Mastering Mobile Forensics
暫譯: 掌握行動取證技術

Key Features

• A mastering guide to help you overcome the roadblocks you face when dealing with mobile forensics
• Excel at the art of extracting data, recovering deleted data, bypassing screen locks, and much more
• Get best practices to how to collect and analyze mobile device data and accurately document your investigations

Book Description

Mobile forensics presents a real challenge to the forensic community due to the fast and unstoppable changes in technology. This book aims to provide the forensic community an in-depth insight into mobile forensic techniques when it comes to deal with recent smartphones operating systems

Starting with a brief overview of forensic strategies and investigation procedures, you will understand the concepts of file carving, GPS analysis, and string analyzing. You will also see the difference between encryption, encoding, and hashing methods and get to grips with the fundamentals of reverse code engineering. Next, the book will walk you through the iOS, Android and Windows Phone architectures and filesystem, followed by showing you various forensic approaches and data gathering techniques.

You will also explore advanced forensic techniques and find out how to deal with third-applications using case studies. The book will help you master data acquisition on Windows Phone 8. By the end of this book, you will be acquainted with best practices and the different models used in mobile forensics.

What you will learn

• Understand the mobile forensics process model and get guidelines on mobile device forensics
• Acquire in-depth knowledge about smartphone acquisition and acquisition methods
• Gain a solid understanding of the architecture of operating systems, file formats, and mobile phone internal memory
• Explore the topics of of mobile security, data leak, and evidence recovery
• Dive into advanced topics such as GPS analysis, file carving, encryption, encoding, unpacking, and decompiling mobile application processes

About the Author

Soufiane Tahiri is an independent computer security researcher and science enthusiast from Morocco, who specializes in .NET reverse code engineering and software security. He has an interest in low-level techniques and in recent years he has developed an interest in computer and smartphone forensics. He has been involved in IT security for more than 10 years and has dozen of publications and a lot of research in different computer security fields under his name.

Table of Contents

1. Mobile Forensics and the Investigation Process Model
2. Do It Yourself – Low-Level Techniques
3. iDevices from a Forensic Point of View
4. Android Forensics
5. Windows Phone 8 Forensics
6. Mobile Forensics – Best Practices
7. Preparing a Mobile Forensic Workstation