Practical mobile forensics : forensically investigate and analyze iOS, Android, and Windows 10 Devices /: forensically investigate and analyze iOS, Android, and Windows 10 Devices. (2020)
- Record Type:
- Book
- Title:
- Practical mobile forensics : forensically investigate and analyze iOS, Android, and Windows 10 Devices /: forensically investigate and analyze iOS, Android, and Windows 10 Devices. (2020)
- Main Title:
- Practical mobile forensics : forensically investigate and analyze iOS, Android, and Windows 10 Devices
- Further Information:
- Note: Rohit Tamma, Oleg Skulkin, Heather Mahalik, Satish Bommisetty.
- Authors:
- Tamma, Rohit
Skulkin, Oleg
Mahalik, Heather
Bommisetty, Satish - Contents:
- Cover -- Title Page -- Copyright and Credits -- About Packt -- Contributors -- Table of Contents -- Preface -- Chapter 01: Introduction to Mobile Forensics -- The need for mobile forensics -- Understanding mobile forensics -- Challenges in mobile forensics -- The mobile phone evidence extraction process -- The evidence intake phase -- The identification phase -- The legal authority -- Data that needs to be extracted -- The make, model, and identifying information for the device -- Data storage media -- Other sources of potential evidence -- The preparation phase -- The isolation phase The processing phase -- The verification phase -- The documenting and reporting phase -- The archiving phase -- Practical mobile forensic approaches -- Understanding mobile operating systems -- Android -- iOS -- Windows Phone -- Mobile forensic tool leveling system -- Manual extraction -- Logical analysis -- Hex dump -- Chip-off -- Micro read -- Data acquisition methods -- Physical acquisition -- Logical acquisition -- Manual acquisition -- Potential evidence stored on mobile phones -- Examination and analysis -- Rules of evidence -- Good forensic practices -- Securing the evidence Preserving the evidence -- Documenting the evidence and changes -- Reporting -- Summary -- Section 1: iOS Forensics -- Chapter 02: Understanding the Internals of iOS Devices -- iPhone models and hardware -- Identifying the correct hardware model -- Understanding the iPhone hardware -- iPad models and hardware --Cover -- Title Page -- Copyright and Credits -- About Packt -- Contributors -- Table of Contents -- Preface -- Chapter 01: Introduction to Mobile Forensics -- The need for mobile forensics -- Understanding mobile forensics -- Challenges in mobile forensics -- The mobile phone evidence extraction process -- The evidence intake phase -- The identification phase -- The legal authority -- Data that needs to be extracted -- The make, model, and identifying information for the device -- Data storage media -- Other sources of potential evidence -- The preparation phase -- The isolation phase The processing phase -- The verification phase -- The documenting and reporting phase -- The archiving phase -- Practical mobile forensic approaches -- Understanding mobile operating systems -- Android -- iOS -- Windows Phone -- Mobile forensic tool leveling system -- Manual extraction -- Logical analysis -- Hex dump -- Chip-off -- Micro read -- Data acquisition methods -- Physical acquisition -- Logical acquisition -- Manual acquisition -- Potential evidence stored on mobile phones -- Examination and analysis -- Rules of evidence -- Good forensic practices -- Securing the evidence Preserving the evidence -- Documenting the evidence and changes -- Reporting -- Summary -- Section 1: iOS Forensics -- Chapter 02: Understanding the Internals of iOS Devices -- iPhone models and hardware -- Identifying the correct hardware model -- Understanding the iPhone hardware -- iPad models and hardware -- Understanding the iPad hardware -- The HFS Plus and APFS filesystems -- The HFS Plus filesystem -- The HFS Plus volume -- The APFS filesystem -- The APFS structure -- Disk layout -- The iPhone OS -- The iOS architecture -- iOS security -- Passcodes, Touch ID, and Face ID -- Code signing Sandboxing -- Encryption -- Data protection -- Address Space Layout Randomization (ASLR) -- Privilege separation -- Stack-smashing protection -- Data Execution Prevention (DEP) -- Data wiping -- Activation Lock -- The App Store -- Jailbreaking -- Summary -- Chapter 03: Data Acquisition from iOS Devices -- Operating modes of iOS devices -- Normal mode -- Recovery mode -- DFU mode -- Setting up the forensic environment -- Password protection and potential bypasses -- Logical acquisition -- Practical logical acquisition with libimobiledevice Practical logical acquisition with the Belkasoft Acquisition Tool -- Practical logical acquisition with Magnet ACQUIRE -- Filesystem acquisition -- Practical jailbreaking -- Practical filesystem acquisition with free tools -- Practical filesystem acquisition with Elcomsoft iOS Forensic Toolkit -- Summary -- Chapter 04: Data Acquisition from iOS Backups -- Working with iTunes backups -- Creating and analyzing backups with iTunes -- Understanding the backup structure -- info.plist -- manifest.plist -- status.plist -- manifest.db -- Extracting unencrypted backups -- iBackup Viewer -- iExplorer … (more)
- Edition:
- Fourth edition
- Publisher Details:
- Birmingham : Packt Publishing, Limited
- Publication Date:
- 2020
- Extent:
- 1 online resource (384 pages), color illustrations
- Subjects:
- 005.8
Mobile computing -- Security measures
Cell phone systems -- Security measures
Computer crimes -- Investigation
Electronic books - Languages:
- English
- ISBNs:
- 9781838644420
1838644423 - Notes:
- Note: Description based on print version record.
- Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.503480
- Ingest File:
- 03_076.xml