Mobile Digital Forensics: Investigation and Analysis Report
VerifiedAdded on  2020/03/16
|13
|2843
|298
Report
AI Summary
This report provides a comprehensive overview of mobile digital forensics, encompassing investigative procedures, techniques for digital evidence processing, and in-depth analysis methods. It begins with an introduction to the purpose and scope of mobile forensics, emphasizing the challenges of securing digital evidence from mobile devices like smartphones and tablets. The report details investigative procedures, including methods to gather information from device owners and service providers. It then explores various techniques involved in digital evidence processing, such as assessment, acquisition, examination, and reporting. The core of the report focuses on evidence analysis, outlining the steps involved in preparation, extraction (physical and logical), and the analysis of extracted data, including timeframe analysis, data hiding analysis, and application/file analysis. Furthermore, the report delves into the evaluation and findings of mobile forensics, discussing the role of intelligence in digital forensics and the use of forensic tools like Oxygen Forensic Suite. The report concludes by summarizing key findings and emphasizing the importance of mobile forensics in modern investigations. This report offers valuable insights into the evolving field of mobile forensics and the critical role it plays in uncovering digital evidence.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Mobile digital forensics
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Executive summary
The digital forensic community faces the challenges to operate latest technologies which
assist to expose clues at the time of investigation. Cellular device are commonly used in our
society for the purpose of personal and professional. When cellular device is detect during an
investigation process many queries will arise: what is the best procedure to secure the evidence?
How should mobile device will manage? How should the potential data exist in the device be
refined or extracted? The key reply of the questions stars with understanding of hardware and
software feature of device. This will guide the method for acquisition, examination, analysis, and
reporting of digital evidence. The organization must use these guide as an initial task for creating
a forensic ability in conjunction with appropriate professional training that is promoted by legal
authority and management.
1
The digital forensic community faces the challenges to operate latest technologies which
assist to expose clues at the time of investigation. Cellular device are commonly used in our
society for the purpose of personal and professional. When cellular device is detect during an
investigation process many queries will arise: what is the best procedure to secure the evidence?
How should mobile device will manage? How should the potential data exist in the device be
refined or extracted? The key reply of the questions stars with understanding of hardware and
software feature of device. This will guide the method for acquisition, examination, analysis, and
reporting of digital evidence. The organization must use these guide as an initial task for creating
a forensic ability in conjunction with appropriate professional training that is promoted by legal
authority and management.
1
Table of Contents
1. Introduction.......................................................................................................................................3
2. Investigative Procedures...................................................................................................................3
3. Techniques involved in digital evidence processing........................................................................4
4. Evidence Analysis..............................................................................................................................5
5. Evaluation and findings of mobile forensic......................................................................................7
6. Conclusion........................................................................................................................................10
References................................................................................................................................................11
2
1. Introduction.......................................................................................................................................3
2. Investigative Procedures...................................................................................................................3
3. Techniques involved in digital evidence processing........................................................................4
4. Evidence Analysis..............................................................................................................................5
5. Evaluation and findings of mobile forensic......................................................................................7
6. Conclusion........................................................................................................................................10
References................................................................................................................................................11
2
1. Introduction
1.1 Purpose and scope
This research offers the fundamental information about mobile forensic tools. The
preservation, examination, analysis and reporting of digital evidence exist on cellular device
(Baggili, 2011). This data is related with enforcement law and other kind of research. This study
mainly concentrates on the characteristic of mobile device such as mobile phone, smart phone,
tablet and other handheld device. It aim to address the common area that is analyzed by security
staff of group and law enforcement researchers which involves electronic digital information
residing on handheld devices (Morrissey, 2010). This will intended to achieve existing
instruction and investigate deeply about the problem in cellular phone and its research and
findings. The models and procedure in this mobile forensic study is considered as the best
practices. Readers are proposed to execute the suggested practices after the management
collaboration and legal executive for rules and regulation.
