Call For Papers
Contact Us

  Gathering Evidence from Android OS for Mobile Forensics  
  Authors : Srivatsa Raju S; Anjan K Koundinya; Bharathi R
  Cite as:


Android OS forensics is a procedure which involves, preserving, extracting, documenting and analyzing digital evidence from devices, which hosts Android OS. These Techniques encloses multiple phases, which includes insights of Android OS Hosting devices internal architecture, structure and digital data footprint analysis and close examination approaches. In today's world Android devices can handle multiple tasks with low computational time and memory consumption with greater speed, which requires a correct, optimized and task specific OS. In this growing market open source as well as proprietary programs or proprietary programs with illegal access and Android OS are readily available. People use untrusted sites to gain illegal access for proprietary programs. The usage of android devices is a rapidly growing sector which in turn involves an integral part of many cybercrimes and key targets for attacks. The necessity for a proper android forensics tool is an essential need for gathering evidence for conducting a proper action against crime. This paper briefly discusses various tools for collecting the digital evidence in the field.


Published In : IJCSN Journal Volume 9, Issue 4

Date of Publication : August 2020

Pages : 163-166

Figures :--

Tables : --


Srivatsa Raju S : Department of Computer Science and Engineering, B.M.S Institute of Technology & Management, Bengaluru, India.

Anjan K Koundinya : Department of Computer Science and Engineering, B.M.S Institute of Technology & Management, Bengaluru, India.

Bharathi R : Department of Computer Science and Engineering, B.M.S Institute of Technology & Management, Bengaluru, India.


Android, Operating System, Evidences, Tools, Footprints

The main goal of this paper is to study and analyze the most popular applications encrypted data storage locations in Android devices. We discuss the challenges faced during data extraction from the encrypted databases. The forensic analysis of targeted application on their current versions provides important insight to the forensic investigators as well as the researchers. This work will allow the investigators having a clear perspective about where to look for the relevant data when any of those applications involved in their case.


[1] Tayeb, Hussein & Varo, Chan. (2019). Android Mobile Device Forensics: A Review. 1-7. 10.1109/ISDFS.2019.8757493. [2] D. R. Hayes, A practical guide to computer forensics investigations. INpolis, IN, USA: Pearson, 2015, pp. 348-349. [3] N. Scrivens and X. Lin, "Android Digital Forensics: Data, Extraction and Analysis," In Proceedings of the ACM Turing 50th Celebration Conference-China. 2017. DOI: http://dx.doi.org/10.1145/3063955.3063981 [4] N. R. Roy, A. K. Khanna and L. Aneja, "Android Phone Forensic: Tools and Techniques. IEEE International Conference on Computing, Communication and Automation (ICCCA). 2016, pp. 605-610 [5] E. Casey. Digital Evidence and Computer Crime: Forensic Science, Computers, and the Internet. 2011. Academic Press. [6] M. Kwan, R. Overill, K. P. Chow, J. Silomon, H. Tse, F. Law, and P. Lai, "Evaluation of evidence in Internet auction fraud investigations. IFIP International Conference on Digital Forensics. 2010, pp. 121- 132. [7] N. Beebe, "Digital Forensic Research: The Good, the Bad and the Unaddressed," IFIP International Conference on Digital Forensics. 2009, pp. 17-36. [8] R. Ayers, S. Brothers and W. Jansen, Guidelines on Mobile Device Forensics (Draft). NIST Special Publication. 2013, 800, 101.