MARC details
| 000 -LEADER |
|---|
| fixed length control field |
07640nam a2200421 i 4500 |
| 005 - DATE AND TIME OF LATEST TRANSACTION |
|---|
| control field |
20230526220444.0 |
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION |
|---|
| fixed length control field |
210823s2020 enka|||| |||| 001 0 eng d |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
9781838647520 |
| Qualifying information |
paperback |
| 040 ## - CATALOGING SOURCE |
|---|
| Original cataloging agency |
EG-CaTKH |
| Language of cataloging |
eng |
| Transcribing agency |
EG-CaTKH |
| Description conventions |
rda |
| 050 ## - LIBRARY OF CONGRESS CALL NUMBER |
|---|
| Classification number |
QA76.59 |
| 082 00 - DEWEY DECIMAL CLASSIFICATION NUMBER |
|---|
| Classification number |
005.8 TA.P 2020 |
| Edition number |
23 |
| 100 1# - MAIN ENTRY--PERSONAL NAME |
|---|
| Personal name |
Tamma, Rohit, |
| Relator term |
author. |
| 245 10 - TITLE STATEMENT |
|---|
| Title |
Practical mobile forensics : |
| Remainder of title |
forensically investigate and analyze iOS, Android, and Windows 10 devices / |
| Statement of responsibility, etc. |
Rohit Tamma, Oleg Skulkin, Heather Mahalik, Satish Bommisetty. |
| 250 ## - EDITION STATEMENT |
|---|
| Edition statement |
Fourth edition. |
| 264 #1 - PRODUCTION, PUBLICATION, DISTRIBUTION, MANUFACTURE, AND COPYRIGHT NOTICE |
|---|
| Place of production, publication, distribution, manufacture |
Birmingham, UK : |
| Name of producer, publisher, distributor, manufacturer |
Packt Publishing, |
| Date of production, publication, distribution, manufacture, or copyright notice |
2020. |
| 300 ## - PHYSICAL DESCRIPTION |
|---|
| Extent |
viii, 385 pages : |
| Other physical details |
illustrations ; |
| Dimensions |
24 cm. |
| 336 ## - CONTENT TYPE |
|---|
| Content type term |
txt |
| Content type code |
txt |
| Source |
rdacontent |
| 337 ## - MEDIA TYPE |
|---|
| Media type term |
unmediated |
| Media type code |
n |
| Source |
rdamedia |
| 338 ## - CARRIER TYPE |
|---|
| Carrier type term |
volume |
| Carrier type code |
nc |
| Source |
rdacarrier |
| 500 ## - GENERAL NOTE |
|---|
| General note |
Includes index. |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Cover -- Title Page -- Copyright and Credits -- About Packt -- Contributors -- Table of Contents -- Preface -- Chapter 01: Introduction to Mobile Forensics -- The need for mobile forensics -- Understanding mobile forensics -- Challenges in mobile forensics -- The mobile phone evidence extraction process -- The evidence intake phase -- The identification phase -- The legal authority -- Data that needs to be extracted -- The make, model, and identifying information for the device -- Data storage media -- Other sources of potential evidence -- The preparation phase -- The isolation phaseThe processing phase -- The verification phase -- The documenting and reporting phase -- The archiving phase -- Practical mobile forensic approaches -- Understanding mobile operating systems -- Android -- iOS -- Windows Phone -- Mobile forensic tool leveling system -- Manual extraction -- Logical analysis -- Hex dump -- Chip-off -- Micro read -- Data acquisition methods -- Physical acquisition -- Logical acquisition -- Manual acquisition -- Potential evidence stored on mobile phones -- Examination and analysis -- Rules of evidence -- Good forensic practices -- Securing the evidence--The processing phase -- The verification phase -- The documenting and reporting phase -- The archiving phase -- Practical mobile forensic approaches -- Understanding mobile operating systems -- Android -- iOS -- Windows Phone -- Mobile forensic tool leveling system -- Manual extraction -- Logical analysis -- Hex dump -- Chip-off -- Micro read -- Data acquisition methods -- Physical acquisition -- Logical acquisition -- Manual acquisition -- Potential evidence stored on mobile phones -- Examination and analysis -- Rules of evidence -- Good forensic practices -- Securing the evidence--Preserving the evidence -- Documenting the evidence and changes -- Reporting -- Summary -- Section 1: iOS Forensics -- Chapter 02: Understanding the Internals of iOS Devices -- iPhone models and hardware -- Identifying the correct hardware model -- Understanding the iPhone hardware -- iPad models and hardware -- Understanding the iPad hardware -- The HFS Plus and APFS filesystems -- The HFS Plus filesystem -- The HFS Plus volume -- The APFS filesystem -- The APFS structure -- Disk layout -- The iPhone OS -- The iOS architecture -- iOS security -- Passcodes, Touch ID, and Face ID -- Code signing--Sandboxing -- Encryption -- Data protection -- Address Space Layout Randomization (ASLR) -- Privilege separation -- Stack-smashing protection -- Data Execution Prevention (DEP) -- Data wiping -- Activation Lock -- The App Store -- Jailbreaking -- Summary -- Chapter 03: Data Acquisition from iOS Devices -- Operating modes of iOS devices -- Normal mode -- Recovery mode -- DFU mode -- Setting up the forensic environment -- Password protection and potential bypasses -- Logical acquisition -- Practical logical acquisition with libimobiledevice--Practical logical acquisition with the Belkasoft Acquisition Tool -- Practical logical acquisition with Magnet ACQUIRE -- Filesystem acquisition -- Practical jailbreaking -- Practical filesystem acquisition with free tools -- Practical filesystem acquisition with Elcomsoft iOS Forensic Toolkit -- Summary -- Chapter 04: Data Acquisition from iOS Backups -- Working with iTunes backups -- Creating and analyzing backups with iTunes -- Understanding the backup structure -- info.plist -- manifest.plist -- status.plist -- manifest.db -- Extracting unencrypted backups -- iBackup Viewer -- iExplorer.<br/> |
