The Research Of Mobile Phone Forensics Method Based On Android

Smartphone has become an essential tool for everyday life. The increasingly rich mobileapplications greatly facilitate people’s daily lives, but also expose user’s sensitive data. Smartphonebecomes a new tool of crime or an object of crime, such as the use of mobile phones in the fraud,stealing smartphone’s personal privacy information, and other illegal and criminal activities.Therefore, it is critical and practical to get the valuable evidence information from the smartphonequickly and legally in order to crack down on the crime of mobile phones.Firstly, the article analyzes the current status of smartphone forensics based Android and putsforward the Android mobile phone forensics process model, combining with the features of Androidsystem and the principle of cell phone forensics. Secondly, according to the study of the Androidpermission assignment mechanism, the article puts forward a temporary root extraction method forthe2.2-4.0.3version of Android mobile phone. Then, the paper conducts static forensics on the keyinformation of the Android phone including the basic information and four kinds of applicationinformation, linearly analyzing the potential evidence, and applies the dynamic forensics methodbecause of the disadvantage of static forensics. Finally, the visualization method based on the phoneinformation network is prososed by solving the heavy and time-consuming linear analysis problem.The timeline model and phone information network model are built on the basis of the key data ofmobile phone. In combination with the phone information network model, the graph drawingalgorithm based on the phone information network is implemented and some graph examples aredrawn for analysis. The result shows that the algorithm can map the relationship contained in theinformation into a two-dimensional network so that forensic investigators can directly see thepotential inoformatin in the network and make a choice promptly combining with the case.The paper finally applies the above research results to the Android smartphone forensics systemby programming,including static forensics module、dynamic forensics module and informationnetwork visualization module. Doing test on lots of Android smartphones including the author’ssmartphone. The result indicates that the system is of high practicability.