Abstract:
This paper performs a comparative analysis of
Android mobile forensics tools which are used for
acquisition and analyzing of Android mobile devices.
The major challenges of Android forensics
investigation are manufacturing of Android devices
with various operating system versions and there is
no single tool which can be used for all sorts of
Android devices. Aiming to overcome these
challenges and increase more accuracy and integrity
in Android forensic investigation, we made
comparative analysis on both open source tools and
one commercial tool. Logical and physical
acquisition methods were utilized to acquire data
from Android devices. Android Debug Bridge backup,
Linux Data Duplicator utility tool, Magnet Acquire
and Belkasoft Acquisition tools were used for
acquisition. Two popular analyzing tools such as
Autopsy and Belkasoft Evidence Center were utilized
to analyze acquired data. The results show that using
multiple tools can get more accuracy and integrity of
artifacts which is forensically sound.
