Abstract: Aiming at the difficult problems about the forensic and the packet capture analysis of the terminals, an analytical method of mobile phone packet capture based on Android system is presented. By applying the cloud architecture, user behavior analysis concept, terminal baseband signal analysis technology, and IP communication packet analysis technology, the method can locate, forensic and analyze the terminals.

Key words: mobile phone forensic, packet capture, terminals, Android system

摘要： 针对在终端动态取证和测试工作中抓包分析困难的问题，给出了一种基于通用终端使用的手机侧抓包分析方法，该方法利用云技术架构、用户行为分析理念、终端基带信令分析技术和IP通信包分析技术，可实现对手机终端进行定位和分析取证.

关键词: 手机取证, 抓包, 终端, 安卓系统