Investigating Android 10

This lab introduces mobile forensics. It concentrates on the android10 mobile system. The device focused on is the Pixel 3 mobile device. It includes instructions on how to investigate both built-in and third-party apps.

0 Intro Pixel 3

This slide gives a brief introduction of the android device chosen for this lab, Pixel 3. It gives a brief history of android devices, its architecture, and the forensics steps to be taken.

1 Pixel 3 Image

In this slide, the steps to investigate the stock image of an Android10 and the file system structure is discussed. The Android10 application package is also introduced; it details some methods to investigate common Android10 apps.

2 Pixel 3 Device Investigation

This slide focuses on the process of forensic investigations on the hardware, accounts, mac address, and wi-fi of the Pixel 3 device. It provides ideas on how to process both device and account information. 

3 Pixel 3 System Settings

This slide introduces the process of investigating system settings of the android device, Pixel 3. It goes over both the Google Mobile Services (GMS) and Google Services Framework (GSF). There is also an in-depth investigation of system setting for all users and each user.

4 Overview: App Life Cycle

This slide discusses the app life cycle; it introduces the type of apps that can be downloaded on an android phone, how the apps can be tracked, and how the user uses said apps. It also quickly talks about the app life cycle.

5.1.1 AOSP App Investigations: Messaging

This is the first of three android open source projects on app investigation; it gives an explanation of what AOSP is. This slide introduces messaging services and provides the steps/methods needed to investigate them.

5.1.2 AOSP App Investigations: Contacts

This AOSP app investigation focuses on contact management services. It introduces the service, then provides a guide for investigating contact information, call log information, and voicemail.

5.1.3 AOSP App Investigations: Calendar

This AOSP app investigation focuses on calendar services. It gives a brief introduction to the service and reason it should be investigated, then provides a sample method of investigation.

5.2.1 GMS App Investigations: Messaging

This is the first google mobile service app investigation; it focuses on the introduction and investigation of google messages. Included is also a brief explanation the concept of GMS.

5.2.2 GMS App Investigations: Dialer

This GMS app investigation focuses on the google phone dialer app. It briefly explains the app’s features then lists a method of investigation.

5.2.3 GMS App Investigations: Maps

This GMS app investigation focuses on the google maps app. It briefly explains what google maps is and what kind of information can be gotten from it. Then, using a scenario, it provides the steps to be taken for investigation.

5.2.4 GMS App Investigations: Photos

This GMS app investigation focuses on the google photos. It explains what it is,  where to find the evidence, and how to conduct an investigation. It also explains what a backup in this case is and how to know if one was carried out. 

5.3.1 Third Party App Investigation: Kik

This slide introduces the concept of third party apps on android; the main goal being the investigation of the third party app Kik. It gives a brief introduction of the app and the types of evidence it could hold then provides the steps for investigation using a scenario.

5.3.2 Third Party App Investigation: TextNow

This slide give a brief introduction to the third party app TextNow and the evidence types it could hold. Using a scenario, it goes over the method of investigation.

5.3.3 Third Party App Investigation: WhatsApp

This slide introduces the third party app WhatsApp, what it is and the types of evidence that can be found on it. It also uses a scenario to introduce the steps for investigating the app.

6 Pixel3 Rooting

In this slide, the concept of android rooting and its methods are discussed. Then ROMs/Android OS images and booting modes are introduced. It also discusses the steps and software needed to root an android. 

Forum Search

Partners & Sponsors
  • University of Baltimore
  • Towson University
  • Bureau of Justice Assistance
  • National Science Foundation
LATEST FORUM POSTS
Test post2

Test Post2

By Demo User12, 1 year ago

Finding internships

Hello, Has anyone here secured any forensic related internships for 2024? I'm collecting some data and wanted to know what...

By AP Malla, 1 year ago

Beginner network forensic investigation

How should I approach network forensic? Would you recommend learning tools like WireShark?

By AP Malla, 1 year ago

Cyber Forensic Employment: High level guidelines

Understand the Basics: Know the Field: Cyber forensics involves investigating digital crimes, analyzing electronic data, and recovering hidden, deleted, or...

By AP Malla, 1 year ago

LATEST FORUM POSTS