What do you think?
Rate this book
Practical Mobile Forensics - Third Edition
Mobile phone forensics is the science of retrieving data from a mobile phone under forensically sound conditions. This book is an update to Practical Mobile Forensics, Second Edition and it delves into the concepts of mobile forensics and its importance in today's world.
402 pages, Kindle Edition
First published January 1, 2014
15 people are currently reading
33 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 5 of 5 reviews
December 15, 2014
Practical mobile forensics is a descent starter guide for those who are new to this and are willing to go a step ahead.
The book covers most of the major mobile platforms. The best part was the inclusion of devices like ipads and tablets. Even though the underlying operating system is same either in tablet or mobile phone, but some generic hardware differences can lead you to a catch-22 situation.
Here is a quick breakthrough based on chapters:
Chapter 1: Introduction to Mobile Forensics
This is a "getting started" chapter with quick introduction to basic terminologies in mobile forensics.
Chapter 2,3,4,5 and 6 : iOS platform
The next consecutive chapters are based on iOS platform and its supporting devices. The second chapter gives a quick look inside the platform. The next chapter discuss about setting up the forensic environment and its required dependencies. It covers steps like: getting and setting iOS firmware, operating modes, iDid etc. The fourth chapter is about acquiring data from iOS backup storage. The chapter nicely explains the backup structure which helps building a better understanding of how iOS structures the data inside the device.
Chapter 5 is all about analysing data extracted in previous 2 chapters. The 6th chapter is the conclusive chapter for iOS platform. It deals with various forensic tools like EIFT, Oxygen forensic and UFED.
Chapter 7, 8, 9, 10 and 11
Chapter 7 to 11 is a series of text dedicated to android platform. I liked the Android section more than iOS owing to the fact that iOS is very much tool driven and there are not many open source tools available. For Android, there are far more possibilities to explore.
Chapter 7 and 8 deals with the basics of Android OS and setting up the forensic environment.
Chapter 9 covers the data extraction techniques. Not to mention that getting root is the first step. Chapter 10 deals with some quick techniques on data recovery.
Chapter 11 covers tips for APK or Application analysis. The chapter discuss briefly how Apps can be extracted and reverse engineered. I was expecting a more in-depth explanation here since malicious APKs are the most sort after subjects for mobile forensic professionals.
Chapter 12: This chapter is an introductory analysis of Windows OS for mobile devices. The chapter covers details like the security structure, basic forensics etc.
Chapter 13: This chapter deals with Blackberry Forensics.
Overall, the book is a good introduction to mobile application forensic and has some pretty interesting things to read and try.
It is highly recommended to try out the practical demonstrations on your own to figure out the real challenges involved during forensics.
The book lays too much emphasis on ready-made tools, which is in a way a good and fast way of doing stuff, but for advanced users, they might want to see some core stuff like building custom forensic tools and techniques.
The book covers most of the major mobile platforms. The best part was the inclusion of devices like ipads and tablets. Even though the underlying operating system is same either in tablet or mobile phone, but some generic hardware differences can lead you to a catch-22 situation.
Here is a quick breakthrough based on chapters:
Chapter 1: Introduction to Mobile Forensics
This is a "getting started" chapter with quick introduction to basic terminologies in mobile forensics.
Chapter 2,3,4,5 and 6 : iOS platform
The next consecutive chapters are based on iOS platform and its supporting devices. The second chapter gives a quick look inside the platform. The next chapter discuss about setting up the forensic environment and its required dependencies. It covers steps like: getting and setting iOS firmware, operating modes, iDid etc. The fourth chapter is about acquiring data from iOS backup storage. The chapter nicely explains the backup structure which helps building a better understanding of how iOS structures the data inside the device.
Chapter 5 is all about analysing data extracted in previous 2 chapters. The 6th chapter is the conclusive chapter for iOS platform. It deals with various forensic tools like EIFT, Oxygen forensic and UFED.
Chapter 7, 8, 9, 10 and 11
Chapter 7 to 11 is a series of text dedicated to android platform. I liked the Android section more than iOS owing to the fact that iOS is very much tool driven and there are not many open source tools available. For Android, there are far more possibilities to explore.
Chapter 7 and 8 deals with the basics of Android OS and setting up the forensic environment.
Chapter 9 covers the data extraction techniques. Not to mention that getting root is the first step. Chapter 10 deals with some quick techniques on data recovery.
Chapter 11 covers tips for APK or Application analysis. The chapter discuss briefly how Apps can be extracted and reverse engineered. I was expecting a more in-depth explanation here since malicious APKs are the most sort after subjects for mobile forensic professionals.
Chapter 12: This chapter is an introductory analysis of Windows OS for mobile devices. The chapter covers details like the security structure, basic forensics etc.
Chapter 13: This chapter deals with Blackberry Forensics.
Overall, the book is a good introduction to mobile application forensic and has some pretty interesting things to read and try.
It is highly recommended to try out the practical demonstrations on your own to figure out the real challenges involved during forensics.
The book lays too much emphasis on ready-made tools, which is in a way a good and fast way of doing stuff, but for advanced users, they might want to see some core stuff like building custom forensic tools and techniques.
