finelybook
Mobile Forensics - Advanced Investigative Strategies
by Oleg Afonin,Vladimir Katalov
pages 页数: 412 pages
Publisher Finelybook 出版社: Packt Publishing (30 Sept. 2016)
Language 语言: English
ISBN-10 书号: 1786464489
ISBN-13 书号: 9781786464484
B01F7HCB34
主要特征
处理路障的简单指南在进行手机取证时面临困境
使用正确的方法,技术和工具组合来简化移动取证
无论您的职业水平或经验如何,都可以获得宝贵的建议,让您了解法医专业人士的心态
图书说明
没有法医工具就不可能调查数字媒体。处理复杂的法医问题需要使用专门的工具,甚至更重要的是正确的策略。在本书中,您将学习策略和方法来处理存储在智能手机和平板电脑上的信息,并了解如何使正确的工具正常工作。
我们首先帮助您了解移动设备的概念,作为有价值证据的来源。在本书中,您将探讨策略和“戏剧”,并决定何时使用每项技术。我们涵盖重要技术,例如抓住技术来屏蔽设备,以及采集技术,包括物理采集(通过USB连接),通过数据备份进行逻辑采集,空中采集。我们还探讨云分析,证据发现和数据分析,移动取证工具,以及帮助您发现和分析证据的工具。
在本书的最后,您将更好地了解用于处理获取,保存和提取存储在智能手机,平板电脑和云端上的证据的工具和方法。
你会学到什么
了解移动取证的挑战
掌握如何妥善处理数字证据
探索iOS,Android,Windows和BlackBerry移动设备上可用的证据类型
了解在特定情况下预期的取证结果
推断何时以及如何应用物理,逻辑,空中或低级(高级)采集方式
了解所有主要移动平台的不同采集方式
发现所有主要平台的重要移动采集工具和技术
关于作者
Oleg Afonin是数字法医研究员和专家。他经常在CEIC,HTCIA,FT-Day,TechnoForensics等行业知名会议上发表演讲。 Oleg共同撰写了关于IT安全和移动取证的多篇出版物。凭借多年在数字取证和安全领域方面的经验,奥列格已经为多个国家的执法部门开展了法医培训课程。他是由他撰写的一些文章,
https://articles.forensicfocus.com/author/belkasoft/ https://eforensicsmag.com/acquiring-windows-pcs/
Vladimir Katalov是ElcomSoft有限公司的CEO,联合创始人,共同所有者。 Vladimir管理公司的所有技术研究和产品开发。他定期举办各种活动,为多个国家的计算机调查委员会和其他执法机构进行安全和计算机取证培训。
你可以在http://nullcon.net/website/goa-14/speakers/vladimir-katalov.php找到他的个人资料
目录
第1章移动取证介绍
第二章采集方法概述
第3章采集 - 接近Android设备
第4章Android采集的实际步骤
第5章iOS - 简介和物理采集
第6章iOS逻辑和云采集
第7章采集 - 接近Windows Phone和Windows 10 Mobile
第8章采集 - 接近Windows 8,8.1,10和RT平板电脑
第9章采集 - 接近黑莓
第十章处理问题,障碍和特殊情况
第11章移动法医工具和案例研究
Key Features
A straightforward guide to address the roadblocks face when doing mobile forensics
Simplify mobile forensics using the right mix of methods,techniques,and tools
Get valuable advice to put you in the mindset of a forensic professional,regardless of your career level or experience
Book Description
Investigating digital media is impossible without forensic tools. Dealing with complex forensic problems requires the use of dedicated tools,and even more importantly,the right strategies. In this book,you’ll learn strategies and methods to deal with information stored on smartphones and tablets and see how to put the right tools to work.
We begin by helping you understand the concept of mobile devices as a source of valuable evidence. Throughout this book,you will explore strategies and "plays" and decide when to use each technique. We cover important techniques such as seizing techniques to shield the device,and acquisition techniques including physical acquisition (via a USB connection),logical acquisition via data backups,over-the-air acquisition. We also explore cloud analysis,evidence discovery and data analysis,tools for mobile forensics,and tools to help you discover and analyze evidence.
By the end of the book,you will have a better understanding of the tools and methods used to deal with the challenges of acquiring,preserving,and extracting evidence stored on smartphones,tablets,and the cloud.
What you will learn
Understand the challenges of mobile forensics
Grasp how to properly deal with digital evidence
Explore the types of evidence available on iOS,Android,Windows,and BlackBerry mobile devices
Know what forensic outcome to expect under given circumstances
Deduce when and how to apply physical,logical,over-the-air,or low-level (advanced) acquisition methods
Get in-depth knowledge of the different acquisition methods for all major mobile platforms
Discover important mobile acquisition tools and techniques for all of the major platforms
About the Author
Oleg Afonin is a researcher and an expert in digital forensics. He is a frequent speaker at industry-known conferences such as CEIC,HTCIA,FT-Day,TechnoForensics,and others. Oleg has co-authored multiple publications on IT security and mobile forensics. With years of experience in the digital forensics and security domain,Oleg has led forensic training courses for law enforcement departments in multiple countries.Here are some of the articles written by him-
https://articles.forensicfocus.com/author/belkasoft/ https://eforensicsmag.com/acquiring-windows-pcs/
Vladimir Katalov is the CEO,co-founder,and co-owner of ElcomSoft Co.Ltd. Vladimir manages all the technical research and product development in the company. He regularly presents at various events and runs security and computer forensics training for computer investigative committees and other law enforcement organizations in multiple countries.
You can find his profile at - http://nullcon.net/website/goa-14/speakers/vladimir-katalov.php
Contents
Chapter 1. Introducing Mobile Forensics
Chapter 2. Acquisition Methods Overview
Chapter 3. Acquisition – Approaching Android Devices
Chapter 4. Practical Steps to Android Acquisition
Chapter 5. iOS – Introduction and Physical Acquisition
Chapter 6. iOS Logical and Cloud Acquisition
Chapter 7. Acquisition – Approaching Windows Phone and Windows 10 Mobile
Chapter 8. Acquisition – Approaching Windows 8,8.1,10,and RT Tablets
Chapter 9. Acquisition – Approaching BlackBerry
Chapter 10. Dealing with Issues,Obstacles,and Special Cases
Chapter 11. Mobile Forensic Tools and Case Studies
