Practical mobile forensics : dive into mobile forensics on iOS, Android, Windows, and BlackBerry devices with this action-packed, practical guide /
The book is an easy-to-follow guide with clear instructions on various mobile forensic techniques. The chapters and the topics within are structured for a smooth learning curve, which will swiftly empower you to master mobile forensics. If you are a budding forensic analyst, consultant, engineer, or...
Clasificación: | Libro Electrónico |
---|---|
Autor principal: | |
Otros Autores: | , |
Formato: | Electrónico eBook |
Idioma: | Inglés |
Publicado: |
Birmingham, UK :
Packt Pub.,
2014.
|
Colección: | Community experience distilled.
|
Temas: | |
Acceso en línea: | Texto completo |
Tabla de Contenidos:
- Cover; Copyright; Credits; About the Authors; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Introduction to Mobile Forensics; Mobile forensics; Mobile forensic challenges; Mobile phone evidence extraction process; The evidence intake phase; The identification phase; The legal authority; The goals of the examination; The make, model, and identifying information for the device; Removable and external data storage; Other sources of potential evidence; The preparation phase; The isolation phase; The processing phase; The verification phase.
- Comparing extracted data to the handset dataUsing multiple tools and comparing the results; Using hash values; The document and reporting phase; The presentation phase; The archiving phase; Practical mobile forensic approaches; Mobile operating systems overview; Android; iOS; Windows phone; BlackBerry OS; Mobile forensic tool leveling system; Manual extraction; Logical extraction; Hex dump; Chip-off; Micro read; Data acquisition methods; Physical acquisition; Logical acquisition; Manual acquisition; Potential evidence stored on mobile phones; Rules of evidence; Admissible; Authentic; Complete.
- ReliableBelievable; Good forensic practices; Securing the evidence; Preserving the evidence; Documenting the evidence; Documenting all changes; Summary; Chapter 2: Understanding the Internals of iOS Devices; iPhone models; iPhone hardware; iPad models; iPad hardware; File system; The HFS Plus file system; The HFS Plus volume; Disk layout; iPhone operating system; iOS history; 1.x
- the first iPhone; 2.x
- App Store and 3G; 3.x
- the first iPad; 4.x
- Game Center and multitasking; 5.x
- Siri and iCloud; 6.x
- Apple Maps; 7.x
- the iPhone 5S and beyond; The iOS architecture.
- The Cocoa Touch layerThe Media layer; The Core Services layer; The Core OS layer; iOS security; Passcode; Code signing; Sandboxing; Encryption; Data protection; Address Space Layout Randomization; Privilege separation; Stack smashing protection; Data execution prevention; Data wipe; Activation Lock; App Store; Jailbreaking; Summary; Chapter 3: Data Acquisition from iOS Devices; Operating modes of iOS devices; Normal mode; Recovery mode; DFU mode; Physical acquisition; Acquisition via a custom ramdisk; The forensic environment setup; Downloading and installing the ldid tool.
- Verifying the codesign_allocate tool pathInstalling OSXFuse; Installing Python modules; Downloading iPhone Data Protection Tools; Building the IMG3FS tool; Downloading redsn0w; Creating and loading the forensic toolkit; Downloading the iOS firmware file; Modifying the kernel; Building a custom ramdisk; Booting the custom ramdisk; Establishing communication with the device; Bypassing the passcode; Imaging the data partition; Decrypting the data partition; Recovering the deleted data; Acquisition via jailbreaking; Summary; Chapter 4: Data Acquisition from iOS Backups; iTunes backup.