Scribd Logo
Upload

Welcome to Scribd!

  • Android File Hierarchy

    Uploaded by

    Paulo Fegueredo
    6 views2 pages
    The Android file hierarchy contains several important partitions and file systems. The /boot partition contains files needed for booting, /system contains system files, /data stores application data, /cache stores frequently accessed data, and /misc stores miscellaneous settings. The /sdcard partition holds information on the SD card. Key file systems include Ext4, VFAT, YAFFS2, F2FS, and RFS, with Proc and Tmpfs being important for forensic analysis due to containing kernel and process information.

    Original Description:

    Hierarquia do Sistema de arquivo Android

    Original Title

    Android-File-Hierarchy

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The Android file hierarchy contains several important partitions and file systems. The /boot partition contains files needed for booting, /system contains system files, /data stores application data, /cache stores frequently accessed data, and /misc stores miscellaneous settings. The /sdcard partition holds information on the SD card. Key file systems include Ext4, VFAT, YAFFS2, F2FS, and RFS, with Proc and Tmpfs being important for forensic analysis due to containing kernel and process information.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    6 views2 pages

    Android File Hierarchy

    Uploaded by

    Paulo Fegueredo
    The Android file hierarchy contains several important partitions and file systems. The /boot partition contains files needed for booting, /system contains system files, /data stores application data, /cache stores frequently accessed data, and /misc stores miscellaneous settings. The /sdcard partition holds information on the SD card. Key file systems include Ext4, VFAT, YAFFS2, F2FS, and RFS, with Proc and Tmpfs being important for forensic analysis due to containing kernel and process information.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 2

    Android File Hierarchy

    /boot Information and files needed for boot; containts


    kernel and RAM disk
    /system Contains system files other than kernel and RAM
    disk; should never been deleted as the device will
    be unbootable
    */recovery Backup purposes and allows the booting into
    recovery mode
    /data Data of each application; data belonging to user
    such as contacts, SMS, dialed numbers, etc
    */cache Stores frequently accessed data and some logs for
    faster retrieval; important to forensic
    investigations as data residing may no longer be
    present in /data partition
    */misc Contains information about miscellaneous
    settings; settings define state of the device – on or
    off- hardware settings, USB settings, etc.; accessed
    from folder
    /sdcard Holds all information present on the SD card;
    contains pictures, videos, files and documents, etc.

    Important File systems


    Significant to
    Investigation?
    Root file system (Rootfs) Contains information required
    to boot; if this file system is
    corrupted, device cannot be
    booted
    Sysfs mounts/sys folder which No
    contains information about the
    configuration of the device;
    Devpts Presents an interface to the No
    Terminal session on the device;
    mounted at /dev/pts
    Cgroup Control groups; tracks the job of No
    Android devices; not very useful
    for forensic analysis
    Proc Information about kernel data Yes
    structures, processes, and
    system-related information in
    the /proc directory;
    Tmpfs Temporary storage facility that Yes
    stores RAM (volatile memory);
    Common File Systems
    EXT4 Fourth version of the extended
    file system; significant in devices
    with dual-core processors
    VFAT Extension of the FAT16 and
    FAT32 file systems; SD cards are
    formatted using the FAT32
    version
    YAFFS2 (Yet Another Flash File Open source single-threaded file
    System 2) system that is fast and deals with
    NAND flash; log-structured file
    system; not supported by newer
    kernel versions
    (F2FS) Flash Friendly File Supports Samsung devices
    System running Linux 3.8 kernel; log-
    structured methods that
    optimizes NAND flash memory
    Robust File System (RFS) Supports NAND flash memory on
    Samsung devices and is a FAT16
    or FAT32 file system where
    journaling is enabled through
    transaction logs

    Source: Practical Mobile Forensics Third Edition, Tamma,R., et. al

    You might also like