- Practical Mobile Forensics(Second Edition)
- Heather Mahalik Rohit Tamma Satish Bommisetty
- 309字
- 2021-07-16 10:55:48
Potential evidence stored on mobile phones
The range of information that can be obtained from mobile phones is detailed in this section. Data on a mobile phone can be found in a number of locations: SIM card, external storage card, and phone memory. In addition, the service provider also stores communication-related information. The book primarily focuses on data acquired from the phone memory. Mobile device data extraction tools recover data from the phone's memory. Even though data recovered during a forensic acquisition depends on the mobile model, in general, the following data is common across all models and useful as evidence. Note that most of the following artifacts contain date and timestamps:
- Address Book: This stores contact names, numbers, e-mail addresses, and so on
- Call History: This contains dialed, received, missed calls, and call durations
- SMS: This contains sent and received text messages
- MMS: This contains media files such as sent and received photos and videos
- E-mail: This contains sent, drafted, and received e-mail messages
- Web browser history: This contains the history of websites that were visited
- Photos: This contains pictures that are captured using the mobile phone camera, those downloaded from the Internet, and the ones transferred from other devices
- Videos: This contains videos that are captured using the mobile camera, those downloaded from the Internet, and the ones transferred from other devices
- Music: This contains music files downloaded from the Internet and those transferred from other devices
- Documents: This contains documents created using the device's applications, those downloaded from the Internet, and the ones transferred from other devices
- Calendar: This contains calendar entries and appointments
- Network communication: This contains GPS locations
- Maps: This contains looked-up directions, and searched and downloaded maps
- Social networking data: This contains data stored by applications, such as Facebook, Twitter, LinkedIn, Google+, and WhatsApp
- Deleted data: This contains information deleted from the phone
推薦閱讀
- 零信任網絡:在不可信網絡中構建安全系統
- Getting Started with FortiGate
- Learning Veeam? Backup & Replication for VMware vSphere
- 局域網交換機安全
- 解密彩虹團隊非凡實戰能力:企業安全體系建設(共5冊)
- 信息安全導論(第2版)
- 信息技術基礎:提高篇·實驗與習題
- 白話零信任
- 網絡安全實戰詳解(企業專供版)
- Mastering Python for Networking and Security
- 云計算安全防護技術
- 網絡攻防實戰研究:MySQL數據庫安全
- 紅藍攻防:技術與策略(原書第3版)
- 黑客攻防從入門到精通:實戰篇(第2版)
- CPK通向賽博安全之路:理論與實踐CPK Solution to Cyber Security:Theory and Practice