2. Investigative Procedures
Procedures involved in investigation which need no forensic hardware or software tools. The
following methods are used for investigation:
Ask the Admin
Get the information from the mobile owner whether the device is well secure with PIN,
password and other authentication method (Li, 2010). The owner may investigate for this data at
the time of interview.
Analysis of captured information
PIN may be exposed by mistake in case of written in a slip or kept near the phone or
computer require to synchronize with mobile phones or with the mobile owners. This will
discover through visual analysis (Hoog, 2011). To reset the password, UICC or cellular phone
assist to attached with Pin Unlocking Key (PUK). Device vulnerabilities called smudge attack
are exploited. This attack is used for examining the occurrence of current gesture lock.
3
1.1 Purpose and scope
This research offers the fundamental information about mobile forensic tools. The
preservation, examination, analysis and reporting of digital evidence exist on cellular device
(Baggili, 2011). This data is related with enforcement law and other kind of research. This study
mainly concentrates on the characteristic of mobile device such as mobile phone, smart phone,
tablet and other handheld device. It aim to address the common area that is analyzed by security
staff of group and law enforcement researchers which involves electronic digital information
residing on handheld devices (Morrissey, 2010). This will intended to achieve existing
instruction and investigate deeply about the problem in cellular phone and its research and
findings. The models and procedure in this mobile forensic study is considered as the best
practices. Readers are proposed to execute the suggested practices after the management
collaboration and legal executive for rules and regulation.
2. Investigative Procedures
Procedures involved in investigation which need no forensic hardware or software tools. The
following methods are used for investigation:
Ask the Admin
Get the information from the mobile owner whether the device is well secure with PIN,
password and other authentication method (Li, 2010). The owner may investigate for this data at
the time of interview.
Analysis of captured information
PIN may be exposed by mistake in case of written in a slip or kept near the phone or
computer require to synchronize with mobile phones or with the mobile owners. This will
discover through visual analysis (Hoog, 2011). To reset the password, UICC or cellular phone
assist to attached with Pin Unlocking Key (PUK). Device vulnerabilities called smudge attack
are exploited. This attack is used for examining the occurrence of current gesture lock.
3
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Ask the service provider
ICCID identifier get from GSM device and request the PUK from the service launcher and
reset the PIN if a GSM Cellular device is secured with Password enabled UICC. The service
launcher promotes the mechanism to retrieve the PUK by entering the numbers of cellular device
and particular subscriber data to universal web sites build for this type of principle (Phillips &
Enfinger, 2009). The data reveal by contacting mobile manufacturer. Cellular phone users do
prefer weak pin to protect their device in the form of 1-1-1-1, 0-0- 0-0 or 1-2-3-4. This format is
not fully prescribed try to unlock a device applying those compounds for various threat
determinant. This might leads to constant loss of mobile memory, permit advanced security
techniques for example PUK or PIN and initiating destructive operation. Before applying the
attempts to unlocking a cellular phones, it is suggested to consider the time of attempts left over.
Instance has to be considered where an analyzer may prefer to take this risk. This is the only
solution for information extraction.
3. Techniques involved in digital evidence processing
These all are the techniques or methods used to processed the digital evidence, they are
1. Assessment
Mobile forensics analyzer should determine complete processing of digital evidence along with
the capacity consideration case to estimate the consequent activities that has to be consider
(Gladyshev & Rogers, 2012).
2. Acquisition
Digital evidence is generally simple, altered, broken or damage due to inappropriate examination
and maintenance. Analysis is the best management for the intimation of original evidence. This
original evidence should be revealed with the secured way of evidence integrity.
3. Examination
Analysis process targets to extracts and analysis of digital evidence. The extraction refers to
rehabilitation of data from media. Analysis refers to the concept of gathered information which
has to be stored into the database for future plan.
