Digital Triage Forensics: Processing the Digital Crime Scene provides the tools, training, and techniques in Digital Triage Forensics (DTF), a procedural model for the investigation of digital crime scenes including both traditional crime scenes and the more complex battlefield crime scenes. The DTF is used by the U.S. Army and other traditional police agencies for current digital forensic applications. The tools, training, and techniques from this practice are being brought to the public in this book for the first time. Now corporations, law enforcement, and consultants can benefit from the unique perspectives of the experts who coined Digital Triage Forensics. The text covers the collection of digital media and data from cellular devices and SIM cards. It also presents outlines of pre- and post- blast investigations.
This book is divided into six chapters that present an overview of the age of warfare, key concepts of digital triage and battlefield forensics, and methods of conducting pre/post-blast investigations. The first chapter considers how improvised explosive devices (IEDs) have changed from basic booby traps to the primary attack method of the insurgents in Iraq and Afghanistan. It also covers the emergence of a sustainable vehicle for prosecuting enemy combatants under the Rule of Law in Iraq as U.S. airmen, marines, sailors, and soldiers perform roles outside their normal military duties and responsibilities. The remaining chapters detail the benefits of DTF model, the roles and responsibilities of the weapons intelligence team (WIT), and the challenges and issues of collecting digital media in battlefield situations. Moreover, data collection and processing as well as debates on the changing role of digital forensics investigators are explored.
This book will be helpful to forensic scientists, investigators, and military personnel, as well as to students and beginners in forensics.
- Includes coverage on collecting digital media
- Outlines pre- and post-blast investigations
- Features content on collecting data from cellular devices and SIM cards
About the Authors
Chapter 1 New Age of Warfare: How Digital Forensics is Reshaping Today's Military
Yesterday’s “Booby Trap” Is Today’s IED
The Invention of WIT
“CSI” Baghdad: Today’s Intelligence Is Tomorrows Evidence
Actionable Intelligence and Its Effect on the Battlefield
Soldiers to “Battlefield Cops”
Chapter 2 Digital Triage Forensics and Battlefield Forensics
DTF and Battlefield Forensics
How does Evidence go from the Battlefield to the Lab?
Five Levels of Exploitation of WTI Materials
Chapter 3 Conducting Pre/Postblast Investigations
WITs Role Within the EOD Team
On Scene IED Analysis
Photograph! Photograph! Photograph!
Preblast Investigative Steps
Postblast Investigative Steps
Detainee Operations as it Pertains to WIT
Chapter 4 Using the DTF Model to Process Digital Media
The changing location of Digital Evidence containers
What hardware do I need to conduct a Cradle-to-Grave Battlefield investigation?
Characteristics of Digital Media
Stephen’s Quick and Dirty Guide to Understanding Digital Forensics
Brief Overview of Digital Storage Concepts
Processing Digital Media using the Digital Triage Forensic Model
Chapter 5 Using the DTF Model to Collect and Process Cell Phones and SIM Cards
Cellular Devices Are Replacing the Laptop
Proprietary Cell Phone Tools versus Nonproprietary Cell Phone Tools
Freeware and Shareware as Cell Phone Forensic/Analysis Tools
Using Cross Validation with your Tools
Triage Processing of Cellular Devices
Using the MFC to identify the Cellular Device
Collection Concerns with Cellular Devices
Don’t Push That Button
Isolating the Cellular Device
Using the HTCI Isolation Chamber
Processing the Cell Phone
Chapter 6 The Changing Role of a Digital Forensic Investigator
- No. of pages:
- © Syngress 2010
- 28th June 2010
- eBook ISBN:
- Paperback ISBN:
Stephen Frank Pearson was born in Aylesbury, England in 1963 and has been involved with Digital Media Exploitation since the early 1990's. Stephen served in the United States Army as a Military Policeman for over 21 years. During this time, Stephen wrote and compiled numerous texts that are still used today to train the Army’s Military Police and Investigators. Stephen's last military assignment was Non Commissioned Officer in Charge of the Advanced Technology Criminal Investigations Division at the Military Police School, Ft Leonard Wood, Missouri. After retiring, Stephen accepted a position as chief of detectives at the Pulaski County Sheriffs Office in Missouri. Stephen opened the first Digital Forensic Lab at the Sheriff's Department which was responsible for numerous convictions. Stephen, during this time, also started and ran the High Tech Crime Institute. In 2006 Stephen was contracted by the National Ground Intelligence Center to teach and design a course in Digital Triage Forensics for the new WIT teams deploying to Iraq and Afghanistan. To date, Stephen continues to teach and design new procedures that enable small team units to gather and exploit Digital Media from the Battle Space. Stephen currently lives in Palm Harbor, Florida and is the CEO of the High Tech Crime Institute.
"Syngress [is] by far the best publisher of digital forensics and general security books…I’d certainly recommend this book and after reading through it…it looks great. It’s written by the guys who coined the use of the word Triage in this context, so they know what they are talking about, and unlike many real technical books this one really does dig into the investigative techniques that should be used at the crime scene, including quite an interesting analysis of ‘Battlefield Crime Scenes’, where a triage approach is by far the only way to successfully approach the forensics problem." –Tony Campbell, Publisher, Digital Forensics Magazine