Skip to Content
Practical mobile forensics: dive into mobile forensics on iOS, Android, Windows, and BlackBerry devices with this action-packed, practical guide

Practical mobile forensics: dive into mobile forensics on iOS, Android, Windows, and BlackBerry devices with this action-packed, practical guide

Bommisetty, Satish; Mahalik, Heather; Tamma, Rohit

The book is an easy-to-follow guide with clear instructions on various mobile forensic techniques. The chapters and the topics within are structured for a smooth learning curve, which will swiftly empower you to master mobile forensics. If you are a budding forensic analyst, consultant, engineer, or a forensic professional wanting to expand your skillset, this is the book for you. The book will also be beneficial to those with an interest in mobile forensics or wanting to find data lost on mobile devices. It will be helpful to be familiar with forensics in general but no prior experience is re

eBook, Electronic resource, Book. English. Electronic books.
Published Birmingham, UK : Packt Pub 2014
Rate this

This resource is available electronically from the following locations

Details

Statement of responsibility: Satish Bommisetty, Rohit Tamma, Heather Mahalik
ISBN: 1783288310, 1783288329, 9781783288311, 9781783288328
Note: Online resource; title from cover (Safari, viewed Aug. 13, 2014).
Physical Description: 1 online resource (1 volume) : illustrations
Series: Community experience distilled
Subject: Microsoft Windows (Computer file); TECHNOLOGY & ENGINEERING Mechanical.; BlackBerry (Smartphone); Cell phone systems Security measures.; Android (Electronic resource); Mobile computing Security measures.; iOS (Electronic resource); IOS (Electronic resource)
Series Title: Community experience distilled.
Local note: eBooks on EBSCOhost EBSCO eBooks for FE Collection (UK)

Contents

  1. Cover
  2. Copyright
  3. Credits
  4. About the Authors
  5. About the Reviewers
  6. www.PacktPub.com
  7. Table of Contents
  8. Preface
  9. Chapter 1: Introduction to Mobile Forensics
  10. Mobile forensics
  11. Mobile forensic challenges
  12. Mobile phone evidence extraction process
  13. The evidence intake phase
  14. The identification phase
  15. The legal authority
  16. The goals of the examination
  17. The make, model, and identifying information for the device
  18. Removable and external data storage
  19. Other sources of potential evidence
  20. The preparation phase
  21. The isolation phase
  22. The processing phase
  23. The verification phase.
  24. Comparing extracted data to the handset dataUsing multiple tools and comparing the results
  25. Using hash values
  26. The document and reporting phase
  27. The presentation phase
  28. The archiving phase
  29. Practical mobile forensic approaches
  30. Mobile operating systems overview
  31. Android
  32. iOS
  33. Windows phone
  34. BlackBerry OS
  35. Mobile forensic tool leveling system
  36. Manual extraction
  37. Logical extraction
  38. Hex dump
  39. Chip-off
  40. Micro read
  41. Data acquisition methods
  42. Physical acquisition
  43. Logical acquisition
  44. Manual acquisition
  45. Potential evidence stored on mobile phones
  46. Rules of evidence
  47. Admissible
  48. Authentic
  49. Complete.
  50. ReliableBelievable; Good forensic practices; Securing the evidence; Preserving the evidence; Documenting the evidence; Documenting all changes; Summary; Chapter 2: Understanding the Internals of iOS Devices; iPhone models; iPhone hardware; iPad models; iPad hardware; File system; The HFS Plus file system; The HFS Plus volume; Disk layout; iPhone operating system; iOS history; 1.x
  51. the first iPhone; 2.x
  52. App Store and 3G; 3.x
  53. the first iPad; 4.x
  54. Game Center and multitasking; 5.x
  55. Siri and iCloud; 6.x
  56. Apple Maps; 7.x
  57. the iPhone 5S and beyond; The iOS architecture.
  58. The Cocoa Touch layerThe Media layer
  59. The Core Services layer
  60. The Core OS layer
  61. iOS security
  62. Passcode
  63. Code signing
  64. Sandboxing
  65. Encryption
  66. Data protection
  67. Address Space Layout Randomization
  68. Privilege separation
  69. Stack smashing protection
  70. Data execution prevention
  71. Data wipe
  72. Activation Lock
  73. App Store
  74. Jailbreaking
  75. Summary
  76. Chapter 3: Data Acquisition from iOS Devices
  77. Operating modes of iOS devices
  78. Normal mode
  79. Recovery mode
  80. DFU mode
  81. Physical acquisition
  82. Acquisition via a custom ramdisk
  83. The forensic environment setup
  84. Downloading and installing the ldid tool.
  85. Verifying the codesign_allocate tool pathInstalling OSXFuse
  86. Installing Python modules
  87. Downloading iPhone Data Protection Tools
  88. Building the IMG3FS tool
  89. Downloading redsn0w
  90. Creating and loading the forensic toolkit
  91. Downloading the iOS firmware file
  92. Modifying the kernel
  93. Building a custom ramdisk
  94. Booting the custom ramdisk
  95. Establishing communication with the device
  96. Bypassing the passcode
  97. Imaging the data partition
  98. Decrypting the data partition
  99. Recovering the deleted data
  100. Acquisition via jailbreaking
  101. Summary
  102. Chapter 4: Data Acquisition from iOS Backups
  103. iTunes backup.