Available:*
Library | Item Barcode | Call Number | Material Type | Item Category 1 | Status |
|---|---|---|---|---|---|
Searching... | 30000010327898 | HV8079.C65 G64 2013 | Open Access Book | Book | Searching... |
On Order
Summary
Summary
The field of computer forensics has experienced significant growth recently and those looking to get into the industry have significant opportunity for upward mobility. Focusing on the concepts investigators need to know to conduct a thorough investigation, Digital Forensics Explained provides an overall description of the forensic practice from a practitioner's perspective.
Starting with an overview, the text describes best practices based on the author's decades of experience conducting investigations and working in information technology. It illustrates the forensic process, explains what it takes to be an investigator, and highlights emerging trends. Filled with helpful templates and contributions from seasoned experts in their respective fields, the book includes coverage of:
The text includes acquisition forms, a sequential process outline to guide your investigation, and a checklist of supplies you'll need when responding to an incident. Providing you with the understanding and the tools to deal with suspects who find ways to make their digital activities hard to trace, the book also considers cultural implications, ethics, and the psychological effects that digital forensics investigations can have on investigators.
Author Notes
Dr. Greg Gogolin is a father, as well as a professor at Ferris State University in Big Rapids, Michigan. Greg spent almost twenty years in information technology before becoming a professor at Ferris State University in 1999. While at Ferris State University, he has been the primary author of the bachelor of science degree in information security and intelligence and the master of science in information security and intelligence.
Prior to Ferris, he worked as a programmer, database administrator, systems analyst and project manager at small and multinational corporations. Dr. Gogolin actively consults in information technology and is a licensed private investigator specializing in digital forensics cases. He has degrees in arts, computer information systems, applied biology, computer information systems management, and administration and holds a doctorate from Michigan State University. He has current CISSP, EnCE, and PMP certifications, and is particularly thankful to have the opportunity to teach some of the brightest students in the world in the bachelor of science in information security and intelligence and the master of science in information systems management programs at Ferris State University in Michigan, and the master of science in cyber security at the University of Maryland University Center.
Dr. Gogolin has published in Information Security Journal: "A Global Perspective, Digital Investigations, Digital Forensic Practice" and has made chapter contributions to IGI Global's Mobile Technology Consumption: Opportunities and Challenges; Virtual Worlds and E-Commerce: Technologies and Applications for Building Customer Relationships ; and Nova Science Publisher's Crime Rates, Types, and Hot Spots, as well as other periodicals. He has presented at many conferences and collaborates on information security and digital forensic issues worldwide. His current research interest is a National Science Foundation-funded inquiry into the recovery of data from damaged media. He is also actively building relationships with other universities worldwide, including Saxion University of Applied Science, the Netherlands.
Reviews 1
Choice Review
This timely second edition offers a valuable treatise on the exploding field of digital forensics. The forensic process, approaches and best practice in digital forensics, and the various tools used in a forensics examination are introduced in chapters 1--3. Chapters 4--7 cover internet and email investigations, mobile forensics, and impacts of cloud computing, including one exemplary criminal case study. Chapter 8 explains how such cases are documented and presented. Chapters 9--10 discuss forensics tailored to social media (internet tools and what they allow users to do) and social engineering (manipulating people to release information). Chapter 11 ("Anti-forensics") explains how cybercriminals make their activities covert. Chapter 12 covers link analysis and how the pieces of the puzzle are put together. Chapter 13 discusses psychological effects of digital forensics investigations. Finally, chapters 14 and 15 present several cases. This reviewer found the case studies particularly interesting: chapter 14 ("Someone is Watching") concerns a woman who asked a supposed friend to help with her laptop; the latter person instead installed an application to surveil her activities. The book can serve as a textbook in digital forensics and as an excellent reference guide for case investigators. Interested general readers will find the text informative, as will upper-level and graduate students, faculty, and working professionals. Summing Up: Recommended. Upper-division undergraduates. Graduate students, faculty, and professionals. General readers. --Charles C. Tappert, Pace University