4. Documenting and reporting
4
ICCID identifier get from GSM device and request the PUK from the service launcher and
reset the PIN if a GSM Cellular device is secured with Password enabled UICC. The service
launcher promotes the mechanism to retrieve the PUK by entering the numbers of cellular device
and particular subscriber data to universal web sites build for this type of principle (Phillips &
Enfinger, 2009). The data reveal by contacting mobile manufacturer. Cellular phone users do
prefer weak pin to protect their device in the form of 1-1-1-1, 0-0- 0-0 or 1-2-3-4. This format is
not fully prescribed try to unlock a device applying those compounds for various threat
determinant. This might leads to constant loss of mobile memory, permit advanced security
techniques for example PUK or PIN and initiating destructive operation. Before applying the
attempts to unlocking a cellular phones, it is suggested to consider the time of attempts left over.
Instance has to be considered where an analyzer may prefer to take this risk. This is the only
solution for information extraction.
3. Techniques involved in digital evidence processing
These all are the techniques or methods used to processed the digital evidence, they are
1. Assessment
Mobile forensics analyzer should determine complete processing of digital evidence along with
the capacity consideration case to estimate the consequent activities that has to be consider
(Gladyshev & Rogers, 2012).
2. Acquisition
Digital evidence is generally simple, altered, broken or damage due to inappropriate examination
and maintenance. Analysis is the best management for the intimation of original evidence. This
original evidence should be revealed with the secured way of evidence integrity.
3. Examination
Analysis process targets to extracts and analysis of digital evidence. The extraction refers to
rehabilitation of data from media. Analysis refers to the concept of gathered information which
has to be stored into the database for future plan.
4. Documenting and reporting
4
Examination and agreement should documented through the forensic evidence. This will
conclude the development of a written statement suggestion.
4. Evidence Analysis
The principle of mobile forensic apply when examining the digital evidence. There are
several types of media required different type of analyses method. Analysis of digital evidence
should be practice for this scope (Peterson & Shenoi, 2012). There are few levels involved when
performing the evidence examination, they are
Step 1. Preparation
Develop the enabled directories for the purpose of discovering and extracting the
evidence document and information
Step 2. Extraction
There are two type of extraction involved in this, they are physical extraction and logical
extraction. The physical extraction used to found and store the data on physical drive. The
logical extraction discovers and store the data which is based on installed OS and file system.
Physical extraction
At the time of physical extraction, the data form the drive show at the physical drive will
not considered the file system available on the drive. This may involve following methods such
as keyword searching, carving the document and extracting the partition table.
ï‚· The performance of keyword searching in physical drive is very useful for the
purpose of allowing the analyzer to extract the data which do not assume by the
operating system.
ï‚· The file carving techniques on physical drive may assist to recover and refining the
useful document which does not assumed by operating system or file system.
ï‚· Examining the design of partition may found the availability of file system and
examine if the entire memory of hard disk is considered for.
Logical extraction
At the time of logical extraction from physical drive based on availability of file system on
drive where it invokes the resources from files, deleted data and unallocated memory resources.
This state include the followings.
5
conclude the development of a written statement suggestion.
4. Evidence Analysis
The principle of mobile forensic apply when examining the digital evidence. There are
several types of media required different type of analyses method. Analysis of digital evidence
should be practice for this scope (Peterson & Shenoi, 2012). There are few levels involved when
performing the evidence examination, they are
Step 1. Preparation
Develop the enabled directories for the purpose of discovering and extracting the
evidence document and information
Step 2. Extraction
There are two type of extraction involved in this, they are physical extraction and logical
extraction. The physical extraction used to found and store the data on physical drive. The
logical extraction discovers and store the data which is based on installed OS and file system.
Physical extraction
At the time of physical extraction, the data form the drive show at the physical drive will
not considered the file system available on the drive. This may involve following methods such
as keyword searching, carving the document and extracting the partition table.
ï‚· The performance of keyword searching in physical drive is very useful for the
purpose of allowing the analyzer to extract the data which do not assume by the
operating system.
ï‚· The file carving techniques on physical drive may assist to recover and refining the
useful document which does not assumed by operating system or file system.
ï‚· Examining the design of partition may found the availability of file system and
examine if the entire memory of hard disk is considered for.
Logical extraction
At the time of logical extraction from physical drive based on availability of file system on
drive where it invokes the resources from files, deleted data and unallocated memory resources.
