Digital Forensics

Digital Forensics

Threatscape and Best Practices

1st Edition - December 7, 2015

Write a review

  • Editor: John Sammons
  • eBook ISBN: 9780128045428
  • Paperback ISBN: 9780128045268

Purchase options

Purchase options
DRM-free (Mobi, PDF, EPub)
Sales tax will be calculated at check-out

Institutional Subscription

Free Global Shipping
No minimum order


Digital Forensics: Threatscape and Best Practices surveys the problems and challenges confronting digital forensic professionals today, including massive data sets and everchanging technology. This book provides a coherent overview of the threatscape in a broad range of topics, providing practitioners and students alike with a comprehensive, coherent overview of the threat landscape and what can be done to manage and prepare for it. Digital Forensics: Threatscape and Best Practices delivers you with incisive analysis and best practices from a panel of expert authors, led by John Sammons, bestselling author of The Basics of Digital Forensics.

Key Features

  • Learn the basics of cryptocurrencies (like Bitcoin) and the artifacts they generate
  • Learn why examination planning matters and how to do it effectively
  • Discover how to incorporate behaviorial analysis into your digital forensics examinations
  • Stay updated with the key artifacts created by the latest Mac OS, OS X 10.11, El Capitan
  • Discusses the threatscapes and challenges facing mobile device forensics, law enforcement,
    and legal cases
  • The power of applying the electronic discovery workflows to digital forensics
  • Discover the value of and impact of social media forensics


Information Security professionals of all levels, digital forensic examiners and investigators, InfoSec consultants, hackers, penetration testers, government officials and law enforcement officers

Table of Contents

    • Dedication
    • List of Contributors
    • Editor Biography
    • Biographies
    • Acknowledgments
    • Chapter 1: The cryptocurrency enigma
      • Abstract
      • Purpose
      • Introduction
      • What makes a currency?
      • Cryptocurrency
      • Public key encryption basics
      • Forensic relevance
      • Bitcoin
      • Bitcoin protocol
      • Forensic artifacts
      • Multibit HD
      • The bitcoin protocol in action
      • Summary
    • Chapter 2: The key to forensic success: examination planning is a key determinant of efficient and effective digital forensics
      • Abstract
      • Introduction
      • The four phases of digital forensics
      • It is a matter of questions
      • Investigative questions
      • Legal questions
      • Forensic questions
      • Identification
      • Classification/individualization
      • Association
      • Reconstruction
      • Forensic questions as a bridge
      • Developing forensic hypotheses
      • Knowing how far to go
      • Starting the plan
      • How do you know when you are done?
      • Examination phase – data extraction
      • The forensic analysis
      • The examination planning process
      • Conclusion
    • Chapter 3: Psychological profiling as an investigative tool for digital forensics
      • Abstract
      • Current model
      • Issues
      • New model
      • Phases
      • Limitations
      • Case studies
      • Conclusions
    • Chapter 4: The intersection between social media, crime, and digital forensics: #WhoDunIt?
      • Abstract
      • Introduction
      • Social media and crime
      • Social media and digital forensics
      • Social media evidence on the network
      • Social media evidence on the physical device
      • Summary
    • Chapter 5: Mobile device forensics: threats, challenges, and future trends
      • Abstract
      • Introduction
      • The hardware versus software complexity trend
      • Cloud services and mobile platforms – inherent vulnerabilities
      • There is an app for that – forensic challenges and threats within apps
      • Persistent threats and challenges – what lies ahead for mobile device forensics
      • Conclusion
    • Chapter 6: Digital forensics in an eDiscovery world
      • Abstract
      • Introduction
      • eDiscovery processes and EDRM
      • Digital investigations workflows
    • Chapter 7: OS X El Capitan forensics
      • Abstract
      • Introduction
      • Default directory structure
      • User
      • {User name}/library
      • New features in OS X 10.11 El Capitan
      • Conclusion
      • Quick reference table
    • Chapter 8: Cybercrimes: an overview of contemporary challenges and impending threats
      • Abstract
      • Combating cybercrimes
      • Current cybercrimes and evolving threats
      • Hacking
      • Future issues for law enforcement and digital forensic analysts
    • Chapter 9: Legal
      • Abstract
      • Introduction
      • The fourth amendment
      • Search warrants
      • Federal privacy legislation
      • Drones
      • Tracking vehicles
      • Tracking cell phones
      • Automated license plate readers
      • Cell phones
      • Encryption
      • Encryption and cell phones
      • The internet of things
      • The dark web
      • Malware
      • Looking ahead
    • Author Index
    • Subject Index

Product details

  • No. of pages: 182
  • Language: English
  • Copyright: © Syngress 2015
  • Published: December 7, 2015
  • Imprint: Syngress
  • eBook ISBN: 9780128045428
  • Paperback ISBN: 9780128045268

About the Editor

John Sammons

John Sammons is an Associate Professor and Director of the undergraduate program in Digital Forensics and Information Assurance at Marshall University in Huntington, West Virginia. John teaches digital forensics, electronic discovery, information security and technology in the School of Forensic and Criminal Justices Sciences. He's also adjunct faculty with the Marshall University graduate forensic science program where he teaches the advanced digital forensics course. John, a former police officer, is also an Investigator with the Cabell County Prosecuting Attorney’s Office and a member of the West Virginia Internet Crimes Against Children Task Force. He is a Member of the American Academy of Forensic Sciences, the High Technology Crime Investigation Association, and Infragard.

John is the founder and President of the Appalachian Institute of Digital Evidence. AIDE is a non-profit organization that provides research and training for digital evidence professionals including attorneys, judges, law enforcement and information security practitioners in the private sector. He is the author of best-selling book, The Basics of Digital Forensics published by Syngress.

Affiliations and Expertise

Associate Professor and Director of the Digital Forensics and Information Assurance program, Marshall University, Huntington, WV, USA

Ratings and Reviews

Write a review

There are currently no reviews for "Digital Forensics"