The Research on Remote Data Extraction for Android Mobile

Jiang Du, Ya-cui Chang


In the internet age, electronic evidence has gradually *replaced the traditional evidence, to ensure that the electronic evidence is non-destructive, legal, comprehensive, real-time has become an important issue to consider in the process of forensics. In this paper, based on these principles of evidence, and in order to save the cost of material and manpower, we propose a method of remote mobile phone forensics based on the Android OS platform. the first step is to extract local file data from the remote mobile phone, then in order to ensure the integrity of the data, every file must have a valid checksum. Second, the extracted files will be sent to the PC server through the network, to prevent data eavesdropping, tampering, being intercepted, we transfer data by HTTPS with two-way authentication. Finally, when PC server receive the data files, we calculate the hash of files to check the integrity of files. The method mentioned in the article is particularly applicable to institutions in remote areas wanting to do forensic identification.


Full Text:



  • There are currently no refbacks.