Mobile devices implementing Android operating
systems inherently create opportunities to present
environments that are conducive to anti-forensic
activities. Previous mobile forensics research focused
on applications and data hiding anti-forensics
solutions. In this work, a set of modifications were
developed and implemented on a CyanogenMod
community distribution of the Android operating
system. The execution of these solutions successfully
prevented data extractions, blocked the installation of
forensic tools, created extraction delays and
presented false data to industry accepted forensic
analysis tools without impacting normal use of the
device. The research contribution is an initial
empirical analysis of the viability of operating system
modifications in an anti-forensics context along with
providing the foundation for future research
more here........http://www.computer.org/csdl/proceedings/hicss/2014/2504/00/2504e828.pdf
systems inherently create opportunities to present
environments that are conducive to anti-forensic
activities. Previous mobile forensics research focused
on applications and data hiding anti-forensics
solutions. In this work, a set of modifications were
developed and implemented on a CyanogenMod
community distribution of the Android operating
system. The execution of these solutions successfully
prevented data extractions, blocked the installation of
forensic tools, created extraction delays and
presented false data to industry accepted forensic
analysis tools without impacting normal use of the
device. The research contribution is an initial
empirical analysis of the viability of operating system
modifications in an anti-forensics context along with
providing the foundation for future research
more here........http://www.computer.org/csdl/proceedings/hicss/2014/2504/00/2504e828.pdf