This state include the followings.
5
ï‚· Data extraction of file system contains the characteristic such as directory structure,
attributes of file, file name, data and time of the file, file size and location.
ï‚· Removal of data is the process of determining and removing file through the interrelation
of calculated hash value into the authenticated values.
ï‚· Restoring the deleted files
ï‚· Extracting the encrypted data, secured password and compressed file.
ï‚· Refinement of file slack
ï‚· Refinement of unallocated memory.
Step 3. Analysis of extracted data
Examination is consequent process of read the extracted data to analyses the essential factors.
The examination is performed by time frame analysis, application and file analysis, data hiding
analysis. This analysis required an Enquiry of device request, searching and discovering the legal
authority of digital evidence.
I. Timeframe analysis
It is useful for analyzing the events located on a system. There are two types of
techniques are,
ï‚· Monitor the date and time stamp which is avail in the file system (Meta data) such
as recent modified file, recent accessed file and developed to connect the file for
timeframe related to investigation.
ï‚· Monitor the available system and app logs. These will contain the installation
logs, error logs, and security and connection logs.
II. Data hiding analysis
Data hiding analysis referred the data will enclosed with the system. This is useful for
determining and resuming the data. Methods involved:
ï‚· To determining the mismatches require to combine the resources headers as a file
extension.
ï‚· Performing the connection to encrypted file, protected PIN and compressed zip
file to reveal the attempt to secure the data from unauthorized user.
ï‚· Steganography
ï‚· Performing access to host-protected area. The availability of user-discovered
information with HPA may indicate attempt to cover data.
6
attributes of file, file name, data and time of the file, file size and location.
ï‚· Removal of data is the process of determining and removing file through the interrelation
of calculated hash value into the authenticated values.
ï‚· Restoring the deleted files
ï‚· Extracting the encrypted data, secured password and compressed file.
ï‚· Refinement of file slack
ï‚· Refinement of unallocated memory.
Step 3. Analysis of extracted data
Examination is consequent process of read the extracted data to analyses the essential factors.
The examination is performed by time frame analysis, application and file analysis, data hiding
analysis. This analysis required an Enquiry of device request, searching and discovering the legal
authority of digital evidence.
I. Timeframe analysis
It is useful for analyzing the events located on a system. There are two types of
techniques are,
ï‚· Monitor the date and time stamp which is avail in the file system (Meta data) such
as recent modified file, recent accessed file and developed to connect the file for
timeframe related to investigation.
ï‚· Monitor the available system and app logs. These will contain the installation
logs, error logs, and security and connection logs.
II. Data hiding analysis
Data hiding analysis referred the data will enclosed with the system. This is useful for
determining and resuming the data. Methods involved:
ï‚· To determining the mismatches require to combine the resources headers as a file
extension.
ï‚· Performing the connection to encrypted file, protected PIN and compressed zip
file to reveal the attempt to secure the data from unauthorized user.
ï‚· Steganography
ï‚· Performing access to host-protected area. The availability of user-discovered
information with HPA may indicate attempt to cover data.
6
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
III. Application and file analysis
The programs and resources are determined (Li, 2010). This will contain the information
relevant to the analysis and provide awareness about the system ability and user data
(Tahiri, 2016). The result of this analysis indicate advance stage that need to design in the
extraction and examination process. For example:
 Checking the file name for patterns and applicability.
 Determine the content of the file.
 Determine the type of operating system.
 Correlate the data with the already installed application.
 Review the relationship between the resources and files for example comparing
history in the internet to cache file and mail file for email attachments.
 Determine the unknown resources types for estimate their gain for the analysis.
 Evaluating the default storage location of the users’ for application and
structure of the file drive to analyses if the resource has been collected in their
alternative or default location.
 Evaluate user-configuration settings in application.
