iOS Forensics for Investigators: Take mobile forensics to the next level by analyzing, extracting, and reporting sensitive evidence
暫譯: iOS 取證調查員指南:透過分析、提取和報告敏感證據提升行動取證技術

Tiepolo, Gianluca

iOS Forensics for Investigators: Take mobile forensics to the next level by analyzing, extracting, and reporting sensitive evidence
  • 出版商: Packt Publishing
  • 出版日期: 2022-05-04
  • 售價: $1,700
  • 貴賓價: 9.5$1,615
  • 語言: 英文
  • 頁數: 316
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 1803234083
  • ISBN-13: 9781803234083
  • 相關分類: Apple Developer

    • 立即出貨 (庫存=1)

買這商品的人也買了...

相關主題

商品描述

Extract crucial data and lead successful criminal investigations by infiltrating every level of iOS devices

Key Features

- Explore free and commercial tools for carrying out data extractions and analysis for digital forensics
- Learn to look for key artifacts, recover deleted mobile data, and investigate processed data
- Get up and running with extracting full filesystem images and jailbreak devices to gather the most data possible

Book Description

Professionals working in the mobile forensics industry will be able to put their knowledge to work with this practical guide to learning how to extract and analyze all available data from an iOS device.

This book is a comprehensive, how-to guide that leads investigators through the process of collecting mobile devices and preserving, extracting, and analyzing data, as well as building a report. Complete with step-by-step explanations of essential concepts, practical examples, and self-assessment questions, this book starts by covering the fundamentals of mobile forensics and how to overcome challenges in extracting data from iOS devices. Once you've walked through the basics of iOS, you'll learn how to use commercial tools to extract and process data and manually search for artifacts stored in database files. Next, you'll find out the correct workflows for handling iOS devices and understand how to extract valuable information to track device usage. You'll also get to grips with analyzing key artifacts, such as browser history, the pattern of life data, location data, and social network forensics.

By the end of this book, you'll be able to establish a proper workflow for handling iOS devices, extracting all available data, and analyzing it to gather precious insights that can be reported as prosecutable evidence.

What you will learn

- Become familiar with the mobile forensics workflow
- Understand how to legally seize iOS devices and preserve their data
- Extract evidence through logical and filesystem acquisitions
- Perform a deep-dive analysis of user data and system data
- Gain insights by analyzing third-party applications
- Get to grips with gathering evidence stored on iCloud

Who this book is for

Forensic analysts and investigators interested in extending their skills to extract data from iOS devices, including system logs, device usage, and third-party application data, will find this book useful. Anyone familiar with the principles of digital forensics and looking to expand their knowledge base in deep iOS examinations will also benefit from this book.

Knowledge of mobile forensic principles, data extraction, Unix/Linux terminal, and some hands-on understanding of databases and SQL query language is assumed.

商品描述(中文翻譯)

提取關鍵數據並通過滲透每個層級的 iOS 設備來引導成功的刑事調查

主要特點

- 探索免費和商業工具以進行數據提取和數字取證分析
- 學習尋找關鍵文物、恢復已刪除的移動數據以及調查處理過的數據
- 開始提取完整的檔案系統映像並越獄設備,以收集盡可能多的數據

書籍描述

在移動取證行業工作的專業人士將能夠利用這本實用指南,學習如何從 iOS 設備中提取和分析所有可用數據。

這本書是一個全面的操作指南,指導調查員收集移動設備並保存、提取和分析數據,以及撰寫報告。書中包含對基本概念的逐步解釋、實用示例和自我評估問題,首先涵蓋移動取證的基本原理以及如何克服從 iOS 設備提取數據的挑戰。在了解 iOS 的基本知識後,您將學習如何使用商業工具提取和處理數據,並手動搜索存儲在數據庫文件中的文物。接下來,您將了解處理 iOS 設備的正確工作流程,並理解如何提取有價值的信息以追蹤設備使用情況。您還將掌握分析關鍵文物,例如瀏覽器歷史、生活模式數據、位置數據和社交網絡取證。

在本書結束時,您將能夠建立處理 iOS 設備的正確工作流程,提取所有可用數據,並分析這些數據以獲取可作為起訴證據的寶貴見解。

您將學到的內容

- 熟悉移動取證工作流程
- 理解如何合法扣押 iOS 設備並保存其數據
- 通過邏輯和檔案系統獲取提取證據
- 對用戶數據和系統數據進行深入分析
- 通過分析第三方應用程序獲取見解
- 掌握收集存儲在 iCloud 上的證據

本書適合誰

對擴展技能以從 iOS 設備提取數據(包括系統日誌、設備使用情況和第三方應用程序數據)感興趣的取證分析師和調查員將會發現這本書非常有用。任何熟悉數字取證原則並希望擴展其在深度 iOS 檢查方面的知識基礎的人也將從本書中受益。

假設讀者具備移動取證原則、數據提取、Unix/Linux 終端以及對數據庫和 SQL 查詢語言的基本理解。

作者簡介

Gianluca Tiepolo is a cybersecurity researcher who specializes in mobile forensics and incident response. He holds a BSc degree in Computer Science and an MSc in Information Security, as well as several security-related certifications.

Over the past 12 years, he has performed security monitoring, threat hunting, incident response, and intelligence analysis as a consultant for dozens of organizations, including several Fortune 100 companies. Gianluca is also the co-founder of the startup Sixth Sense Solutions, which developed AI-based anti-fraud solutions. Today, Gianluca works as a Security Delivery Team Lead for consulting firm Accenture Security.

In 2016, he authored the book Getting Started with RethinkDB, published by Packt Publishing.

作者簡介(中文翻譯)

Gianluca Tiepolo 是一位專注於行動取證和事件響應的網路安全研究員。他擁有計算機科學的學士學位和資訊安全的碩士學位,以及多項與安全相關的認證。

在過去的12年中,他作為顧問為數十個組織執行安全監控、威脅獵捕、事件響應和情報分析,包括幾家《財富》100 強公司。Gianluca 也是初創公司 Sixth Sense Solutions 的共同創辦人,該公司開發了基於人工智慧的反詐騙解決方案。如今,Gianluca 擔任顧問公司 Accenture Security 的安全交付團隊負責人。

在2016年,他撰寫了由 Packt Publishing 出版的書籍《Getting Started with RethinkDB》。

目錄大綱

1. Introducing iOS Forensics
2. Data Acquisition from iOS Devices
3. Using Forensic Tools
4. Working with Common iOS Artifacts
5. Pattern-of-Life Forensics
6. Dissecting Location Data
7. Analyzing Connectivity Data
8. Email and Messaging Forensics
9. Photo, Video, and Audio Forensics
10. Analyzing Third-party Apps
11. Locked Devices, iTunes Backups, and iCloud Forensics
12. Writing a Forensic Report and Building a Timeline

目錄大綱(中文翻譯)

1. Introducing iOS Forensics

2. Data Acquisition from iOS Devices

3. Using Forensic Tools

4. Working with Common iOS Artifacts

5. Pattern-of-Life Forensics

6. Dissecting Location Data

7. Analyzing Connectivity Data

8. Email and Messaging Forensics

9. Photo, Video, and Audio Forensics

10. Analyzing Third-party Apps

11. Locked Devices, iTunes Backups, and iCloud Forensics

12. Writing a Forensic Report and Building a Timeline

類似商品