MSAB Digital Forensics Glossary
Key Terms and Definitions
Welcome to Our Digital Forensics Glossary — A resource for clear, concise definitions of key terms used in digital forensic investigations. This glossary includes terminology used in the field of smartphone investigations, mobile data extraction, and the analysis of digital evidence from mobile devices.
As mobile phones become central to cybercrime and digital investigations, it’s essential to understand critical concepts such as IMEI, mobile data acquisition, app artifacts, and SIM card analysis. You’ll also find definitions of broader digital forensics terms like hash values, metadata, and chain of custody — all explained in a straightforward, accessible format. Whether you’re a mobile forensics specialist, law enforcement officer, cybersecurity professional, or student, this glossary offers up-to-date explanations to help you navigate the rapidly evolving field of mobile forensics.
TEE (Trusted Execution Environment) in Mobile Forensics
A Trusted Execution Environment (TEE) is a secure, isolated area within a mobile device’s processor that ensures the confidentiality and integrity of sensitive data and code execution. TEEs are designed to protect critical applications, such as mobile payments, digital rights management, and biometric authentication, from unauthorized access or tampering. The presence of TEEs in mobile […]
Read full termTracked to Self – Crypto Forensics
A category of cryptocurrency transactions where value sent by an entity is later received back, analyzed to detect laundering patterns or obfuscation attempts.
Read full termTranslation – Mobile Device Forensics
An option in MSAB XAMN Pro assisting examiners in translating foreign language data, enabling analysis of multilingual evidence like texts or app content.
Read full termTriage
A rapid forensic assessment prioritizing critical evidence (e.g., at a crime scene), often applied to mobile devices to identify key data before full extraction.
Read full termTrojan Horse
Malware disguised as legitimate software, examined in forensics to uncover its deployment, payload, or impact on a compromised system.
Read full termTwo-Factor Authentication – Mobile Device Forensics
A security process requiring two verification steps (e.g., password + SMS code), analyzed or bypassed in forensics to access protected mobile data or accounts.
Read full termTypes – Mobile Device Forensics
Categories or classifications of data (e.g., file types, app data) in tools like XRY, used to filter and prioritize evidence during analysis.
Read full term