Advanced Smartphone Forensics
Perfect your Mobile Forensic skills
- Background knowledge on operating systems, encryption and other security mechanisms
- Advanced data extraction techniques
- Dealing with sensitive points in the forensic analysis (location data, timestamps, etc.)
- Professional search in large amounts of data by using regular expressions
- Continuous update of contents, depending on market developments
Why should you attend this training?
Do you want to get a better grasp on the correct interpretation of location data, time stamps, etc.? Your forensic toolkit lets you down and you are looking for more options? You want to gain detailed knowledge about the functionality of mobile operating systems and security mechanisms in smartphones? The Advanced Smartphone Forensics is a training for mobile forensic professionals who want to sharpen their knowledge and gain advanced techniques for mobile device extraction and analysis.
This training is aimed at experienced forensic professionals who are familiar with the extraction and analysis of mobile devices with Cellebrite UFED, MSAB XRY or similar toolkits. The training teaches valuable background knowledge, the correct interpretation of complex data, as well as advanced techniques that go beyond the capabilities of common forensic toolkits.
The training includes:
- Demo smartphones
- Exercises with solutions
- Exams
- Certificates
- Participant guide with detailed description of all training content (includes step-by-step instruction and examples)
Contents:
The training contents are continously updated, therefore we ask you to contact us if you are interested in this training to ensure that you are up-to-date.
- Android architecture and security concept
- Filesystem structure
- Android Update: Lifecycle
- Forensic possibilities
- iOS architecture and security concept
- Filesystem structure
- Particularities analysing iOS devices
- Forensic possibilities
- Rooting and service modes
- Bootloaders and TWRP
- JTAG, ISP and Chip-Off
- Introduction into Cloud
- Functionality of a cloud network
- Forensic obstacles and opportunities
- Possibilities to extract cloud data
- Current situation
- Unlocking options for:
- Android
- iOS
- Windows & Blackberry
- Correct interpretation of time stamps
- Identification of manipulations
- Case: When was a photo created?
- How is location data created?
- Correct interpretation of location data
- Side note: Camera Ballistics
- Exercise: Practical validation of location data
- Binary and hexadecimal system
- Encodings
- Working with Hex-viewer in Cellebrite UFED
- Manual search and interpretation of raw data
- Analysis of SQLite databases with hex viewer
- Syntax regular expression
- Exercise: Understanding example expressions
- Exercise: Designing own expressions
- Methods to protect mobile data from unauthorized access
- Perimeter, encryption, trail obfuscation, etc.
The training contents can be adapted to your personal requirements.
If you have further questions, feel free to contact us: office@t3k-forensics.com or +43 1 929 15 91 – 60.