5. Evaluation and findings of mobile forensic
5.1 Intelligence Mobile Forensic
It is an inter-disciplinary technique used for technology advancement and performing the
resources in intelligent way to resolve the enquiry (Barrett & Kipper, 2011). It encompasses with
certain range of tools and methods which integrate from artificial intelligence and analysis of
social networking in order to concentrate on digital evidence and deduct the time that spend for
digital evidence (Lillard, 2010).
The proactive benefits of intelligent forensic on mobile device seeks to discover the threats
in advance of an event take place (Blackstone, n.d.). The benefits of intelligent forensics methods
is used for the valid investigation process to offer more intelligence that can assist the complete
analysis of data sources. A techniques involved in this juncture named as SNA (Social Network
7
The programs and resources are determined (Li, 2010). This will contain the information
relevant to the analysis and provide awareness about the system ability and user data
(Tahiri, 2016). The result of this analysis indicate advance stage that need to design in the
extraction and examination process. For example:
 Checking the file name for patterns and applicability.
 Determine the content of the file.
 Determine the type of operating system.
 Correlate the data with the already installed application.
 Review the relationship between the resources and files for example comparing
history in the internet to cache file and mail file for email attachments.
 Determine the unknown resources types for estimate their gain for the analysis.
 Evaluating the default storage location of the users’ for application and
structure of the file drive to analyses if the resource has been collected in their
alternative or default location.
 Evaluate user-configuration settings in application.
5. Evaluation and findings of mobile forensic
5.1 Intelligence Mobile Forensic
It is an inter-disciplinary technique used for technology advancement and performing the
resources in intelligent way to resolve the enquiry (Barrett & Kipper, 2011). It encompasses with
certain range of tools and methods which integrate from artificial intelligence and analysis of
social networking in order to concentrate on digital evidence and deduct the time that spend for
digital evidence (Lillard, 2010).
The proactive benefits of intelligent forensic on mobile device seeks to discover the threats
in advance of an event take place (Blackstone, n.d.). The benefits of intelligent forensics methods
is used for the valid investigation process to offer more intelligence that can assist the complete
analysis of data sources. A techniques involved in this juncture named as SNA (Social Network
7
Analysis) and AI (Artificial Intelligence). Intelligence of Digital forensic will worn from the
activities of intelligence and through the regular inspection where the intelligence restore in
databases. Intelligence database with this kind of forensic domain for the object of UK National
DNA Database, IDENT1 which is known as National Fingerprint database of UK and the IAFIS
called as USA Integrated Automated Fingerprint Identification system (Genesereth, 2010). The
following databases are represents the comparison between evidence and intelligence. It does not
having evidence but it will share effective solution for digital crimes that has not reveal at the
certain period that similar access were combine with the database (Weerasinghe, 2010).
The solution involved in this intelligent forensic addressing the difficulties evolve in big
data sources of digital evidence or speeding up the process of tools for the purpose of
investigation and intelligence forensics (Lai, Gu, Jin, Wang & Li, 2011). This will enhance
techniques and processes which enable the information to discover queries and data to discover
data.
5.2 Mobile Forensic Tool for Investigation
Forensic tools are help to maintain the conventional investigation case need by dispatch huge
amount of applicable devices (Peterson & Shenoi, 2014). The recovery of deleted data form the
device memory require the advance tool and knowledge acquired for devices. The characteristics
offered such as bookmarking, searching and reporting ability may alter significantly. Tools
should be validated to assure with acceptability and practice when updates is exist. Tool
validation need to determine a set of data where the acquisition procedure to gather the test data
and assessing the result (Taiwo, 2010). The important feature of forensic tools has the ability to
manage the integrity of original data being extracting the information. There are some of the
cellular device tools used for digital investigation.
I. Oxygen Forensic Suite
This will determining the investigation of oxygen forensic suit to examine the
information such as IMSI, ICCID, and IMEI in mobile device that must use in crime
investigation. This type of procedure includes whatsapp fraudulent (International journal
of digital crime and forensics, 2010). So, the whatsapp text data is find. The Oxygen
Forensic Suite tool is used as freeware which is limited on amount of data that will be
8
activities of intelligence and through the regular inspection where the intelligence restore in
databases. Intelligence database with this kind of forensic domain for the object of UK National
DNA Database, IDENT1 which is known as National Fingerprint database of UK and the IAFIS
called as USA Integrated Automated Fingerprint Identification system (Genesereth, 2010). The
following databases are represents the comparison between evidence and intelligence. It does not
having evidence but it will share effective solution for digital crimes that has not reveal at the
certain period that similar access were combine with the database (Weerasinghe, 2010).
