Mobile Forensics: Advanced Investigative Strategies
暫譯: 行動取證:進階調查策略

Oleg Afonin, Vladimir Katalov

  • 出版商: Packt Publishing
  • 出版日期: 2016-09-30
  • 售價: $1,940
  • 貴賓價: 9.5$1,843
  • 語言: 英文
  • 頁數: 412
  • 裝訂: Paperback
  • ISBN: 1786464489
  • ISBN-13: 9781786464484
  • 相關分類: Penetration-test
  • 海外代購書籍(需單獨結帳)

商品描述

Key Features

  • A straightforward guide to address the roadblocks face when doing mobile forensics
  • Simplify mobile forensics using the right mix of methods, techniques, and tools
  • Get valuable advice to put you in the mindset of a forensic professional, regardless of your career level or experience

Book Description

Investigating digital media is impossible without forensic tools. Dealing with complex forensic problems requires the use of dedicated tools, and even more importantly, the right strategies. In this book, you’ll learn strategies and methods to deal with information stored on smartphones and tablets and see how to put the right tools to work.

We begin by helping you understand the concept of mobile devices as a source of valuable evidence. Throughout this book, you will explore strategies and "plays" and decide when to use each technique. We cover important techniques such as seizing techniques to shield the device, and acquisition techniques including physical acquisition (via a USB connection), logical acquisition via data backups, over-the-air acquisition. We also explore cloud analysis, evidence discovery and data analysis, tools for mobile forensics, and tools to help you discover and analyze evidence.

By the end of the book, you will have a better understanding of the tools and methods used to deal with the challenges of acquiring, preserving, and extracting evidence stored on smartphones, tablets, and the cloud.

What you will learn

  • Understand the challenges of mobile forensics
  • Grasp how to properly deal with digital evidence
  • Explore the types of evidence available on iOS, Android, Windows, and BlackBerry mobile devices
  • Know what forensic outcome to expect under given circumstances
  • Deduce when and how to apply physical, logical, over-the-air, or low-level (advanced) acquisition methods
  • Get in-depth knowledge of the different acquisition methods for all major mobile platforms
  • Discover important mobile acquisition tools and techniques for all of the major platforms

About the Author

Oleg Afonin is a researcher and an expert in digital forensics. He is a frequent speaker at industry-known conferences such as CEIC, HTCIA, FT-Day, Techno Forensics, and others. Oleg has co-authored multiple publications on IT security and mobile forensics. With years of experience in the digital forensics and security domain, Oleg has led forensic training courses for law enforcement departments in multiple countries.

Vladimir Katalov is CEO, co-founder, and co-owner of ElcomSoft Co. Ltd. Vladimir manages all technical research and product development in the company. He regularly presents at various events and regularly runs security and computer forensics training both for foreign and domestic (Russian) computer investigative committees and other law enforcement organizations.

Table of Contents

  1. Introducing Mobile Forensics
  2. Acquisition Methods Overview
  3. Acquisition – Approaching Android Devices
  4. Practical Steps to Android Acquisition
  5. iOS – Introduction and Physical Acquisition
  6. iOS Logical and Cloud Acquisition
  7. Acquisition – Approaching Windows Phone and Windows 10 Mobile
  8. Acquisition – Approaching Windows 8, 8.1, 10, and RT Tablets
  9. Acquisition – Approaching BlackBerry
  10. Dealing with Issues, Obstacles, and Special Cases
  11. Mobile Forensic Tools and Case Studies

商品描述(中文翻譯)

**主要特點**

- 一個簡單明瞭的指南,幫助解決進行行動取證時所面臨的障礙
- 使用正確的混合方法、技術和工具來簡化行動取證
- 獲得有價值的建議,讓你無論職業水平或經驗如何,都能具備取證專業人士的心態

**書籍描述**

調查數位媒體在沒有取證工具的情況下是不可能的。處理複雜的取證問題需要使用專用工具,更重要的是,還需要正確的策略。在本書中,你將學習處理存儲在智能手機和平板電腦上的信息的策略和方法,並了解如何將正確的工具付諸實踐。

我們首先幫助你理解行動裝置作為有價值證據來源的概念。在本書中,你將探索策略和“玩法”,並決定何時使用每種技術。我們涵蓋了重要的技術,例如保護設備的扣押技術,以及包括物理獲取(通過 USB 連接)、邏輯獲取(通過數據備份)、無線獲取的獲取技術。我們還探討了雲端分析、證據發現和數據分析、行動取證工具,以及幫助你發現和分析證據的工具。

在書籍結束時,你將更好地理解用於應對獲取、保存和提取存儲在智能手機、平板電腦和雲端上的證據挑戰的工具和方法。

**你將學到的內容**

- 理解行動取證的挑戰
- 掌握如何正確處理數位證據
- 探索 iOS、Android、Windows 和 BlackBerry 行動裝置上可用的證據類型
- 知道在特定情況下預期的取證結果
- 推斷何時以及如何應用物理、邏輯、無線或低層(進階)獲取方法
- 深入了解所有主要行動平台的不同獲取方法
- 發現所有主要平台的重要行動獲取工具和技術

**關於作者**

**Oleg Afonin** 是數位取證的研究員和專家。他是多個知名行業會議的常客演講者,如 CEIC、HTCIA、FT-Day、Techno Forensics 等。Oleg 共同撰寫了多篇有關 IT 安全和行動取證的出版物。憑藉在數位取證和安全領域的多年經驗,Oleg 為多個國家的執法部門主辦取證培訓課程。

**Vladimir Katalov** 是 ElcomSoft Co. Ltd. 的首席執行官、共同創辦人和共同擁有者。Vladimir 負責公司所有技術研究和產品開發。他定期在各種活動上發表演講,並定期為外國和國內(俄羅斯)計算機調查委員會及其他執法機構舉辦安全和計算機取證培訓。

**目錄**

1. 介紹行動取證
2. 獲取方法概述
3. 獲取 - 接近 Android 裝置
4. Android 獲取的實用步驟
5. iOS - 介紹和物理獲取
6. iOS 邏輯和雲端獲取
7. 獲取 - 接近 Windows Phone 和 Windows 10 Mobile
8. 獲取 - 接近 Windows 8、8.1、10 和 RT 平板電腦
9. 獲取 - 接近 BlackBerry
10. 處理問題、障礙和特殊情況
11. 行動取證工具和案例研究