Glossary - MSAB

MSAB Digital Forensics Glossary

Key Terms and Definitions

Welcome to Our Digital Forensics Glossary — A resource for clear, concise definitions of key terms used in digital forensic investigations. This glossary includes terminology used in the field of smartphone investigations, mobile data extraction, and the analysis of digital evidence from mobile devices.

As mobile phones become central to cybercrime and digital investigations, it’s essential to understand critical concepts such as IMEI, mobile data acquisition, app artifacts, and SIM card analysis. You’ll also find definitions of broader digital forensics terms like hash values, metadata, and chain of custody — all explained in a straightforward, accessible format. Whether you’re a mobile forensics specialist, law enforcement officer, cybersecurity professional, or student, this glossary offers up-to-date explanations to help you navigate the rapidly evolving field of mobile forensics.

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z

Namespace

A logical grouping of identifiers in a system (e.g., file names, registry keys), analyzed in forensics to resolve naming conflicts or trace data origins.

Native File

A file in its original format as created by an application, examined in forensics to ensure authenticity or recover embedded metadata without conversion artifacts.

NetBIOS

A legacy networking protocol providing name resolution, analyzed in forensics to investigate local network activity or identify devices in Windows environments.

Network Address Translation (NAT)

A technique mapping private IP addresses to public ones, complicating forensic tracing of network traffic but analyzed via router logs to identify endpoints.

Network Forensics

The investigation of network traffic and logs to uncover evidence of cybercrimes, intrusions, or data exfiltration, often using packet captures and protocol analysis.

Network Interface Card (NIC)

Hardware enabling network connectivity, identified in forensics via its MAC address to link a device to network activity or incidents.

Network Intrusion Detection System (NIDS)

A tool monitoring network traffic for suspicious activity, analyzed in forensics to validate alerts or reconstruct attack timelines from captured data.

Network Packet

A unit of data transmitted over a network, captured and dissected in forensics (e.g., via Wireshark) to reveal communication details or malicious payloads.

Network Protocol

A set of rules governing data communication (e.g., TCP/IP, HTTP), studied in forensics to interpret traffic patterns or detect protocol misuse in attacks.

Network Scanner

A tool identifying active devices or vulnerabilities on a network, used in forensics to recreate an attacker’s reconnaissance or assess system exposure.

Network Time Protocol (NTP)

A protocol synchronizing system clocks over a network, examined in forensics to verify timestamps on logs or evidence for accurate event sequencing.

NFC (Near Field Communication) Forensics

NFC (Near Field Communication) is a short-range wireless communication technology that allows data exchange between devices in close proximity, typically less than 10 centimeters. NFC is commonly used in mobile devices for contactless payments, data sharing, and access control. NFC forensics involves the acquisition and analysis of data related to NFC transactions and interactions. Applications […]

Node

A device or point in a network (e.g., computer, router), traced in forensics to map communication paths or identify sources of activity.

Non-Repudiation

The assurance that an action (e.g., sending a message) cannot be denied, supported in forensics through digital signatures or logs proving user activity.

Non-Volatile Memory

Storage retaining data without power (e.g., flash, hard drives), analyzed in forensics to recover persistent evidence like files or system configurations.

Normalization

The process of standardizing data formats in forensics (e.g., timestamps, encodings) to enable consistent analysis across diverse sources.

NTFS (New Technology File System)

A Windows file system with features like journaling and encryption, analyzed in forensics to recover files, metadata, or alternate data streams.

Null Byte

A zero-value byte (0x00) used in programming or file structures, inspected in forensics to detect hidden data or anomalies in file contents.

This website uses cookies

Cookies ("cookies") consist of small text files. The text files contain data which is stored on your device. To be able to place some type of cookies we need your consent. We at MSAB, corporate identity number 556244-3050 use these types of cookies. To read more about which cookies we use and storage duration, click here to get to our cookiepolicy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that need to be placed for fundamental functions on the website to work. Fundamental functions are for instance cookies that are needed for you to use menus and navigate the website.

Functional cookies

Functional cookies need to be placed for the website to perform in the way that you expect. For instance to remember which language you prefer, to know if you are logged in, to keep the website secure, remember login credentials or to enable sorting of products on the website in the way that you prefer.

Statistical cookies

To know how you interact with the website we place cookies to collect statistics. These cookies anonymize personal data.

Personalization cookies

In order to provide a better experiance we place cookies for your preferances

Ad measurement cookies

To be able to provide a better service and experience we place cookies to tailor marketing for you. Another purpose for this placement is to market products or services to you, give tailored offers or market and give recommendations on new concepts based on what you have bought from us previously.

Ad measurement user cookies

In order to show relevant ads we place cookies to tailor ads for you

Personalized ads cookies

To show relevant and personal ads we place cookies to provide unique offers that are tailored to your user data