Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Mobile Forensics ??? Advanced Investigative Strategies
  • Table Of Contents Toc
Mobile Forensics ??? Advanced Investigative Strategies

Mobile Forensics ??? Advanced Investigative Strategies

By : Oleg Afonin, Vladimir Katalov
4.7 (3)
close
close
Mobile Forensics ??? Advanced Investigative Strategies

Mobile Forensics ??? Advanced Investigative Strategies

4.7 (3)
By: Oleg Afonin, Vladimir Katalov

Overview of this book

Investigating digital media is impossible without forensic tools. Dealing with complex forensic problems requires the use of dedicated tools, and even more importantly, the right strategies. In this book, you’ll learn strategies and methods to deal with information stored on smartphones and tablets and see how to put the right tools to work. We begin by helping you understand the concept of mobile devices as a source of valuable evidence. Throughout this book, you will explore strategies and "plays" and decide when to use each technique. We cover important techniques such as seizing techniques to shield the device, and acquisition techniques including physical acquisition (via a USB connection), logical acquisition via data backups, over-the-air acquisition. We also explore cloud analysis, evidence discovery and data analysis, tools for mobile forensics, and tools to help you discover and analyze evidence. By the end of the book, you will have a better understanding of the tools and methods used to deal with the challenges of acquiring, preserving, and extracting evidence stored on smartphones, tablets, and the cloud.
Table of Contents (12 chapters)
close
close

Live imaging


Live imaging may be your last resort when acquiring an encrypted device. Since neither bootloader exploits nor custom recoveries can decrypt encrypted partitions, you may need to start and unlock the device with the correct PIN code in order to gain access to the encrypted data partition.

Live imaging of an Android device is similar to the process described in the Imaging via custom recovery – physical imaging via dd section.

Live imaging with root (via dd)

Live imaging is considered to be a less forensically-sound method compared to using a custom recovery or other acquisition methods. This method requires a rooted device with BusyBox installed. Rooting an Android device in general is not always safe or possible. Depending on the version of Android and the method used to obtain root access, rooting may modify the device boot image and/or its system and data partitions. Installing BusyBox may or may not modify the system partition. Rooting and installing BusyBox may also alter...

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Mobile Forensics ??? Advanced Investigative Strategies
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon