About the Book
A practical guide to analyzing iOS devices with the latest forensics tools and techniques
About This Book
• This book is a comprehensive update to Learning iOS Forensics
• This practical book will not only cover the critical aspects of digital forensics, but also mobile forensics
• Whether you're a forensic analyst or an iOS developer, there's something in this book for you
• The authors, Mattia Epifani and Pasquale Stirparo, are respected members of the community, they go into extensive detail to cover critical topics
Who This Book Is For
The book is for digital forensics analysts, incident response analysts, IT security experts, and malware analysts. It would be beneficial if you have basic knowledge of forensics
What You Will Learn
• Identify an iOS device between various models (iPhone, iPad, iPod Touch) and verify the iOS version installed
• Crack or bypass the protection passcode chosen by the user
• Acquire, at the most detailed level, the content of an iOS Device (physical, advanced logical, or logical)
• Recover information from a local backup and eventually crack the backup password
• Download back-up information stored on iCloud
• Analyze system, user, and third-party information from a device, a backup, or iCloud
• Examine malicious apps to identify data and credential thefts
In Detail
Mobile forensics is used within many different domains, but is chiefly employed in the field of information security. By understanding common attack vectors and vulnerability points, security professionals can develop measures and examine system architectures to harden security on iOS devices. This book is a complete manual on the identification, acquisition, and analysis of iOS devices, updated to iOS 8 and 9.
You will learn by doing, with various case studies. The book covers different devices, operating system, and apps. There is a completely renewed section on third-party apps with a detailed analysis of the most interesting artifacts. By investigating compromised devices, you can work out the identity of the attacker, as well as what was taken, when, why, where, and how the attack was conducted. Also you will learn in detail about data security and application security that can assist forensics investigators and application developers. It will take hands-on approach to solve complex problems of digital forensics as well as mobile forensics.
Style and approach
This book provides a step-by-step approach that will guide you through one topic at a time.
This intuitive guide focuses on one key topic at a time. Building upon the acquired knowledge in each chapter, we will connect the fundamental theory and practical tips by illustrative visualizations and hands-on code examples.
About the Author :
Mattia Epifani (@mattiaep) is the CEO at Reality Net-System Solutions, an Italian consulting company involved in InfoSec and digital forensics.
He works as a digital forensics analyst for judges, prosecutors, lawyers, and private companies. He is a court witness and digital forensics expert.
He obtained a university degree in computer science in Genoa, Italy, and a postgraduate specialization course in computer forensics and digital investigations in Milan, Italy. Over the last few years, he obtained several certifications in digital forensics and ethical hacking (GCFA, GREM, GNFA, GCWN, GMOB, CIFI, CEH, CHFI, ACE, AME, ECCE, CCE, and MPSC) and attended several SANS classes (computer forensics and incident response, Windows memory forensics, mobile device security and ethical hacking, reverse engineering malware, smartphone forensics, Mac forensics, securing Windows, and network forensics analysis).
He speaks regularly on digital forensics at different Italian and European universities (Genoa, Milano, Roma, Bolzano, Pescara, Salerno, Campobasso, Camerino, Pavia, Savona, Catania, Lugano, Como, and Modena e Reggio Emilia) and events (DFRWS, SANS European Digital Forensics Summit, Security Summit, IISFA Forum, DEFT Conference, and DFA Open Day). He is a member of CLUSIT, DFA, IISFA, ONIF, and Tech and Law Center, and the author of various articles on scientific publications about digital forensics. More information is available on his LinkedIn profile (http://www.linkedin.com/in/mattiaepifani). Pasquale Stirparo (@pstirparo) is currently working as a cyber threat intelligence and incident response engineer at a Fortune 500 company. Prior to this, among other positions, Pasquale has also worked at the Joint Research Centre (JRC) of the European Commission as a digital forensics and mobile security researcher, with particular interest in the security and privacy issues related to mobile device communication protocols, mobile applications, mobile malware, and cybercrime. Since 2016, he has been appointed to the Advisory Group on Internet Security at the European Cyber Crime Center (EC3) of Europol and is an incident handler with the SANS Internet Storm Center (ISC). Pasquale has also been involved in the standardization of Digital Forensics as a contributor (the first in Italy) to the development of the standard “ISO/IEC 27037: Guidelines for identification, collection and/or acquisition and preservation of digital evidence”, for which he led the WG ISO27037 for the Italian National Body in 2010.
He is the author of many scientific publications and has also been invited as a speaker at several national and international conferences and seminars on Digital Forensics and as a lecturer on the same subject for the Polytechnic of Milano (CEFRIEL) and the United Nations (UNICRI). Pasquale holds a Ph.D. in Computer Security from the Royal Institute of Technology (KTH) of Stockholm and a M.Sc. in Computer Engineering from the Polytechnic of Torino, and is certified with GCFA, GREM, OPST, OWSE, and ECCE. More information is available on his LinkedIn personal profile (https://www.linkedin.com/in/pasqualestirparo).