August 6, 2014
The book achieves very well its goal to be a good hands-on guide for both forensic professionals and people interested in data recovery from mobile devices.
In fact there are specific sections where it explains how to conduct a forensic analysis and the forensic tools that are available for this purpose, while the rest of the book has parts that are useful for everyone.
The book is up to date with the mobile devices that you can find on the market today and explains how to handle them, covering the four most widespread operating systems on the mobile market: iOS, Android, Windows Phone and BlackBerry OS.
For each of this systems, there is an in depth explanation of the internals of the operating system, focusing on security related aspects and on how data is stored on the device.
This theory session is followed by a practical part, where the author explains common techniques to take control on the device and acquire data from it, starting with standard tools and introducing more specific tools, leaving forensic tools at the end.
This scheme lets the reader familiarize with the device and commonly available tools, helping him to better understand how the device works and how to handle it without sophisticated tools that simplify the work.
Overall, I think this is a good book to read if you are looking to learn how to conduct a forensic analysis of mobile devices and the related techniques or just want to learn how mobile devices work and how to recover data from them.
In fact there are specific sections where it explains how to conduct a forensic analysis and the forensic tools that are available for this purpose, while the rest of the book has parts that are useful for everyone.
The book is up to date with the mobile devices that you can find on the market today and explains how to handle them, covering the four most widespread operating systems on the mobile market: iOS, Android, Windows Phone and BlackBerry OS.
For each of this systems, there is an in depth explanation of the internals of the operating system, focusing on security related aspects and on how data is stored on the device.
This theory session is followed by a practical part, where the author explains common techniques to take control on the device and acquire data from it, starting with standard tools and introducing more specific tools, leaving forensic tools at the end.
This scheme lets the reader familiarize with the device and commonly available tools, helping him to better understand how the device works and how to handle it without sophisticated tools that simplify the work.
Overall, I think this is a good book to read if you are looking to learn how to conduct a forensic analysis of mobile devices and the related techniques or just want to learn how mobile devices work and how to recover data from them.
October 7, 2014
Excellent guide to not only useful tools to analyze and recover data from mobile devices, iOS, Android, and MS are all covered. While I felt restricted as the author used Mac OS for most of the operations for the iOS devices, some windows applications that are open source would be nice to have. If this is for a professional company then the $1,500 price tag for one of the software options are not a major concern.
You'll certainly walk away with a good understanding of how the different OS versions store the data and how to access it rather quickly, having rooted devices makes this task much easier. Part of gathering data is knowing where to look and this book not only gives you that information, but takes it a step further and gives you some handy database related commands to extract the data you'd most likely be interested in.
All in all I give this book 5 starts because it did have a lot of solid information despite the lack luster for lower cost software solutions. If you're looking to get into data recovery for mobile platforms or do the forensic work, do yourself a favor and pick up a copy of this book already.
Publisher Link: https://www.packtpub.com/application-...
Show less
You'll certainly walk away with a good understanding of how the different OS versions store the data and how to access it rather quickly, having rooted devices makes this task much easier. Part of gathering data is knowing where to look and this book not only gives you that information, but takes it a step further and gives you some handy database related commands to extract the data you'd most likely be interested in.
All in all I give this book 5 starts because it did have a lot of solid information despite the lack luster for lower cost software solutions. If you're looking to get into data recovery for mobile platforms or do the forensic work, do yourself a favor and pick up a copy of this book already.
Publisher Link: https://www.packtpub.com/application-...
Show less
October 20, 2014
Practical Mobile Forensics is an introduction to mobile forensics for iOS, Android, Windows Phone and BlackBerry devices.
The book has a repeating format for each platform following along the lines of theory, data extraction, and analysis.
Due to device availability, the only chapters I went through were for iOS and Android. I was able to complete the Android chapters without any issues, however, i feel that some changes in iOS 8 likely caused a little bit of issues here and there with the iOS side. Also, a lot of the tools/techniques happen to mention support for iOS versions less than 6.1.
Overall, I felt this book provided a good foundation into getting into mobile forensics. Due to the cost of a lot of the software covered in this book, I would recommend this more for enterprise-level users who likely have licenses to the software discussed in this book.
The book has a repeating format for each platform following along the lines of theory, data extraction, and analysis.
Due to device availability, the only chapters I went through were for iOS and Android. I was able to complete the Android chapters without any issues, however, i feel that some changes in iOS 8 likely caused a little bit of issues here and there with the iOS side. Also, a lot of the tools/techniques happen to mention support for iOS versions less than 6.1.
Overall, I felt this book provided a good foundation into getting into mobile forensics. Due to the cost of a lot of the software covered in this book, I would recommend this more for enterprise-level users who likely have licenses to the software discussed in this book.
November 26, 2014
This is an excellent read about Mobile Forensics. It is written in crisp and clear language. It covers various forensic techniques for multiple platforms like IOS, Android, Windows and Blackberry. Right from data acquisitions to evidence analysis all the processes are explained quite well.
Displaying 1 - 5 of 5 reviews