The solution involved in this intelligent forensic addressing the difficulties evolve in big
data sources of digital evidence or speeding up the process of tools for the purpose of
investigation and intelligence forensics (Lai, Gu, Jin, Wang & Li, 2011). This will enhance
techniques and processes which enable the information to discover queries and data to discover
data.
5.2 Mobile Forensic Tool for Investigation
Forensic tools are help to maintain the conventional investigation case need by dispatch huge
amount of applicable devices (Peterson & Shenoi, 2014). The recovery of deleted data form the
device memory require the advance tool and knowledge acquired for devices. The characteristics
offered such as bookmarking, searching and reporting ability may alter significantly. Tools
should be validated to assure with acceptability and practice when updates is exist. Tool
validation need to determine a set of data where the acquisition procedure to gather the test data
and assessing the result (Taiwo, 2010). The important feature of forensic tools has the ability to
manage the integrity of original data being extracting the information. There are some of the
cellular device tools used for digital investigation.
I. Oxygen Forensic Suite
This will determining the investigation of oxygen forensic suit to examine the
information such as IMSI, ICCID, and IMEI in mobile device that must use in crime
investigation. This type of procedure includes whatsapp fraudulent (International journal
of digital crime and forensics, 2010). So, the whatsapp text data is find. The Oxygen
Forensic Suite tool is used as freeware which is limited on amount of data that will be
8
refined. Figure. 1 represents the data that will assist the examiner to discover the primary
evidence which is needed
II. UFED Physical Analyzer
UDED tool is used in forensic analysis is not the end. Most of the forensic experts
recommending enormous number of tools for extracting detailed evidences that will be produced
in the court (Widup, 2014). The android phones, tablets and other apple devices approved by
using UFEFD physical analyzer widen the search evidence. Data exist in the smartphone was
extracted by the software. The software will refined the analytical data that helps the forensic
analysis include message history and call logs. The Artefact represents the installation of
whatsapp in smartphone are represented in Fig. 2.
9
evidence which is needed
II. UFED Physical Analyzer
UDED tool is used in forensic analysis is not the end. Most of the forensic experts
recommending enormous number of tools for extracting detailed evidences that will be produced
in the court (Widup, 2014). The android phones, tablets and other apple devices approved by
using UFEFD physical analyzer widen the search evidence. Data exist in the smartphone was
extracted by the software. The software will refined the analytical data that helps the forensic
analysis include message history and call logs. The Artefact represents the installation of
whatsapp in smartphone are represented in Fig. 2.
9
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
6. Conclusion
Procedure involved for performing forensic examination should organize with appropriate
guidance for maintaining evidence. Firstly, the mobile application issues that analyzing the
suspected device should perform using android forensic software tools such as oxygen forensic
suite and UFED tools. Analysis of extracted information from testing tools with logs from
Internet service provider must be related and discovering the reported. The devices with IMEI,
IMSI and ICCID number as well as SIM card will be related with significant logs. This research
provides the data about mobile forensic tools and it focuses to address the common field which is
investigated by security employee of organization and law prosecution investigators are
discussed.
10
Procedure involved for performing forensic examination should organize with appropriate
guidance for maintaining evidence. Firstly, the mobile application issues that analyzing the
suspected device should perform using android forensic software tools such as oxygen forensic
suite and UFED tools. Analysis of extracted information from testing tools with logs from
Internet service provider must be related and discovering the reported. The devices with IMEI,
IMSI and ICCID number as well as SIM card will be related with significant logs. This research
provides the data about mobile forensic tools and it focuses to address the common field which is
investigated by security employee of organization and law prosecution investigators are
discussed.