Table of Contents
| Preface | p. ix |
| Acknowledgments | p. xiii |
| Authors | p. xvii |
| Contributors | p. xxi |
| Chapter 1 What is Digital Forensics, and What Should You Know About It? | p. 1 |
| Introduction | p. 1 |
| Forensic Science | p. 1 |
| What Does It Take to Be a Digital Forensic Investigator? | p. 3 |
| Education Opportunities | p. 4 |
| What Opportunities Are There for Digital Forensic Investigators? | p. 5 |
| What Are the Trends and Challenges in Digital Forensics? | p. 7 |
| Resources Available to Digital Forensic Investigators | p. 10 |
| Conclusion | p. 11 |
| References | p. 11 |
| Chapter 2 Digital Forensic Approaches and Best Practices | p. 13 |
| Introduction | p. 13 |
| First Response | p. 15 |
| Responding to a Case | p. 20 |
| Conclusion | p. 32 |
| References | p. 32 |
| Other Useful Resources | p. 32 |
| Chapter 3 Digital Forensics Tool Kit | p. 35 |
| Introduction | p. 35 |
| Computer Forensics | p. 35 |
| Write Blockers | p. 37 |
| Imaging | p. 38 |
| Add-Ons and Other Technologies | p. 39 |
| Tools | p. 42 |
| Mobile Forensics Tools | p. 43 |
| Visual Analysis | p. 44 |
| Secured Storage | p. 45 |
| Damaged Media | p. 45 |
| Summary | p. 45 |
| Chapter 4 Internet and E-Mail Examinations | p. 47 |
| Introduction | p. 47 |
| p. 47 | |
| Chat and Messaging Logs | p. 48 |
| Peer-to-Peer | p. 48 |
| Search Engine Activity | p. 49 |
| Internet History | p. 50 |
| Social Networking and Gaming | p. 51 |
| Malware and Viruses | p. 51 |
| Summary | p. 54 |
| Chapter 5 Mobile Forensics | p. 55 |
| Introduction | p. 55 |
| Mobile Phone Technology | p. 55 |
| How a Call Is Made | p. 55 |
| Forensic Challenges | p. 56 |
| Forensic Process | p. 58 |
| Digital Cell Phone Investigation | p. 61 |
| Geographic Positioning Systems | p. 66 |
| Cameras | p. 66 |
| Summary | p. 66 |
| Cellular Communications Technology Overview | p. 66 |
| References | p. 68 |
| Chapter 6 Cloud Computing and Digital Forensics | p. 69 |
| Introduction | p. 69 |
| Infrastructure as a Service | p. 71 |
| Platform as a Service | p. 71 |
| Software as a Service | p. 72 |
| Service and Deployment Models | p. 72 |
| Customer versus Cloud Provider Responsibilities | p. 73 |
| Other Service Models | p. 74 |
| Multi-Tenancy | p. 76 |
| User Access and Provisioning | p. 77 |
| Data Protection and Breaches | p. 79 |
| Information Technology and Information Security Governance and Change Control Processes | p. 81 |
| Service Access Vulnerabilities | p. 82 |
| Migration Planning | p. 83 |
| Incident Response | p. 84 |
| Virtualization | p. 84 |
| Security Benefits of Cloud | p. 85 |
| Chapter 7 Incident Response | p. 87 |
| Introduction | p. 87 |
| Case Summary | p. 87 |
| The Initiation of an Investigation | p. 87 |
| Information | p. 88 |
| Evidence Gathering | p. 89 |
| Interviews and the Analysis of Evidence | p. 90 |
| Analysis of the Electronic Evidence | p. 91 |
| Prosecution and Testimony | p. 93 |
| Things to Consider | p. 95 |
| Conclusion | p. 96 |
| Chapter 8 Report Writing and Presentation | p. 97 |
| Introduction | p. 97 |
| Report Content and Considerations | p. 97 |
| Sample Reports | p. 99 |
| Presenting and Testifying | p. 110 |
| Archiving | p. 111 |
| Summary | p. 111 |
| Chapter 9 Social Media Forensics | p. 113 |
| Introduction to Social Media | p. 113 |
| Social Networking | p. 113 |
| p. 113 | |
| Blogs | p. 113 |
| Microblogs | p. 114 |
| Event Coordination | p. 114 |
| Location Identification | p. 114 |
| Multimedia Sharing | p. 114 |
| Search | p. 114 |
| Wikis | p. 115 |
| Web Conferencing | p. 115 |
| Virtual Worlds | p. 115 |
| Social Media Forensics | p. 116 |
| Street Gangs | p. 116 |
| Terrorist Activity | p. 118 |
| White Collar Crimes | p. 120 |
| Summary | p. 120 |
| References | p. 123 |
| Chapter 10 Social Engineering Forensics | p. 125 |
| Introduction to Social Engineering | p. 125 |
| Online Social Engineering Attacks | p. 125 |
| Telephone Social Engineering Attacks | p. 126 |
| Waste Management Social Engineering Attacks | p. 127 |
| Mobile Device Social Engineering Attacks | p. 127 |
| Personal Social Engineering Attacks | p. 128 |
| Reverse Social Engineering Attacks | p. 129 |
| Social Engineering Forensics | p. 132 |
| Social Engineering Attack Vector Vulnerabilities | p. 133 |
| Conclusion | p. 134 |
| References | p. 135 |
| Chapter 11 Anti-Forensics | p. 137 |
| Anti-Forensic Definition and Concepts | p. 137 |
| Anti-Forensic Methods | p. 138 |
| Eliminate Trails | p. 139 |
| Hide Evidence | p. 142 |
| Destroy Evidence | p. 147 |
| Mobile Anti-Forensics | p. 148 |
| Conclusion | p. 149 |
| References | p. 150 |
| Chapter 12 Link and Visual Analysis | p. 151 |
| Introduction | p. 151 |
| Link and Visual Analysis | p. 151 |
| Conclusion | p. 157 |
| Chapter 13 Psychological, Ethical, and Cultural Implications of Digital Forensics | p. 159 |
| Introduction | p. 159 |
| Psychological Implications of Digital Forensics | p. 159 |
| Ethical Implications of Digital Forensics | p. 165 |
| Cultural Implications of Digital Forensics | p. 166 |
| Conclusion | p. 168 |
| References | p. 168 |
| Index | p. 169 |
