English

Android Anti-forensics: Modifying CyanogenMod

Cryptography and Security 2016-11-17 v1

Abstract

Mobile devices implementing Android operating systems inherently create opportunities to present environments that are conducive to anti-forensic activities. Previous mobile forensics research focused on applications and data hiding anti-forensics solutions. In this work, a set of modifications were developed and implemented on a CyanogenMod community distribution of the Android operating system. The execution of these solutions successfully prevented data extractions, blocked the installation of forensic tools, created extraction delays and presented false data to industry accepted forensic analysis tools without impacting normal use of the device. The research contribution is an initial empirical analysis of the viability of operating system modifications in an anti-forensics context along with providing the foundation for future research.

Keywords

Cite

@article{arxiv.1401.6444,
  title  = {Android Anti-forensics: Modifying CyanogenMod},
  author = {Karl-Johan Karlsson and William Bradley Glisson},
  journal= {arXiv preprint arXiv:1401.6444},
  year   = {2016}
}

Comments

Karlsson, K.-J. and W.B. Glisson, Android Anti-forensics: Modifying CyanogenMod in Hawaii International Conference on System Sciences (HICSS-47). 2014, IEEE Computer Society Press: Hawaii

R2 v1 2026-06-22T02:54:25.254Z