Seeking the Truth from Mobile Evidence: Basic Fundamentals, Intermediate and Advanced Overview of Current Mobile Forensic Investigations
Bair, John
Seeking the Truth with Mobile Evidence: Basic Fundamentals, Intermediate and Advanced Overview of Current Mobile Forensic Investigations will assist those who have never collected mobile evidence and augment the work of professionals who are not currently performing advanced destructive techniques. This book is intended for any professional that is interested in pursuing work that involves mobile forensics, and is designed around the outcomes of criminal investigations that involve mobile digital evidence. Author John Bair brings to life the techniques and concepts that can assist those in the private or corporate sector. Mobile devices have always been very dynamic in nature. They have also become an integral part of our lives, and often times, a digital representation of where we are, who we communicate with and what we document around us. Because they constantly change features, allow user enabled security, and or encryption, those employed with extracting user data are often overwhelmed with the process. This book presents a complete guide to mobile device forensics, written in an easy to understand format. Provides users with the steps and methodology needed for mobile forensics acquisitions, from start to finishIncludes discussions on legal issues, SIM file systems, mobile networks, virtual networks and troubleshootingPresents how to investigate using Attention Terminal Protocols, encoding/decoding, Protocol Delivery Unit (PDU), NAND and NOR memory, wear-leveling, garbage collection and SQlite databasesContains complete coverage of Protocol Delivery Unit (PDU), Joint Test Action Group (JTAG) techniques, use of flasher and programming boxes and chip-off (destructive) techniques INDICE: Part I: Basic, Fundamental Concepts 1. Defining Cell Phone Forensics, Standards, Evidence Contamination and Faraday Methods 2. The Legal Process, Mobile Network Operators, Mobile Virtual Network Operators, Search Warrant Language 3. The Cellular Network 4. Subscriber Identity Module 5. Device Identification 6. Triaging Mobile Evidence 7. The Logical Exam 8. Troubleshooting Logical Exams 9. Manual Exams 10. Report Writing Part II: Intermediate Concepts 11. Physical Acquisitions 12. Physical Memory and Encoding 13. Date & Time Stamps 14. Physical Analyzer Decoding - Rebuilding Data and The Project Tree 15. Physical Analyzer - Data searching using the Find tab 16. Physical Analyzer - RegEx (GREP), SMS 7Bit (PDU), Pattern and Code Searching 17. Physical Analyzer - Open Advanced (Using Chains and Plug-ins) 18. Physical Analyzer - Watch List Editor and Malware Scanner 19. Application Data 20. Advanced Validation Part III: Advanced Concepts 21. Android user enabled security: (Passwords and Gesture) 22. Non-destructive hardware and software solutions 23. JTAG (Joint Test Action Group) 24. JTAG specialized equipment 25. RIFF Box Overview 26. RIFF 2 Box Overview 27. Z3X (Easy JTAG) Box 28. Chip Removal Overview 29. BGA cleaning and reading 30. eMMC Reading and In-System Programming
- ISBN: 978-0-12-811056-0
- Editorial: Academic Press
- Encuadernacion: Rústica
- Páginas: 424
- Fecha Publicación: 01/11/2017
- Nº Volúmenes: 1
- Idioma: Inglés