Forensic Carving of Wireless Network Information from the Android Linux Kernel
نویسندگان
چکیده
.................................................................................................................... v Chapter 1 Introduction ............................................................................................. 1 1.1 Motivation ................................................................................................................. 1 1.2 Android Operating System ........................................................................................ 1 1.3 Contributions ............................................................................................................. 2 1.4 Organization .............................................................................................................. 2 Chapter 2 Related Works .......................................................................................... 4 2.1 Network Structure Carving ........................................................................................ 4 2.2 Mobile Memory Forensics ......................................................................................... 5 2.3 Volatile Memory Forensics ........................................................................................ 7 Chapter 3 Implementation........................................................................................ 8 3.1 Methodology ............................................................................................................. 8 3.2 Design ...................................................................................................................... 11 3.3 wext_stream_scan plugin ................................................................................... 13 3.4 iwe_pull and iwe_carve .................................................................................... 15 Chapter 4 Limitations ............................................................................................. 18 iv 4.1 iw_event streams in memory .............................................................................. 18 4.2 Volatility framework ................................................................................................ 19 4.3 Methodoloy and Testing ......................................................................................... 20 Chapter 5 Results ................................................................................................... 22 5.1 Acquiring Viable Memory Capture .......................................................................... 22 5.2 Analysis of Memory Captures ................................................................................. 23 4.3 Methodoloy and Testing ......................................................................................... 20 Chapter 6 Conclusion .............................................................................................. 28 5.1 Wrap-Up .................................................................................................................. 28 5.2 Future Work ............................................................................................................ 28 Appendix A .............................................................................................................. 30 References ............................................................................................................... 32
منابع مشابه
Forensic Carving of Network Packets and Associated Data Structures
Using validated carving techniques, we show that popular operating systems (e.g. Windows, Linux, and OSX) frequently have residual IP packets, Ethernet frames, and associated data structures present in system memory from long-terminated network traffic. Such information is useful for many forensic purposes including establishment of prior connection activity and services used; identification of...
متن کاملSimulate Congestion Prediction in a Wireless Network Using the LSTM Deep Learning Model
Achieved wireless networks since its beginning the prevalent wide due to the increasing wireless devices represented by smart phones and laptop, and the proliferation of networks coincides with the high speed and ease of use of the Internet and enjoy the delivery of various data such as video clips and games. Here's the show the congestion problem arises and represent aim of the research is t...
متن کاملA Review on Android Authentication System Vulnerabilities
Mobile security has become a crucial aspect of mobile computing. People are maintaining their confidential and valuable information on smart phones. Most of the users and businesses use smart phones as message tools, and means of scheduling and establishing their work and private life. Smart phones contain increasing amount of exposed information to which access must be prohibited. But security...
متن کاملVolatile Memory Message Carving: A "per process basis" Approach
The pace at which data and information transfer and storage has shifted from PCs to mobile devices is of great concern to the digital forensics community. Android is fast becoming the operating system of choice for these hand-held devices, hence the need to develop better forensic techniques for data recovery cannot be over-emphasized. This thesis analyzes the volatile memory for Motorola Andro...
متن کاملAn Overview of Android Operating System and Its Security Features
Android operating system is one of the most widely used operating system these days. Android Operating System is mainly divided into four main layers: the kernel, libraries, application framework and applications. Its kernel is based on Linux. Linux kernel is used to manage core system services such as virtual memory, networking, drivers, and power management. In these paper different features ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2013