- Practical Mobile Forensics(Second Edition)
- Heather Mahalik Rohit Tamma Satish Bommisetty
- 309字
- 2021-07-16 10:55:48
Potential evidence stored on mobile phones
The range of information that can be obtained from mobile phones is detailed in this section. Data on a mobile phone can be found in a number of locations: SIM card, external storage card, and phone memory. In addition, the service provider also stores communication-related information. The book primarily focuses on data acquired from the phone memory. Mobile device data extraction tools recover data from the phone's memory. Even though data recovered during a forensic acquisition depends on the mobile model, in general, the following data is common across all models and useful as evidence. Note that most of the following artifacts contain date and timestamps:
- Address Book: This stores contact names, numbers, e-mail addresses, and so on
- Call History: This contains dialed, received, missed calls, and call durations
- SMS: This contains sent and received text messages
- MMS: This contains media files such as sent and received photos and videos
- E-mail: This contains sent, drafted, and received e-mail messages
- Web browser history: This contains the history of websites that were visited
- Photos: This contains pictures that are captured using the mobile phone camera, those downloaded from the Internet, and the ones transferred from other devices
- Videos: This contains videos that are captured using the mobile camera, those downloaded from the Internet, and the ones transferred from other devices
- Music: This contains music files downloaded from the Internet and those transferred from other devices
- Documents: This contains documents created using the device's applications, those downloaded from the Internet, and the ones transferred from other devices
- Calendar: This contains calendar entries and appointments
- Network communication: This contains GPS locations
- Maps: This contains looked-up directions, and searched and downloaded maps
- Social networking data: This contains data stored by applications, such as Facebook, Twitter, LinkedIn, Google+, and WhatsApp
- Deleted data: This contains information deleted from the phone
推薦閱讀
- Practical Network Scanning
- Penetration Testing with Perl
- 安全技術(shù)運(yùn)營:方法與實(shí)踐
- 代碼審計(jì):企業(yè)級Web代碼安全架構(gòu)
- Computer Forensics with FTK
- Learning Devise for Rails
- Digital Forensics with Kali Linux
- Kerberos域網(wǎng)絡(luò)安全從入門到精通
- 網(wǎng)絡(luò)安全設(shè)計(jì)、配置與管理大全
- 持續(xù)集成:軟件質(zhì)量改進(jìn)和風(fēng)險(xiǎn)降低之道
- 隱私計(jì)算:推進(jìn)數(shù)據(jù)“可用不可見”的關(guān)鍵技術(shù)
- 網(wǎng)絡(luò)安全實(shí)戰(zhàn)詳解(企業(yè)專供版)
- Cybersecurity Threats,Malware Trends,and Strategies
- 計(jì)算機(jī)網(wǎng)絡(luò)安全實(shí)驗(yàn)指導(dǎo)
- 網(wǎng)絡(luò)空間安全法律問題研究