Practical Mobile Forensics
上QQ阅读APP看书,第一时间看更新

What this book covers

Chapter 1, Introduction to Mobile Forensics, introduces you to the concept of mobile forensics, core values, and its limitations. The chapter also provides an overview of practical approaches and best practices involved in performing mobile forensics.

Chapter 2, Understanding the Internals of iOS Devices, provides an overview of the popular Apple iOS devices, including an outline of different models and their hardware. The book explains iOS security features and device security and its impact on the iOS forensics approach. The chapter also gives an overview of the iOS file system and outlines the sensitive files that are useful for forensic examinations.

Chapter 3, Data Acquisition from iOS Devices, covers various types of forensic acquisition methods that can be performed on iOS devices and guides you through preparing your desktop machine for forensic work. The chapter also discusses passcode bypass techniques, the physical extraction of devices, and different ways that the device can be imaged.

Chapter 4, Data Acquisition from iOS Backups, provides a detailed explanation of different types of iOS backups and details what types of files are stored during the backup. The chapter also covers logical acquisition techniques to recover data from backups.

Chapter 5, iOS Data Analysis and Recovery, discusses the type of data that is stored on iOS devices and the general location of this data storage. Common file types used in iOS devices, such as plist and SQLite, are discussed in detail so you understand how data is stored on the device, which will help forensic examiners to efficiently recover data from these files.

Chapter 6, iOS Forensic Tools, provides an overview of the existing open source and commercial iOS forensics tools. These tools differ in the range of mobile phones they support and the amount of data that they can recover. The chapter describes the advantages and limitations of these tools.

Chapter 7, Understanding Android, introduces you to the Android model, file system, and its security features. It provides an explanation of how data is stored in any android device, which will be useful while carrying out forensic investigations.

Chapter 8, Android Forensic Setup and Pre Data Extraction Techniques, guides you through the Android forensic setup and other techniques to follow before extracting any information. Screen lock bypass techniques and gaining root access are also discussed in this chapter.

Chapter 9, Android Data Extraction Techniques, provides an explanation of physical, file system, and logical acquisition techniques to extract information from an Android device.

Chapter 10, Android Data Recovery Techniques, explains the possibilities and limitations for data recovery on Android devices. This chapter also covers the process to reverse engineer Android applications to unearth crucial information.

Chapter 11, Android App Analysis and Overview of Forensic Tools, covers various available open source and commercial tools, which are helpful during forensic examination of Android devices.

Chapter 12, Windows Phone Forensics, provides a basic overview of forensic approaches when dealing with Windows Phone devices.

Chapter 13, BlackBerry Forensics, provides forensic approaches to include acquisition and analysis techniques when dealing with BlackBerry devices. BlackBerry encryption and data protection is also addressed.