A forensics method for android devices based on the technique of temporary root

Abstract

Nowadays, Android devices become more and more popular, which attracts the attention of the forensics workers. As Android devices have a perfect security mechanism, the root privileges of Android devices are required to obtain electronic evidence effectively. The existing methods of obtaining the root privileges in Android devices mainly based on the third-party tool. Although the methods are widely used, the drawback of this root method based on the third-party tools is uncontrollable. In this article, a temporary root method is presented. It is based on the vulnerabilities of the Android system. Moreover, this root method is applied to the acquisition of the physical images for Android devices. This root method utilizes an appropriate strategy and the vulnerabilities of the Android system to acquire the root privileges effectively. In the course of practice, this root method has the advantages of completely controllable and convenient.