eBook - ePub

Mastering Mobile Forensics

Name: Mastering Mobile Forensics
Author: Soufiane Tahiri

Soufiane Tahiri,

318 pages
English
ePUB (mobile friendly)
Available on iOS & Android

eBook - ePub

Mastering Mobile Forensics

Soufiane Tahiri,

Book details

Book preview

Table of contents

Citations

About This Book

Develop the capacity to dig deeper into mobile device data acquisition

About This Book

A mastering guide to help you overcome the roadblocks you face when dealing with mobile forensics
Excel at the art of extracting data, recovering deleted data, bypassing screen locks, and much more
Get best practices to how to collect and analyze mobile device data and accurately document your investigations

Who This Book Is For

The book is for mobile forensics professionals who have experience in handling forensic tools and methods. This book is designed for skilled digital forensic examiners, mobile forensic investigators, and law enforcement officers.

What You Will Learn

Understand the mobile forensics process model and get guidelines on mobile device forensics
Acquire in-depth knowledge about smartphone acquisition and acquisition methods
Gain a solid understanding of the architecture of operating systems, file formats, and mobile phone internal memory
Explore the topics of of mobile security, data leak, and evidence recovery
Dive into advanced topics such as GPS analysis, file carving, encryption, encoding, unpacking, and decompiling mobile application processes

In Detail

Mobile forensics presents a real challenge to the forensic community due to the fast and unstoppable changes in technology. This book aims to provide the forensic community an in-depth insight into mobile forensic techniques when it comes to deal with recent smartphones operating systems

Starting with a brief overview of forensic strategies and investigation procedures, you will understand the concepts of file carving, GPS analysis, and string analyzing. You will also see the difference between encryption, encoding, and hashing methods and get to grips with the fundamentals of reverse code engineering. Next, the book will walk you through the iOS, Android and Windows Phone architectures and filesystem, followed by showing you various forensic approaches and data gathering techniques.

You will also explore advanced forensic techniques and find out how to deal with third-applications using case studies. The book will help you master data acquisition on Windows Phone 8. By the end of this book, you will be acquainted with best practices and the different models used in mobile forensics.

Style and approach

The book is a comprehensive guide that will help the IT forensics community to go more in-depth into the investigation process and mobile devices take-over.

Frequently asked questions

Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.

At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.

Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.

We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.

Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.

Yes, you can access Mastering Mobile Forensics by Soufiane Tahiri in PDF and/or ePUB format, as well as other popular books in Computer Science & Cyber Security. We have over one million books available in our catalogue for you to explore.

Information

Publisher

Packt Publishing

Year

2016

ISBN

9781785287817

Edition

Topic

Computer Science

Subtopic

Cyber Security

Index

Computer Science

Mastering Mobile Forensics

Credits

About the Author

About the Reviewer

www.PacktPub.com

eBooks, discount offers, and more

Why subscribe?

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Downloading the color images of this book

Errata

Piracy

Questions

1. Mobile Forensics and the Investigation Process Model

Why mobile forensics?

Smartphone forensics models

Computer Forensic Investigation Process

Digital Forensic Research Workshop

Abstract Digital Forensics Model

Integrated Digital Investigation Process

End-to-end digital investigation process

Systemic Digital Forensic Investigation

Smartphone forensics challenges

Operating systems' variety and changeability

Important hardware variations

Different filesystems

Built-in security

Encrypted data wiping

Data volatility

The cloud

Summary

2. Do It Yourself – Low-Level Techniques

Getting acquainted with file carving

Carving the JPEG format

Carving the ZIP format

Extracting metadata – GPS analysis

String dump and analysis

Encryption versus encoding versus hashing

Encryption

Symmetric key encryption

Public key encryption

Encoding

ASCII and UNICODE/UTF-8

URL encoding

Hashing

Decompiling and disassembling

Summary

3. iDevices from a Forensic Point of View

The iOS architecture

The iOS filesystem

iOS platform and hardware security

Identifying stored data

iOS acquisition and forensic approaches

iOS boot process and operating modes

Unique device identifier

Lockdown certificate

iOS acquisition

Normal/direct acquisition

Logical acquisition

Physical acquisition

Jailbreaking iOS 9

Physical acquisition with Elcomsoft iOS Forensic Toolkit

iOS artifacts recovery – evidence gathering and data recovery

Artifact recovery using iPhone Analyzer

Artifact recovery using MOBILedit! Forensic

It's going biometric!

Third-party applications

Summary

4. Android Forensics

Android OS – all you need to know

Android security model

Full disk encryption

KeyChain and KeyStore

Application security

Application sandboxing and permissions

Security Enhanced Linux – SELinux

Application signing

Bypassing security

Bootloader/recovery mode

Rooting an Android device

Cracking a lock pattern

Cracking a PIN/password

Android logical data acquisition

Logical data acquisition using ADB

Logical data acquisition using AFLogical OSE

Android physical data acquisition

Analyzing the acquired image using Autopsy

JTAG and chip-off forensic examinations

Third-party applications and a real case study

Summary

5. Windows Phone 8 Forensics

Windows Phone 7 versus Windows Phone 8

Windows Phone 8 internals

Partitions and the filesystem

MainOS volume

User Data volume

Removable User Data

Application data storage

Windows phone 8 security models

Windows Phone 8 Secure Boot

Windows Phone 8 application security

Windows Phone data protection

Device access and security policies

BitLocker and hardware encryption

Windows Phone logical acquisition

Windows Phone logical acquisition using MOBILedit! Forensic 8.2

Windows Phone logical acquisition using Oxygen Forensic Suite 2014

Sideloading contacts and appointments acquisition agent

WP Logical implementation

Windows Phone cloud acquisition

Cloud acquisition using Elcomsoft Phone Breaker

Cloud acquisition using Passware Password Recovery Kit Forensic

JTAG and physical acquisition

Artifact location and user PIN study

Summary

6. Mobile Forensics – Best Practices

Presenting a mobile forensics process

Mobile device identification

Physical characteristics

Device info

Service provider

Summary

A. Preparing a Mobile Forensic Workstation

Index

Mastering Mobile Forensics

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

First published: May 2016

Production reference: 1250516

Published by Packt Publishing Ltd.

Livery Place

35 Livery Street

Birmingham B3 2PB, UK.

ISBN 978-1-78528-781-7

www.packtpub.com

Credits

Author

Soufiane Tahiri

Reviewer

Michael Yasumoto

Commissioning Editor

Julian Ursell

Acquisition Editor

Rahul Nair

Content Development Editor

Trusha Shriyan

Technical Editor

Taabish Khan

Copy Editors

Sonia Mathur

Sneha Singh

Project Coordinator

Shweta H Birwatkar

Proofreader

Safis Editing

Indexer

Hemangini Bari

Graphics

Kirk D'Penha

Disha Haria

Jason Monteiro

Production Coordinator

Aparna Bhagat

Cover Work

A...