Glossary - MSAB

MSAB Digital Forensics Glossary

Termes clés et definitions

Bienvenue dans notre glossaire de forensique numérique – Une ressource pour des définitions claires et concises des termes clés utilisés dans les enquêtes de forensique numérique. Ce glossaire comprend la terminologie utilisée dans le domaine des enquêtes sur les smartphones, de l’extraction de données mobiles et de l’analyse de preuves numériques provenant d’appareils mobiles.

Les téléphones portables devenant un élément central de la cybercriminalité et des enquêtes numériques, il est essentiel de comprendre des concepts essentiels tels que l’IMEI, l’acquisition de données mobiles, les artefacts d’applications et l’analyse de la carte SIM. Vous trouverez également des définitions de termes de criminalistique numérique plus généraux tels que les valeurs de hachage, les métadonnées et la chaîne de possession, le tout expliqué dans un format simple et accessible. Que vous soyez un spécialiste de la criminalistique mobile, un agent des forces de l’ordre, un professionnel de la cybersécurité ou un étudiant, ce glossaire offre des explications actualisées pour vous aider à naviguer dans le domaine en évolution rapide de la criminalistique mobile.

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z

Backdoor

A hidden method of bypassing security or authentication in a system, often installed by malware to grant attackers’ future access.

Backup

A copy of digital data stored separately from the original, used for recovery in case of data loss. In digital forensics, backups such as an Android Backup can be crucial sources of evidence.

Base64 Encoding

A method for converting binary data into ASCII text. Often used in data obfuscation, email attachments, and forensic analysis of malware.

BFU (Before First Unlock)

Refers to a device state, the device has been turned off and no passcode/password has been entered by the user. This state leaves the file system encrypted, software such as XRY Pro can still successfully brute force and decrypt the file system for an extraction dependent on device make and model. BFU, or Before […]

Biome

A biome is a collection of variables and settings that have common characteristics due to similar environments and can be found across a range of applications on iOS.

Biometric Unlock Forensics

Biometric unlock forensics is a subdiscipline of mobile forensics that focuses on investigating and analyzing biometric authentication methods, such as fingerprint, face, and iris recognition, used to secure mobile devices. As biometric unlocking becomes increasingly common, forensic investigators must understand how these technologies work and develop techniques to bypass or exploit them when necessary. […]

BIOS (Basic Input/Output System)

Firmware stored on a motherboard chip that initializes hardware during boot and provides runtime services for operating systems in computers.

Bit

The smallest unit of digital information (a binary digit, 0 or 1).

Bit-by-Bit Copy

An exact duplicate of a storage medium (all bytes copied exactly), also known as a forensic clone or image.

BitLocker

A full-disk encryption feature built into Microsoft Windows. Forensic investigators may need to bypass or decrypt BitLocker to access evidence.

Blockchain Forensics

The application of digital forensics to blockchain and cryptocurrency transactions, including tracing illicit transactions and wallet analysis.

Bluetooth forensics

Bluetooth forensics is a branch of digital forensics that focuses on investigating wireless data transfer and communication between devices using Bluetooth technology. As Bluetooth-enabled devices become increasingly prevalent, understanding how to acquire and analyze data transmitted via Bluetooth is crucial for digital forensic investigators. Bluetooth Technology Overview Bluetooth is a short-range wireless communication technology […]

Boot Loader

A program that loads an operating system when a device is turned on; unlocking a mobile device’s bootloader allows installation of custom OS or forensic boot images. Normally this small piece of code is loaded into RAM during the device start up process. This method allows for a forensically sound method of obtaining access to […]

Boot Sector

The section of a storage drive containing code to start the boot process for computers (e.g., Master Boot Record on traditional BIOS systems).

Botnet

A network of compromised computers (bots) controlled by an attacker, used together to perform large-scale tasks like DDoS attacks or sending spam.

Brick/ed

Term used to indicate a process that has caused a device to malfunction and become nonresponsive. Processes that could cause this could be flashing or other methods that have now caused the device to be inaccessible.

Brute Force Attack

A trial-and-error method used to crack passwords or encryption by systematically trying many possible combinations.

BSSID (Basic Service Set Identifiers)

The BSSID is the MAC address (Media Access Control address) of a wireless access point (AP) in a Wi-Fi network. It uniquely identifies a specific access point within a wireless network.

BYOD (Bring Your Own Device)

An organizational practice allowing employees to use personal devices (computers, smartphones, etc.) for work purposes, which can complicate investigations due to mixed personal and work data. BYOD forensics involves investigating personally-owned devices, such as smartphones, tablets, and laptops, that are used for work purposes in corporate environments. As BYOD policies become more common, digital […]

Bypass Lock Screen

A method used by Forensic tools such as XRY and XRY Pro allows a user to gain access to a mobile device by bypassing the lock screen.

Byte

A group of 8 bits; a basic unit of data representing a single character in text (e.g., one letter is typically one byte in ASCII).

This website uses cookies

Cookies ("cookies") consist of small text files. The text files contain data which is stored on your device. To be able to place some type of cookies we need your consent. We at MSAB, corporate identity number 556244-3050 use these types of cookies. To read more about which cookies we use and storage duration, click here to get to our cookiepolicy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that need to be placed for fundamental functions on the website to work. Fundamental functions are for instance cookies that are needed for you to use menus and navigate the website.

Functional cookies

Functional cookies need to be placed for the website to perform in the way that you expect. For instance to remember which language you prefer, to know if you are logged in, to keep the website secure, remember login credentials or to enable sorting of products on the website in the way that you prefer.

Statistical cookies

To know how you interact with the website we place cookies to collect statistics. These cookies anonymize personal data.

Personalization cookies

In order to provide a better experiance we place cookies for your preferances

Ad measurement cookies

To be able to provide a better service and experience we place cookies to tailor marketing for you. Another purpose for this placement is to market products or services to you, give tailored offers or market and give recommendations on new concepts based on what you have bought from us previously.

Ad measurement user cookies

In order to show relevant ads we place cookies to tailor ads for you

Personalized ads cookies

To show relevant and personal ads we place cookies to provide unique offers that are tailored to your user data