In this research, a prototype enterprise monitoring system for Android smartphones was
developed to continuously collect many data sets of interest to incident responders, security auditors, proactive security monitors, and forensic investigators. Many of the data
sets covered were not found in other available enterprise monitoring tools. The prototype
system neither requires root privileges nor the exploiting of the Android architecture for
proper operation, thereby increasing interoperability among Android devices and avoiding
a spyware classification for the system. An anti-forensics analysis on the system was
performed to identify and further strengthen areas vulnerable to tampering. The contributions of this research include the release of the first open-source Android enterprise
monitoring solution of its kind, a comprehensive guide of data sets available for collection
without elevated privileges, and the introduction of a novel design strategy implementing
various Android application components useful for monitoring on the Android platform.