الفهرس 
AbstractOnly 14 pages are availabe for public view
 |  | from | 127 |  |  |
| | | from | 127 | | |
Abstract
Nowadays there are more than three billion Smartphone users all over the world, principally Android smartphone users. Android OS became the most popular operating system according to its sales in the fourth quarter of 2016 that was about 400 million devices. Android smartphones spread very fast because of its small size and its ease to help users in most tasks of their daily life. Users can use smartphones to make calls, play games with friends, send SMS, send emails, access social media, send instant messages, etc. There is a big probability that these devices may be used in crimes. Smartphones can give huge amount of evidence and information to forensic investigators if a crime has happened. Therefore. In our research, it has been chosen mobile forensic science and principally Android forensic to introduce. Also, it shows how mobile forensic science can help investigators in collecting and analyzing evidence data from smartphones with four forensic tools: MOBILedit, Oxygen forensic, Autopsy and Andriller and make a comparison among them while extracting data from a smartphone and a tablet with different Android versions in three factors: the speed of each tool, the quantity of extracted data as social media data, WhatsApp data, etc., and the efficiency of the extracted data. On the other hand, the research aims to examine the extracted data, identify the important extracted data and the unreadable data. So, the evidence can be accepted in a court of law. The thesis proves that the free open source tools could extract many evidence data, but not as good as the extracted data with a paid tool as MOBILedit forensic tool. MOBILedit forensic tool is better in both the quantity and accuracy of data extracted from Smartphones in both Android version 4.4.2 and version 6.0.1 whether smartphone with root permission or not than other tools. Andriller tool and Autopsy tool are extracting data equivalent to the data extracted by MOBILedit forensic tool from smartphones without root permission. Autopsy and Andriller tools extract data from smartphone with Android version 6.0.1 better than with version 4.4.2. Andriller extract data from smartphone with root permission better than without.