study their strengths and weaknesses. The platforms could be compared on the idea of implementation and performance factors in addition to developer support. We have selected these criteria for the comparison as they represent the most vital elements on the subject of cellular software program builders.

Implementation

We will use continual garage as the idea for evaluating the implementation thing. The generation used for continual storage in mobile technology varies among numerous mobile improvement environments. Both Windows Mobile and Android have the potential to apply an on-tool database which facilitates easier manipulation in addition to extraction of information. Also, as a long way as local file garage is involved both environments help memory cards for additional storage space. However, the distinction lies inside the way the garage space is exploited. While Android can’t set up applications on memory playing cards, Windows Mobile lets in it. Both Android and Windows Mobile platforms have a relational database. Also, in both the platforms the libraries have pretty a few beneficial endurance functions. Once the libraries have been initialized, get right of entry to to database is to be had via an item orientated interface which can be without problems accessed by means of builders.

Performance

Performance figures are essential for both customers as well as builders. The performance evaluation of the 2 platforms could be accomplished based on the report size. The simple purpose of measuring report size is to get a higher idea of the configuration as well as the run time dependencies which are included in packaged packages.

Android programs come packaged in apk (Android Package) files. The .APK file normally has a collection of .DEX (Android application documents) documents, which perform like a single software report for usage in the Android platform. The .APK record is basically the compressed model of the contents in the ‘Androidmanifest.Xml’ record.