Skip to main content

DF330 Advanced Digital Forensic Analysis: iOS & Android (Aug. 23–26, 2021, Virtual)

Attention

Due to a federal government shutdown, content updates are temporarily on hold. Content updates and responses to inquiries will resume when normal operations continue.

Questions?

This course provides the advanced skills and knowledge necessary to analyze data on iOS devices (iPod Touch, iPhone, and iPad) and Android devices at an advanced level. Students use forensically sound tools and techniques to analyze potential evidence, employing advanced techniques to uncover evidence potentially missed or misrepresented by commercial forensic tools. Topics include identifying potential threats to data stored on devices, using available acquisition options, accessing locked devices, and understanding the default folder structure. Core skills include analyzing artifacts such as device information, call history, voicemail, messages, web browser history, contacts, and photos. Instruction is provided on developing the hunt methodology for analyzing third-party applications not supported by commercial forensic tools.

Course structure:

  • Mobile device hardware fundamentals. Understand how mobile devices work, store data, and interact with a variety of networks.
  • Device handling. Learn about properly preserving data for imaging and analysis, as well as identifying potential threats to data integrity.
  • Device acquisition and security. Understand acquisition options (physical, logical, device backups) and how to bypass passcodes and properly defeat encrypted backups of iOS devices.
  • Advanced analysis techniques. Learn about mounting images, partitioning scheme and default folder structure, and types of artifacts (plists, SQLite databases, etc.).
Cost Information
Amount
0.00
Event Date
-