| 520 ## - SUMMARY, ETC. |
|---|
| Summary, etc. |
Become well-versed with forensics for the Android, iOS, and Windows 10 mobile platforms by learning essential techniques and exploring real-life scenarios Key Features Apply advanced forensic techniques to recover deleted data from mobile devices Retrieve and analyze data stored not only on mobile devices but also on the cloud and other connected mediums Use the power of mobile forensics on popular mobile platforms by exploring different tips, tricks, and techniques Book Description Mobile phone forensics is the science of retrieving data from a mobile phone under forensically sound conditions. This updated fourth edition of Practical Mobile Forensics delves into the concepts of mobile forensics and its importance in today's world. The book focuses on teaching you the latest forensic techniques to investigate mobile devices across various mobile platforms. You will learn forensic techniques for multiple OS versions, including iOS 11 to iOS 13, Android 8 to Android 10, and Windows 10. The book then takes you through the latest open source and commercial mobile forensic tools, enabling you to analyze and retrieve data effectively. From inspecting the device and retrieving data from the cloud, through to successfully documenting reports of your investigations, you'll explore new techniques while building on your practical knowledge. Toward the end, you will understand the reverse engineering of applications and ways to identify malware. Finally, the book guides you through parsing popular third-party applications, including Facebook and WhatsApp. By the end of this book, you will be proficient in various mobile forensic techniques to analyze and extract data from mobile devices with the help of open source solutions. What you will learn Discover new data extraction, data recovery, and reverse engineering techniques in mobile forensics Understand iOS, Windows, and Android security mechanisms Identify sensitive files on every mobile platform Extract data from iOS, Android, and Windows platforms Understand malware analysis, reverse engineering, and data analysis of mobile devices Explore various data recovery techniques on all three mobile platforms Who this book is for This book is for forensic examiners with basic experience in mobile forensics or open source solutions for mobile forensics. Computer security professionals, researchers or anyone looking to gain a deeper understanding of mobile internals will also find this book useful. |
| 630 00 - SUBJECT ADDED ENTRY--UNIFORM TITLE |
|---|
| Uniform title |
Android (Electronic resource) |
| 630 00 - SUBJECT ADDED ENTRY--UNIFORM TITLE |
|---|
| Uniform title |
Windows phone (Computer file) |
| 630 00 - SUBJECT ADDED ENTRY--UNIFORM TITLE |
|---|
| Uniform title |
Microsoft Windows (Computer file) |
| 630 00 - SUBJECT ADDED ENTRY--UNIFORM TITLE |
|---|
| Uniform title |
iOS (Electronic resource) |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Mobile computing |
| General subdivision |
Security measures. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Cell phone systems |
| General subdivision |
Security measures. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Computer crimes |
| General subdivision |
Investigation. |
| 700 1# - ADDED ENTRY--PERSONAL NAME |
|---|
| Personal name |
Skulkin, Oleg, |
| Relator term |
author. |
| 700 1# - ADDED ENTRY--PERSONAL NAME |
|---|
| Personal name |
Mahalik, Heather, |
| Relator term |
author. |
| 700 1# - ADDED ENTRY--PERSONAL NAME |
|---|
| Personal name |
Bommisetty, Satish, |
| Relator term |
author. |
| 856 41 - ELECTRONIC LOCATION AND ACCESS |
|---|
| Uniform Resource Identifier |
<a href="https://ebookcentral.proquest.com/lib/coventry/detail.action?docID=5254614&query=Practical+mobile+forensics+%3A+Forensically+investigate+and+analyze+iOS%2C+Android%2C+and+Windows+10+Devices">https://ebookcentral.proquest.com/lib/coventry/detail.action?docID=5254614&query=Practical+mobile+forensics+%3A+Forensically+investigate+and+analyze+iOS%2C+Android%2C+and+Windows+10+Devices</a> |
| 942 ## - ADDED ENTRY ELEMENTS (KOHA) |
|---|
| Source of classification or shelving scheme |
Dewey Decimal Classification |
| Koha item type |
Books |
| 998 ## - LOCAL CONTROL INFORMATION (RLIN) |
|---|
| Cataloger's name |
huda.mahmoud |
| Cataloging process |
M |
| First Date, FD (RLIN) |
2022028 |
| 998 ## - LOCAL CONTROL INFORMATION (RLIN) |
|---|
| Cataloger's name |
mona.romia |
| Cataloging process |
R |
| First Date, FD (RLIN) |
20220209 |
| 100 ## - MAIN ENTRY--PERSONAL NAME |
|---|
| Real World Object URI |
Tamma, Rohit, |
