Cargando…

Practical mobile forensics : dive into mobile forensics on iOS, Android, Windows, and BlackBerry devices with this action-packed, practical guide /

The book is an easy-to-follow guide with clear instructions on various mobile forensic techniques. The chapters and the topics within are structured for a smooth learning curve, which will swiftly empower you to master mobile forensics. If you are a budding forensic analyst, consultant, engineer, or...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Bommisetty, Satish
Otros Autores: Tamma, Rohit, Mahalik, Heather
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Birmingham, UK : Packt Pub., 2014.
Colección:Community experience distilled.
Temas:
Acceso en línea:Texto completo
Tabla de Contenidos:
  • Cover; Copyright; Credits; About the Authors; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Introduction to Mobile Forensics; Mobile forensics; Mobile forensic challenges; Mobile phone evidence extraction process; The evidence intake phase; The identification phase; The legal authority; The goals of the examination; The make, model, and identifying information for the device; Removable and external data storage; Other sources of potential evidence; The preparation phase; The isolation phase; The processing phase; The verification phase.
  • Comparing extracted data to the handset dataUsing multiple tools and comparing the results; Using hash values; The document and reporting phase; The presentation phase; The archiving phase; Practical mobile forensic approaches; Mobile operating systems overview; Android; iOS; Windows phone; BlackBerry OS; Mobile forensic tool leveling system; Manual extraction; Logical extraction; Hex dump; Chip-off; Micro read; Data acquisition methods; Physical acquisition; Logical acquisition; Manual acquisition; Potential evidence stored on mobile phones; Rules of evidence; Admissible; Authentic; Complete.
  • ReliableBelievable; Good forensic practices; Securing the evidence; Preserving the evidence; Documenting the evidence; Documenting all changes; Summary; Chapter 2: Understanding the Internals of iOS Devices; iPhone models; iPhone hardware; iPad models; iPad hardware; File system; The HFS Plus file system; The HFS Plus volume; Disk layout; iPhone operating system; iOS history; 1.x
  • the first iPhone; 2.x
  • App Store and 3G; 3.x
  • the first iPad; 4.x
  • Game Center and multitasking; 5.x
  • Siri and iCloud; 6.x
  • Apple Maps; 7.x
  • the iPhone 5S and beyond; The iOS architecture.
  • The Cocoa Touch layerThe Media layer; The Core Services layer; The Core OS layer; iOS security; Passcode; Code signing; Sandboxing; Encryption; Data protection; Address Space Layout Randomization; Privilege separation; Stack smashing protection; Data execution prevention; Data wipe; Activation Lock; App Store; Jailbreaking; Summary; Chapter 3: Data Acquisition from iOS Devices; Operating modes of iOS devices; Normal mode; Recovery mode; DFU mode; Physical acquisition; Acquisition via a custom ramdisk; The forensic environment setup; Downloading and installing the ldid tool.
  • Verifying the codesign_allocate tool pathInstalling OSXFuse; Installing Python modules; Downloading iPhone Data Protection Tools; Building the IMG3FS tool; Downloading redsn0w; Creating and loading the forensic toolkit; Downloading the iOS firmware file; Modifying the kernel; Building a custom ramdisk; Booting the custom ramdisk; Establishing communication with the device; Bypassing the passcode; Imaging the data partition; Decrypting the data partition; Recovering the deleted data; Acquisition via jailbreaking; Summary; Chapter 4: Data Acquisition from iOS Backups; iTunes backup.