Learning IOS Forensics

A practical hands-on guide to acquire and analyze iOS devices with the latest forensic techniques and tools

About This Book

• Perform logical, physical, and file system acquisition along with jailbreaking the device
• Get acquainted with various case studies on different forensic toolkits that can be used
• A step-by-step approach with plenty of examples to get you familiarized with digital forensics in iOS

Who This Book Is For

If you are a digital forensics examiner daily involved in the acquisition and analysis of mobile devices and want to have a complete overview of how to perform your work on iOS devices, this book is definitely for you.

What You Will Learn

• Identify an iOS device among various models (iPhone, iPad, and iPod Touch) and verify the iOS version installed
• Crack or bypass the passcode protection chosen by the user
• Acquire detailed physical or logical info of an iOS device
• Retrieve extra information from side channel data leaks
• Recover information from a local backup and eventually crack the backup password
• Download backup information stored on iCloud
• Analyze the system, user, and third-party information from a device, backup, or iCloud
• Examine malicious apps to identify the stolen data and credentials

In Detail

Mobile device forensics relates to the recovery of data from a mobile device. It has an impact on many different situations including criminal investigations and intelligence gathering. iOS devices, with their wide range of functionality and usability, have become one of the mobile market leaders. Millions of people often depend on iOS devices for storing sensitive information, leading to a rise in cybercrime. This has increased the need to successfully retrieve this information from these devices if stolen or lost.

Learning iOS Forensics will give you an insight into the forensics activities you can perform on iOS devices. You will begin with simple concepts such as identifying the specific iOS device and the operating system version and then move on to complex topics such as analyzing the different recognized techniques to acquire the content of the device. Throughout the journey, you will gain knowledge of the best way to extract most of the information by eventually bypassing the protection passcode. After that, you, the examiner, will be taken through steps to analyze the data. The book will give you an overview of how to analyze malicious applications created to steal user credentials and data.