10
References
Baggili, I. (2011). Digital Forensics and Cyber Crime. Berlin, Heidelberg: Springer Berlin
Heidelberg.
Barrett, D., & Kipper, G. (2011). Virtualization and forensics. Oxford: Elsevier.
Blackstone, W. Commentaries on the laws of England.
Genesereth, M. (2010). Intelligent privacy management. Menlo Park, Calif: AAAI Press.
Gladyshev, P., & Rogers, M. (2012). Digital forensics and cybercrime. Berlin: Springer.
Hoog, A. (2011). Android forensics. Waltham, MA: Syngress.
International journal of digital crime and forensics. (2010). Hershey.
Lai, X., Gu, D., Jin, B., Wang, Y., & Li, H. (2011). Forensics in Telecommunications,
Information, and Multimedia. Berlin, Heidelberg: Springer Berlin Heidelberg.
Li, C. (2010). Handbook of research on computational forensics, digital crime, and
investigation. Hershey, PA: Information Science Reference.
Lillard, T. (2010). Digital forensics for network, internet, and cloud computing. Amsterdam
[u.a.]: Syngress/Elsevier.
Morrissey, S. (2010). IOS Forensic Analysis for iPhone, iPad, and iPod touch. Berkeley, CA:
Sean Morrissey.
Peterson, G., & Shenoi, S. (2014). Advances in Digital Forensics X. Berlin, Heidelberg: Springer
Berlin Heidelberg.
Phillips, N., & Enfinger, S. (2009). Guide to computer forensics and investigations. Clifton Park,
N.Y.: Delmar.
Tahiri, S. (2016). Mastering Mobile Forensics. Packt Publishing.
11
Baggili, I. (2011). Digital Forensics and Cyber Crime. Berlin, Heidelberg: Springer Berlin
Heidelberg.
Barrett, D., & Kipper, G. (2011). Virtualization and forensics. Oxford: Elsevier.
Blackstone, W. Commentaries on the laws of England.
Genesereth, M. (2010). Intelligent privacy management. Menlo Park, Calif: AAAI Press.
Gladyshev, P., & Rogers, M. (2012). Digital forensics and cybercrime. Berlin: Springer.
Hoog, A. (2011). Android forensics. Waltham, MA: Syngress.
International journal of digital crime and forensics. (2010). Hershey.
Lai, X., Gu, D., Jin, B., Wang, Y., & Li, H. (2011). Forensics in Telecommunications,
Information, and Multimedia. Berlin, Heidelberg: Springer Berlin Heidelberg.
Li, C. (2010). Handbook of research on computational forensics, digital crime, and
investigation. Hershey, PA: Information Science Reference.
Lillard, T. (2010). Digital forensics for network, internet, and cloud computing. Amsterdam
[u.a.]: Syngress/Elsevier.
Morrissey, S. (2010). IOS Forensic Analysis for iPhone, iPad, and iPod touch. Berkeley, CA:
Sean Morrissey.
Peterson, G., & Shenoi, S. (2014). Advances in Digital Forensics X. Berlin, Heidelberg: Springer
Berlin Heidelberg.
Phillips, N., & Enfinger, S. (2009). Guide to computer forensics and investigations. Clifton Park,
N.Y.: Delmar.
Tahiri, S. (2016). Mastering Mobile Forensics. Packt Publishing.
11
Taiwo, O. (2010). Handbook of research on discourse behavior and digital communication.
Hershey, Pa.: Information Science Reference.
Weerasinghe, D. (2010). Information security and digital forensics. Berlin: Springer-Verlag.
Widup, S. (2014). Computer forensics and digital investigation with EnCase Forensic v7. New
York: McGraw-Hill Education.
12
Hershey, Pa.: Information Science Reference.
Weerasinghe, D. (2010). Information security and digital forensics. Berlin: Springer-Verlag.
Widup, S. (2014). Computer forensics and digital investigation with EnCase Forensic v7. New
York: McGraw-Hill Education.
12
1 out of 13
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.