Mobile forensic investigations : a guide to evidence collection, analysis, and presentation / Lee Reiber

Includes index.

Introduction -- CHAPTER 1 Introduction to the World of Mobile Device Forensics -- A Brief History of the Mobile Device -- Martin Cooper -- Size Evolution -- Data Evolution -- Storage Evolution -- Mobile Device Data: The Relevance Today -- Mobile Devices in the Media -- The Overuse of the Word "Forensic" -- Write Blockers and Mobile Devices -- Mobile Device Technology and Mobile Forensics -- From Data Transfer to Data Forensics -- Processes and Procedures Examination Awareness and Progression -- Data Storage Points -- Mobile Technology Acronyms -- Mobile Device -- SIM -- Media Storage Cards -- Mobile Device Backups -- Educational Resources -- Phone Scoop -- GSMArena -- Forums -- Preparing for Your Journey -- Chapter Summary -- CHAPTER 2 Mobile Devices vs. Computer Devices in the World of Forensics -- Computer Forensics Defined -- International Association of Computer Investigative Specialists (IACIS) -- International Society of Forensic Computer Examiners (ISFCE) -- Applying Forensic Processes and Procedures -- Seizure -- Collection Analysis/Examination -- Presentation -- Approach to Mobile Device Forensics -- NIST and Mobile Forensics -- Process and Procedure -- Standard Operating Procedure Document -- Purpose and Scope -- Definitions -- Equipment/Materials -- General Information -- Procedure -- References/Documents -- Successful SOP Creation and Execution -- Creation of a Workflow -- Specialty Mobile Forensic Units -- Forensic Software -- Common Misconceptions -- Seasoned Computer Forensics Examiners' Misconceptions -- First Responders' Misconceptions -- Chapter Summary CHAPTER 3 Collecting Mobile Devices, USB Drives, and Storage Media at the Scene -- Lawful Device Seizure -- Before the Data Seizure -- Fourth Amendment Rights -- The Supreme Court and Mobile Device Data Seizure -- Warrantless Searches -- Location to Be Searched: Physical Location -- Location to Be Searched: Mobile Device -- Securing the Scene -- Data Volatility at the Scene -- Asking the Right Questions -- Examining the Scene for Evidence -- USB Drives -- Chargers and USB Cables -- SD Cards -- SIM Cards -- Older Mobile Devices -- Personal Computers -- Once You Find It, What's Next? Inventory and Location -- Data Collection: Where and When -- Chapter Summary -- CHAPTER 4 Preparing, Protecting, and Seizing Digital Device Evidence -- Before Seizure: Understanding Mobile Device Communication -- Cellular Communication -- Bluetooth Communication -- Wi-Fi Communication -- Near Field Communication -- Understanding Mobile Device Security -- Apple iOS Devices -- Android Devices -- Windows Mobile and Windows Phone -- BlackBerry Devices -- Photographing the Evidence at the Scene -- Tagging and Marking Evidence -- Documentating the Evidence at the Scene -- Mobile Device.

Conduct mobile forensic investigations that are legal, ethical, and highly effective using the detailed information contained in this practical guide. The book explains the latest tools and methods along with features, examples, and real-world case studies. Find out how to assemble a mobile forensics lab, collect prosecutable evidence, uncover hidden files, and lock down the chain of custody. This comprehensive resource shows not only how to collect and analyze mobile device data but also how to accurately document your investigations to deliver court-ready documents. Legally seize mobile devices, USB drives, SD cards, and SIM cards, uncover sensitive data through both physical and logical techniques, properly package, document, transport, and store evidence, work with free, open source, and commercial forensic software, perform a deep dive analysis of iOS, Android, and Windows Phone file systems, extract evidence from application, cache, and user storage files, extract and analyze data from IoT devices, drones, wearables, and infotainment systems, build SQLite queries and Python scripts for mobile device file interrogation and prepare reports that will hold up to judicial and defense scrutiny.