MSAB Digital Forensics Glossary
Termes clés et definitions
Bienvenue dans notre glossaire de forensique numérique – Une ressource pour des définitions claires et concises des termes clés utilisés dans les enquêtes de forensique numérique. Ce glossaire comprend la terminologie utilisée dans le domaine des enquêtes sur les smartphones, de l’extraction de données mobiles et de l’analyse de preuves numériques provenant d’appareils mobiles.
Les téléphones portables devenant un élément central de la cybercriminalité et des enquêtes numériques, il est essentiel de comprendre des concepts essentiels tels que l’IMEI, l’acquisition de données mobiles, les artefacts d’applications et l’analyse de la carte SIM. Vous trouverez également des définitions de termes de criminalistique numérique plus généraux tels que les valeurs de hachage, les métadonnées et la chaîne de possession, le tout expliqué dans un format simple et accessible. Que vous soyez un spécialiste de la criminalistique mobile, un agent des forces de l’ordre, un professionnel de la cybersécurité ou un étudiant, ce glossaire offre des explications actualisées pour vous aider à naviguer dans le domaine en évolution rapide de la criminalistique mobile.
Cache
A temporary storage area for frequently accessed data (e.g., a browser cache), which can contain forensic evidence of recent user activity.
Read full termCAID (Child Abuse Image Database)
CAID is a UK centralized database maintained by the UK Government and is used by UK Law Enforcement such as the NCA, it is used to help combat child sexual abuse material and exploitation online.
Read full termCall Detail Record (CDR)
Telecommunications log recording metadata about phone calls or messages (numbers, time, duration, cell tower). Used to trace communications between parties.
Read full termCall Log Analysis
Call log analysis is a crucial aspect of mobile device forensics, involving the examination of call records and associated metadata to uncover communication patterns, relationships, and timelines. In many investigations, call logs can provide valuable evidence and insights into a subject’s activities and connections. Call log analysis is a crucial aspect of mobile device […]
Read full termCell Phone Data Recovery
Cell phone data recovery is a critical aspect of mobile device forensics, focusing on the retrieval of deleted, hidden, or damaged data from smartphones and other mobile devices. Recovering this data can provide valuable evidence in criminal investigations, civil litigation, and corporate inquiries. Challenges in Cell Phone Data Recovery Recovering data from cell phones presents […]
Read full termCellular Network Forensics
Cellular network forensics is a branch of digital forensics that focuses on investigating mobile communications and the infrastructure that supports them. This field encompasses the analysis of data from cellular networks, cell towers, and mobile devices to reconstruct events, establish timelines, and identify suspects in criminal and civil cases. Key Concepts in Cellular Network […]
Read full termCellular Tower Dump Analysis
Cellular tower dump analysis is a forensic technique used to investigate mobile device activity within the range of specific cell towers during a given timeframe. This technique involves obtaining and examining call detail records (CDRs) and other data associated with a particular cell tower to identify mobile devices that were active in the area at […]
Read full termChain of custody
The chronological documentation of who handled a piece of evidence, when, and under what conditions. This is essential in ensuring that digital evidence is authentic, untampered, and admissible in court. A broken chain can disqualify key evidence. In digital forensics, the chain of custody refers to the documentation and tracking of the movement and […]
Read full termChip Off
An advanced forensic technique where the memory chip is physically removed from a device (usually a smartphone) and read using specialized hardware. Used when software-based extraction methods fail due to encryption, hardware damage, or passcodes. It provides access to raw data but is invasive and risky, potentially damaging the chip. Chip-off forensics is an advanced […]
Read full termCLI (Command Line Interface)
In digital forensics, the CLI (Command Line Interface) refers to the use of text-based commands to interact with operating systems, software, and forensic tools. CLI tools are widely used by forensic examiners to perform various tasks, such as data acquisition, analysis, and automation, as they offer greater control, flexibility, and efficiency compared to graphical user […]
Read full termCloud Forensics
The application of forensic techniques to data stored in cloud services. It often involves acquiring data via provider APIs or legal requests and dealing with logs and virtualized environments. Cloud forensics is a branch of digital forensics that focuses on the investigation and acquisition of evidence from cloud computing environments. With the growing adoption […]
Read full termCross-Device Analysis
Cross-device analysis is a technique in mobile forensics that involves examining and correlating data from multiple devices to uncover connections, patterns, and evidence that may not be apparent when analyzing a single device in isolation. As individuals increasingly use multiple mobile devices and cloud services, cross-device analysis has become an essential tool for digital investigators. […]
Read full termCross-platform Mobile Forensics
Cross-platform mobile forensics refers to the process of acquiring and analyzing data from mobile devices that run on different operating systems, such as Android and iOS. As digital investigations often involve multiple devices with varying platforms, investigators must be equipped with the knowledge and tools to handle cross-platform forensic challenges effectively. Challenges in Cross-platform […]
Read full term