Book Image

Mastering Mobile Forensics

By : Soufiane Tahiri
Book Image

Mastering Mobile Forensics

By: Soufiane Tahiri

Overview of this book

Mobile forensics presents a real challenge to the forensic community due to the fast and unstoppable changes in technology. This book aims to provide the forensic community an in-depth insight into mobile forensic techniques when it comes to deal with recent smartphones operating systems Starting with a brief overview of forensic strategies and investigation procedures, you will understand the concepts of file carving, GPS analysis, and string analyzing. You will also see the difference between encryption, encoding, and hashing methods and get to grips with the fundamentals of reverse code engineering. Next, the book will walk you through the iOS, Android and Windows Phone architectures and filesystem, followed by showing you various forensic approaches and data gathering techniques. You will also explore advanced forensic techniques and find out how to deal with third-applications using case studies. The book will help you master data acquisition on Windows Phone 8. By the end of this book, you will be acquainted with best practices and the different models used in mobile forensics.

Related Content you might be interested in

Current Title:

Small book image
Mastering Mobile Forensics
Soufiane Tahiri
May, 2016 | 318 pages
No titles found
Table of Contents (14 chapters)
Mastering Mobile Forensics
Mastering Mobile Forensics
Credits
Credits
About the Author
About the Author
About the Reviewer
About the Reviewer
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Mobile Forensics and the Investigation Process Model
Mobile Forensics and the Investigation Process Model
Why mobile forensics?
Smartphone forensics models
Smartphone forensics challenges
Summary
2
Do It Yourself – Low-Level Techniques
Do It Yourself – Low-Level Techniques
Getting acquainted with file carving
Extracting metadata – GPS analysis
String dump and analysis
Encryption versus encoding versus hashing
Decompiling and disassembling
Summary
3
iDevices from a Forensic Point of View
iDevices from a Forensic Point of View
The iOS architecture
The iOS filesystem
iOS platform and hardware security
Identifying stored data
iOS acquisition and forensic approaches
It's going biometric!
Third-party applications
Summary
4
Android Forensics
Android Forensics
Android OS – all you need to know
Android security model
Bypassing security
Android logical data acquisition
Android physical data acquisition
JTAG and chip-off forensic examinations
Third-party applications and a real case study
Summary
5
Windows Phone 8 Forensics
Windows Phone 8 Forensics
Windows Phone 7 versus Windows Phone 8
Windows Phone 8 internals
Windows phone 8 security models
Windows Phone logical acquisition
JTAG and physical acquisition
Artifact location and user PIN study
Summary
6
Mobile Forensics – Best Practices
Mobile Forensics – Best Practices
Presenting a mobile forensics process
Mobile device identification
Summary
Preparing a Mobile Forensic Workstation
Preparing a Mobile Forensic Workstation
Index
Index

The iOS architecture

Originally called the iPhone OS, iOS is developed and distributed exclusively within Apple hardware (iPhones, iPads and iPod Touch). Similar to most operating systems, iOS is a layered OS. Applications deployed on any iOS device do not react directly with the underlying hardware, instead the operating system acts as a layer of system interfaces between those applications and the hardware; iOS is divided into four abstract layers as follows (from highest level at the top to the lowest-level at the bottom):

Cocoa Touch layer

Media layer

Core Services layer

Core OS layer

Table 1 - iOS layers

Let's look at the layers:

  • Cocoa Touch layer: This contains the basic framework that provides multitasking, touch-based inputs, push notifications, and most of the high level system services. This layer contains some high-level features such as app extensions, which allow sharing media content to social entities, performing simple tasks with content, photo editing, and providing shared...

Previous Section
End of Section 2
Next Section