Glossary - MSAB

MSAB Digital Forensics Glossary

Key Terms and Definitions

Welcome to Our Digital Forensics Glossary — A resource for clear, concise definitions of key terms used in digital forensic investigations. This glossary includes terminology used in the field of smartphone investigations, mobile data extraction, and the analysis of digital evidence from mobile devices.

As mobile phones become central to cybercrime and digital investigations, it’s essential to understand critical concepts such as IMEI, mobile data acquisition, app artifacts, and SIM card analysis. You’ll also find definitions of broader digital forensics terms like hash values, metadata, and chain of custody — all explained in a straightforward, accessible format. Whether you’re a mobile forensics specialist, law enforcement officer, cybersecurity professional, or student, this glossary offers up-to-date explanations to help you navigate the rapidly evolving field of mobile forensics.

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z

MAC Address

A unique Media Access Control address assigned to a network interface, traced in forensics to identify devices involved in network activity or incidents.

Malware

Malicious software (e.g., viruses, ransomware), analyzed in forensics to understand its behavior, origin, and impact on compromised systems.

Malware Forensics

The investigation of malicious software to identify its source, functionality, and effects, often involving reverse engineering and dynamic analysis.

Map Analytics

The use of geographic data visualization in forensics to plot location-based evidence (e.g., GPS, cell tower data), aiding in suspect tracking or event reconstruction.

MDN, Mobile Directory Number – Mobile Device Forensics

A 10-digit phone number assigned to a mobile device, extracted in forensics to link a device to a user or communication records.

Media Analytics – Investigative Analytics

A feature in tools like MSAB XAMN Pro that identifies and categorizes media files (e.g., images, videos) containing specific attributes, enhancing investigative insights.

MEID – Mobile Device Forensics

Mobile Equipment Identifier, a unique CDMA identifier for mobile devices, analogous to IMEI, extracted to track hardware in forensic investigations.

Memory Dump

A snapshot of a device’s volatile memory (RAM), captured in forensics to recover active processes, encryption keys, or ephemeral data. Acquired using a tool such as MSAB XRY Pro.

Memory Forensics

The analysis of a system’s RAM to extract volatile evidence (e.g., running programs, passwords), critical when data isn’t stored on persistent media. XRY RAMAlyzer allows analysis from mobile RAM.

Merchant Services – Crypto Forensics

Authorized financial services enabling businesses to accept cryptocurrency payments, investigated in forensics to trace transactions or uncover illicit commerce.

Metadata

Data about data (e.g., file creation dates, GPS tags), extracted in forensics to establish timelines, ownership, or authenticity of digital evidence.

MIN – Mobile Device Forensics

Mobile Identification Number, a CDMA identifier often compared to IMSI, analyzed in forensics to associate a device with network activity or a subscriber.

Mining – Crypto Forensics

The process of validating cryptocurrency transactions and earning rewards, examined in forensics to trace blockchain activity or link miners to illicit operations.

Mining Pool – Crypto Forensics

A service where cryptocurrency miners combine resources to increase efficiency, analyzed in forensics to trace pooled transactions or identify participants.

Mixing – Crypto Forensics

Websites or software that obscure cryptocurrency transaction trails (e.g., tumblers), investigated in forensics to uncover money laundering or hidden fund flows.

Mobile Forensics

The process of accessing, recovering, and analyzing digital evidence from mobile devices (e.g., smartphones, tablets) to support investigations.

Mobile Forensics Software

Specialized software (e.g., MSAB XRY, and open source tools such as UFADE) used to access, recover, and analyze digital evidence from mobile devices in a forensically sound manner.

Mobile Forensics Tools

Hardware and software solutions designed for accessing, recovering, and analyzing digital evidence from mobile devices, widely used in forensic investigations. Mobile forensic tools are specialized software and hardware solutions designed to assist forensic examiners in acquiring, analyzing, and reporting data from mobile devices. These tools play a crucial role in mobile forensic investigations, enabling examiners […]

Model – Mobile Device Forensics

An option in tools like Physical Analyzer allowing examiners to select color-coded models or configurations for analyzing mobile device data, enhancing visual interpretation.

Mounting

The process of making a forensic image or partition accessible as a virtual drive, allowing examiners to browse and analyze its contents without altering the original.

MSISDN – Mobile Device Forensics

Mobile Station International Subscriber Directory Number, a GSM identifier (phone number) tied to a SIM, extracted to link devices to users or communication records.

MSISDN Forensics

The forensic analysis of the Mobile Station International Subscriber Directory Number to trace calls, messages, or subscriber details in mobile investigations.

MultiSIM Card Reader – Mobile SIM Adapter from MSAB

A device from MSAB that reads multiple SIM card types, used in forensics to extract data (e.g., contacts, messages) from SIMs.

Mutex (Mutual Exclusion)

A synchronization object in software, analyzed in forensics to detect malware behavior or identify processes running concurrently on a system.

This website uses cookies

Cookies ("cookies") consist of small text files. The text files contain data which is stored on your device. To be able to place some type of cookies we need your consent. We at MSAB, corporate identity number 556244-3050 use these types of cookies. To read more about which cookies we use and storage duration, click here to get to our cookiepolicy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that need to be placed for fundamental functions on the website to work. Fundamental functions are for instance cookies that are needed for you to use menus and navigate the website.

Functional cookies

Functional cookies need to be placed for the website to perform in the way that you expect. For instance to remember which language you prefer, to know if you are logged in, to keep the website secure, remember login credentials or to enable sorting of products on the website in the way that you prefer.

Statistical cookies

To know how you interact with the website we place cookies to collect statistics. These cookies anonymize personal data.

Personalization cookies

In order to provide a better experiance we place cookies for your preferances

Ad measurement cookies

To be able to provide a better service and experience we place cookies to tailor marketing for you. Another purpose for this placement is to market products or services to you, give tailored offers or market and give recommendations on new concepts based on what you have bought from us previously.

Ad measurement user cookies

In order to show relevant ads we place cookies to tailor ads for you

Personalized ads cookies

To show relevant and personal ads we place cookies to provide unique offers that are tailored to your user data