- Amazon Student members save an additional 10% on Textbooks with promo code TEXTBOOK10. Enter code TEXTBOOK10 at checkout. Here's how (restrictions apply)
iPhone and iOS Forensics: Investigation, Analysis and Mobile Security for Apple iPhone, iPad and iOS Devices Paperback – Jun 16 2011
|New from||Used from|
Special Offers and Product Promotions
Customers Who Bought This Item Also Bought
No Kindle device required. Download one of the Free Kindle apps to start reading Kindle books on your smartphone, tablet, and computer.
To get the free app, enter your e-mail address or mobile phone number.
"...a must-have book for those who are professionally engaged in the practice of digital forensics. The book has a wealth of information, and one would not want to be cross-examined as an expert witness without having read this book first."--The Journal of Digital Forensics, Security and Law ,Vol. 8, No. 4, 2013
From the Back Cover
As sales and usage of iPhones increase so does the demand on organizations that conduct examinations on this device. iPhone and iOS Forensics takes an in-depth look at the core hardware and software components of an iPhone, file systems and data structures, data security considerations, and a detailed review of forensic acquisition techniques and strategies for the subsequent analysis required. A heavy emphasis on open source tools and step-by-step examples are a primary focus of this book.See all Product Description
Inside This Book(Learn More)
Most Helpful Customer Reviews on Amazon.com (beta)
This book provides a comprehensive view of the iOS forensics world. It handles the topic of acquisition in the manner that readers of good digital forensics books would expect. The authors speak clearly and at length about the various options to acquire data using a variety of methods that result in the logical and physical acquisition of data. They also spend an entire chapter on the topic of iOS data security which would likely be of great interest to those who aren't necessarily in the incident response and forensics world, but are interested in learning more about the security ramifications of introducing these devices into their environment. This book not only describes a variety of important security issues such as application security, but also provides recommended methods to best secure these devices.
It was the analytical portion of the book that I found to be the most impressive. The authors put forth an exemplary effort explaining the structure of the operating system and select applications using open source tools. I appreciated that the authors decision to handle the analytical portion of the book using an open source approach rather than teaching it through the prism of the paid tools. At times, this book felt like the iOS version of Digital Forensics with Open Source Tools given all of the references to classic open source tools like scalpel and The Sleuth Kit. Those who don't have the money for the more expensive commercial tools will appreciate this approach as they will be able to immediately implement what they are learning without being hobbled by lack of a tool budget.
The authors don't ignore the commercial tools, however. Chapter 7 is devoted to testing a wide variety of commercial tools against a test data set from a 3G iPhone. This section of the book is well done and provides the reader with a solid overview of the various tools along with a decent amount of screen shots. Unfortunately, the image quality of some the screenshots for my Kindle edition of the book (which I tested on several different devices) was sometimes lacking which caused me to remove a star from the review of the book. For example, the results for the testing of Cellebrite UFED were very difficult to read.
Taken as a whole, I strongly recommend this book to anyone who is interested in iOS digital forensics, incident response, and general security issues. My recommendation for anyone who is interested in the subject matter is to start with this book first and then decide if they need to read any other books. This book feels as close to one stop shopping as you will find at the present time which should help take the edge off the high price of the book.
The book is roughly three hundred pages without the index and ten pages of that are the Appendix A through C. Unlike other books the appendixes are extremely useful. Many times they are a collection of garbage to add pages, but these are quick reference pages for backup locations, useful tools for forensic investigation of iOS, and the system file structure of an iPhone. Which version the structure references I'm not sure, but most likely whatever was the latest at time of writing.
Of the content there were seven total chapters. I found all the chapters extremely helpful with the exception of the largest chapter. Chapter seven was a review of commercial tools available for forensic analysis of an iOS device. While this chapter was somewhat helpful it was a lot of repetitive data that I am not going to apply to use in most day to day forensic analysis cases.
While chapters one through four had very little in the way of forensics they were actually the most useful chapters in my opinion. The first chapter focused the basics of iphone, models, hardware etc.. and then went into the theory of mobile forensics and how to apply it to the rest of the book
Chapter two covered all the basic information that a forensic examiner may or may not already know and how these basic steps that many examiners might take for granted would apply to a potential investigation.
Chapter three covered the basic filesystem and structure of the iOS operating system. While it was basically a *nix based system this chapter goes over the basic differences in them.
Chapter four goes over the basic security that Apple has built into the iOS device. Covering the differences in the pin on the device and applying a password into a backup that is acquired through iTunes.
Chapter five cover acquiring and image of forensic data off of the device. My only disappointment was the lack of a real opensource option other than jailbreaking. While this is not a fault of the book a reader should not expect a "cheap" option other than jailbreaking. It does cover using a backup, but this does not give you access to the system files. So if you only need user data you should feel comfortable with this portion. If however you are required to examine the device for malicious software jailbreaking will be the only option that does not require payment and NDA.
Chapter six covers actually examining and analyzing the data that had been received in the previous chapter.
While overall this book is excellent as a source for forensic analysis of an iOS device there is very little to compare it to. Not taking anything away from this book, it is by far an excellent source of information and if you ever believe you may have to examine an Apple device I would recommend you have a copy of this book on your shelf.
Look for similar items by category
- Books > Computers & Technology > Apple > Databases
- Books > Computers & Technology > Certification Central > Exams > Security+
- Books > Computers & Technology > Databases
- Books > Computers & Technology > Networking & Cloud Computing > Network Administration
- Books > Computers & Technology > Security & Encryption > Forensics
- Books > Textbooks > Computer Science & Information Systems > Computer Science
- Books > Textbooks > Computer Science & Information Systems > Database Storage & Design