Mobile forensics - advanced investigative strategies : master powerful strategies to acquire and analyze evidence from real-life scenarios /

Mostrar otras versiones (1)

Annotation

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Afonin, Oleg (Autor)
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Birmingham, UK : Packt Publishing, 2016.
Temas:
Mobile device forensics.
Computer crimes > Investigation.
Mobile communication systems.
Forensic sciences.
Forensic Sciences
Analyse judiciaire des appareils mobiles.
Criminalité informatique > Enquêtes.
Radiocommunications mobiles.
Criminalistique.
forensic science.
COMPUTERS > Security > General.
Mobile communication systems
Forensic sciences
Computer crimes > Investigation
Mobile device forensics
Acceso en línea:Texto completo
Tabla de Contenidos:
  • Cover; Copyright; Credits; Foreword; About the Authors; About the Reviewer; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Introducing Mobile Forensics; Why we need mobile forensics; Available information; Mobile devices; Personal computers; Cloud storage; Stages of mobile forensics; Stage 1
  • device seizure; Seizing
  • what and how should we€seize?; The use of Faraday bags; Keeping the power on; Dealing with the kill switch; Mobile device anti-forensics; Stage 2
  • data acquisition; Root, jailbreak, and unlocked bootloader; Android ADB debugging; SIM cloning; SIM card memory.
  • Memory cardStage 3
  • data analysis; Summary; Chapter 2: Acquisition Methods Overview; Over-the-air acquisition; Apple iCloud; Windows Phone 8, Windows 10 Mobile, and Windows RT/8/8.1/10; Google Android; Logical acquisition (backup analysis); Apple iOS; BlackBerry 10; Android; Nandroid backups; Physical acquisition; Apple iOS; Android; Windows Phone 8 and Windows 10 Mobile; Limitations and availability; Tools for physical acquisition; JTAG; Chip-off; In-system programming; Summary; Chapter 3: Acquisition
  • Approaching Android Devices; Android platform fragmentation.
  • AOSP, GMS, and their forensic implicationsAndroid logical acquisition; OEM software; Android acquisition
  • special considerations; Unallocated space; eMMC storage; Remapping and overprovisioning; Wear leveling; Trimming; What happens to the deleted data?; JTAG forensics; When to JTAG a device; Limitations of JTAG forensics; Step-by-step JTAG acquisition; Chip-off acquisition; Chip-off and encryption; In-system programming forensics; Summary; Chapter 4: Practical Steps to Android Acquisition; Android physical acquisition; Encryption; Approaching physical acquisition.
  • Encryption status
  • Is the data partition encrypted?Service mode available; LG smartphones; Devices based on the Qualcomm reference platform; Mediatek-based Chinese phones; Bootloaded status; Root status; LG smartphones' LAF mode; MediaTek smartphones; Qualcomm bootloader exploit; Qualcomm-based smartphones
  • HS-USB 9006; Encryption; The Qualcomm 9006 mode; Tools for imaging via Qualcomm Download Mode 9006; Using custom recoveries; Imaging via custom recovery
  • making a Nandroid backup; Imaging via custom recovery
  • physical imaging via dd; Imaging the device; NANDroid backups.
  • Is unlocked bootloader required?Is root access required?; Producing a Nandroid backup; Analyzing Nandroid backups; Live imaging; Live imaging with root (via dd); Live imaging without root (via ADB backup); Live imaging using Oxygen Forensic Suite; Google Account acquisition
  • over-the-air; Why Google Account?; Google Account
  • what's inside?; A word on Android backups; Google Takeout; Google Account acquisition and analysis using Elcomsoft Cloud Explorer; Two-factor authentication; User alerts; Viewing, searching, and analyzing data; Summary.
  • Chapter 5: iOS
  • Introduction and Physical Acquisition.

Ejemplares similares