Book Image

Practical Mobile Forensics - Second Edition

By : Heather Mahalik, Rohit Tamma, Satish Bommisetty
Book Image

Practical Mobile Forensics - Second Edition

By: Heather Mahalik, Rohit Tamma, Satish Bommisetty

Overview of this book

Mobile phone forensics is the science of retrieving data from a mobile phone under forensically sound conditions. This book is an update to Practical Mobile Forensics and it delves into the concepts of mobile forensics and its importance in today's world. We will deep dive into mobile forensics techniques in iOS 8 - 9.2, Android 4.4 - 6, and Windows Phone devices. We will demonstrate the latest open source and commercial mobile forensics tools, enabling you to analyze and retrieve data effectively. You will learn how to introspect and retrieve data from cloud, and document and prepare reports for your investigations. By the end of this book, you will have mastered the current operating systems and techniques so you can recover data from mobile devices by leveraging open source solutions.
Table of Contents (19 chapters)
Practical Mobile Forensics - Second Edition
Credits
About the Authors
About the Reviewer
www.PacktPub.com
Preface

Working with Cellebrite UFED Physical Analyzer


As per the vendor, Cellebrite UFED (Universal Forensic Extraction Device) empowers law enforcement, antiterrorism, and security organizations to capture critical forensic evidence from mobile phones, smartphones, PDAs, and portable handset varieties, including updates for newly released models. The tool enables forensically sound data extraction, decoding, and analysis techniques to obtain existing and deleted data from different mobile devices. As of March 2016, UFED supports data extraction from more than 18,000 mobile devices.

Cellebrite UFED Physical Analyzer can be used to perform physical and advanced logical acquisitions of iOS devices. Advanced logical acquisitions are the same as file system acquisitions in which access to the file system data is provided. Physical acquisition on iOS devices using the A5-A9 chips (iPhone 4s and newer) is not possible using this tool. Thus, the advanced logical acquisition method is the best support and...