hi and welcome to everyday digital forensics. I'm your host. Hussaini's in on Today on mobile forensics. We're gonna go over the Android operating system.
In today's video. We're gonna
see the structure
and then from the structure kind of discussed the next colonel. It's libraries, Andrew libraries, runtime applications
and application components.
So almost brain, you see the overall android structure. It's broken down into five sections to the sections are kind of intertwined with one another,
and we'll see why later.
So on Android operating system is a stack of software components, which roughly divide into the five sections and four major layers shown,
and we're gonna be reviewing these layers
from bottom up.
So first up is the Lennox Colonel.
This is the bottom layer off on Android operating system.
It provides a level of abstraction between the device hardware, and it contains all the central hardware drivers, such as your camera, your keypad. You're just by your touch screen, etcetera.
The Lenox colonel handles networking and a vast array of device drivers
from attacker standpoint. They could modify the colonel's memory to create a very sophisticated colonel root kits.
There's a number techniques out there for infecting Colonel at run time. And these are things that investigator must take into consideration one examine device.
Some of the things that could happen is they enter Oppa handed her patching. There's function trampolines,
debug, register root kits, exception table infections. We're not going to get into how to modify current memory and things of those natures. That's more events for this picture.
on top of your colonel's, there's a set of libraries, including your open source Web browser engine weapon
Well known, my Very Living
Years sequel Light Database. And that's a very useful repository for storage and sharing of application data.
You have libraries to pay a record audio and video.
You're SSL libraries return responsible for network security and so long.
So as far as the libraries go injured, is
composed of Java based libraries very specific to an Andrew develop.
Libraries include your application frameworks, your user interface, your geographical drawing and your database access.
So within this within the android libraries layers, you just don't have drama bays libraries. You also have some cc postal space libraries containing this layer.
You have your android app, which provides access to application models and is a cornerstone of all android applications.
You're ANDREY content facilitates constant access machine and messaging between applications
and these application components local into application components
in the upcoming sides. We also have your android database, which is used to access data published
by the content providers.
And this includes your secret light database for management.
Android Open Geo. This is a job interface to open Geo ES
three D graphics.
You have your Android OS, which provides applications with access to the standard operating system services such as master messaging, insistent services and inter process communications.
Next up is Andrew Texts, which is used to render and manipulate text
your view, which is your fundamental building blocks of application interface. You also have your widget, which is a rich collection of pre built user interface components.
These can be seen as your buttons, your labels, your list, your layout managers, your radio buttons and then loss is your work. It
is a set of classes attended to allow Web browsing capabilities to be built into your application.
Within the layer of libraries, you have a section. This section provides a very key component called Doll Vic Virtual Machine,
which is very similar in nature to the job of virtual machine. It has been specifically designed and optimized for Andrew.
The straw back Virtual Machine makes use of in the next court features such as memory management and most with multi threading. And it also enables every android application to run its own process with its own instance of this virtual Shane.
As discussed in the previous line, the enduring runtime also provides a set core libraries which able on Android application developer to write android applications using the Java programming. So with this section, it allows developer to use Java programming and now have to learn a specifically new language
so revealing the application frameworks. It provides a high level service to applications in the form of Java classes. These are your activity monitoring content providers, resource manager, notification manager, you manager and others seen in the picture below. These farmers are available during the application development process.
Once of Alma Pain and Android application. This is the layer which your application
will be written and installed in pretty much living. They will sit side by side with privado applications, centrist contact, books, browsers and games.
But whenever you build an android application. It's actually living in this section. So in an investigation process, if you go into the section, you can also find applications that either the spot suspect has written or has installed
not moving over to android components. These are the building blocks of any android application,
very loosely coupled with the application manifest filed. Also known as injury manifesto XML,
as it describes each component that they interact with.
You have your activity component, which handles you are in user interactions
your services with which handle back ground processing. Broadcast receivers, which handles communication
and contact providers for trandahl data and database management.
Some additional components,
which is this with the main ones, are your fragments reviews your layouts, your intense your resource is and your Met office.
So in today's brief video, we just went over the enjoyed operating system structure. Such a salon external of the libraries, the 100 libraries, the run time application of components.
There's not too much of a dive into this
into understanding the android operating system structure for the forensics purpose. I just kind of wanted to give you an overview of what the system kind of look size
So when we do an investigation, we can point out these different layers
during our best during our investigation.
So I hope you enjoyed today's video
and I'll see you in the next one.
Evidence Handling: Do it the Right Way
This course on evidence handling will walk you through the simple yet critical process of ...
1 CEU/CPE Hours Available
Certificate of Completion Offered
Kali Linux Fundamentals
In this Kali Linux course you will learn about the industry standard tool for penetration ...
1 CEU/CPE Hours Available
Certificate of Completion Offered