- Page 2: AbstractIn forensic analysis of mob
- Page 8 and 9: Chapter 1IntroductionAccording to t
- Page 10 and 11: forensics tools Cellebrite and XRY
- Page 12 and 13: 2.1.1 Data hidingFor PC anti-forens
- Page 14 and 15: Detecting a USB connection suffers
- Page 16 and 17: protected program can access it, as
- Page 18 and 19: modifications at different times, t
- Page 20 and 21: esponsible for handling security an
- Page 22 and 23: contact lists registers that it pro
- Page 24 and 25: Several projects have built upon th
- Page 26 and 27: to return false data to the tools.
- Page 28 and 29: 6. Connection to a forensic analysi
- Page 30 and 31: To install it, then, requires the c
- Page 32 and 33: Step 4 According to the documentati
- Page 34 and 35: Chapter 5Implementation, testing an
- Page 38 and 39: 200-500 small writes in the time fr
- Page 40 and 41: make the data impossible to spot in
- Page 42 and 43: had time to isolate the phone befor
- Page 44 and 45: abort the extraction and show the e
- Page 46 and 47: (a) Extraction summary(b) Extractio
- Page 48 and 49: Figure 5.11: Cellebrite extraction
- Page 50 and 51: Figure 5.14: Contacts fed to Celleb
- Page 52 and 53: (a) Cellebrite extraction report(b)
- Page 54 and 55: (a) SIM contacts visible(b) SIM con
- Page 56 and 57: Chapter 6ConclusionsThis dissertati
- Page 58 and 59: Android is an open system, with spe
- Page 60 and 61: • Hide SIM contacts from the fore
- Page 62 and 63: that it is possible to use Java ref
- Page 64 and 65: 7.3 EncryptionStarting with version
- Page 66 and 67: operating system components, but th
- Page 68 and 69: Appendix BTool behaviourThe followi
- Page 70 and 71: S e l e c t i o n : i d = 1 ANDmime
- Page 72 and 73: Appendix CSource codeC.1 USBMonitor
- Page 74 and 75: ∗/private S t r i n g e o l ;priv
- Page 76 and 77: }}Bundle e x t r a s = i n t e n t
- Page 78 and 79: index 3 bee54d . . 0 0 be75e 100644
- Page 80 and 81: 73import android . p r o v i d e r
- Page 82 and 83: + }+ r e t u r n n u l l ;+ }+@Over
- Page 84 and 85: @@ −4349 ,6 +4384 ,7 @@ p u b l i
- Page 86 and 87:
c a s e POSTALS: {+ Log . i (TAG,
- Page 88 and 89:
qb . setProjectionMap ( sGroupsSumm
- Page 90 and 91:
c a s e RAW CONTACT ENTITIES: {+ Lo
- Page 92 and 93:
index f 2 b 6 f c e . . 1 eb2972 10
- Page 94 and 95:
87++ // A t t r i b u t e s c o n s
- Page 96 and 97:
89+ i n t s t r O f f = s t O f f +
- Page 98 and 99:
C.4 Delayed responsesThis is the co
- Page 100 and 101:
+ p r i v a t e boolean c a l l e r
- Page 102 and 103:
95index 00 be75e . . cb000e9 100644
- Page 104 and 105:
p r i v a t e boolean i n i t i a l
- Page 106 and 107:
99+ // no d e l e t e d c o n t a c
- Page 108 and 109:
101+ Log . i (TAG, ” Unknown quer
- Page 110 and 111:
103+ // I n t e n t i o n a l l y r
- Page 112 and 113:
105+ ” n u l l as ” + Structure
- Page 114 and 115:
107+ ” ” + PhoneticNameStyle .U
- Page 116 and 117:
C.6 False data from alternate datab
- Page 118 and 119:
− p r i v a t e s t a t i c f i n
- Page 120 and 121:
+import com . android . p r o v i d
- Page 122 and 123:
Log . i (TAG, ” S e l e c t i o n
- Page 124 and 125:
C.7 Delayed restorationThis is the
- Page 126 and 127:
119+ Log . i (TAG, ” Faking ” +
- Page 128 and 129:
121− // b e f o r e and a f t e r
- Page 130 and 131:
C.8 Hiding SIM contactsThis is the
- Page 132 and 133:
++ // This i s the CyanogenMod 7 .
- Page 134 and 135:
ArrayList r e s u l t s ;− i f (
- Page 136 and 137:
index c218592 . . a4dbaae 100644−
- Page 138 and 139:
131+ /∗+ ∗ ( non−Javadoc )+
- Page 140 and 141:
package com . android . p r o v i d
- Page 142 and 143:
135++ /∗+ ∗ ( non−Javadoc )+
- Page 144 and 145:
137+ Log . i (TAG, ” Running quer
- Page 146 and 147:
Appendix EDeclaration of originalit
- Page 148 and 149:
[8] Android development guides—Th
- Page 150 and 151:
[34] Tarpit (networking). http://en
- Page 152 and 153:
[53] ACPO e-crime working group. Go
- Page 154 and 155:
[73] Android Open Source Project. L
- Page 156:
[94] Randal Vaughn and Gadi Evron.