The Basics of Digital Forensics

The Basics of Digital Forensics

The Primer for Getting Started in Digital Forensics

1st Edition - February 24, 2012

Write a review

  • Author: John Sammons
  • eBook ISBN: 9781597496629

Purchase options

Purchase options
DRM-free (PDF, EPub, Mobi)
Sales tax will be calculated at check-out

Institutional Subscription

Free Global Shipping
No minimum order

Description

The Basics of Digital Forensics provides a foundation for people new to the field of digital forensics. This book teaches you how to conduct examinations by explaining what digital forensics is, the methodologies used, key technical concepts and the tools needed to perform examinations. Details on digital forensics for computers, networks, cell phones, GPS, the cloud, and Internet are discussed. Readers will also learn how to collect evidence, document the scene, and recover deleted data. This is the only resource your students need to get a jump-start into digital forensics investigations. This book is organized into 11 chapters. After an introduction to the basics of digital forensics, the book proceeds with a discussion of key technical concepts. Succeeding chapters cover labs and tools; collecting evidence; Windows system artifacts; anti-forensics; Internet and email; network forensics; and mobile device forensics. The book concludes by outlining challenges and concerns associated with digital forensics. PowerPoint lecture slides are also available. This book will be a valuable resource for entry-level digital forensics professionals as well as those in complimentary fields including law enforcement, legal, and general information security.

Key Features

  • Learn all about what Digital Forensics entails
  • Build a toolkit and prepare an investigative plan
  • Understand the common artifacts to look for during an exam

Readership

Entry-level digital forensics professionals, also complimentary fields such as: law enforcement, legal, general information security.

Table of Contents

  • Dedication

    Preface

    Acknowledgments

    About the Author

    About the Technical Editor

    Chapter 1. Introduction

    Introduction

    What is Forensic Science?

    What is Digital Forensics?

    Uses of Digital Forensics

    Locard's Exchange Principle

    Scientific Method

    Organizations of Note

    Role of the Forensic Examiner in the Judicial System

    Summary

    REFERENCES

    Chapter 2. Key Technical Concepts

    Introduction

    Bits, Bytes, and Numbering Schemes

    File Extensions and File Signatures

    Storage and Memory

    Computing Environments

    Data Types

    File Systems

    Allocated and Unallocated Space

    How Magnetic Hard Drives Store Data

    Basic Computer Function—Putting it All Together

    Summary

    REFERENCES

    Chapter 3. Labs and Tools

    Introduction

    Forensic Laboratories

    Policies and Procedures

    Quality Assurance

    Digital Forensic Tools

    Accreditation

    Summary

    REFERENCES

    Chapter 4. Collecting Evidence

    Introduction

    Crime Scenes and Collecting Evidence

    Documenting the Scene

    Chain of Custody

    Cloning

    Live System versus Dead System

    Hashing

    Final Report

    Summary

    REFERENCES

    Chapter 5. Windows System Artifacts

    Introduction

    Deleted Data

    Hibernation File (Hiberfile.Sys)

    Registry

    Print Spooling

    Recycle Bin

    Metadata

    Thumbnail Cache

    Most Recently Used (MRU)

    Restore Points and Shadow Copy

    Prefetch

    Link Files

    Summary

    REFERENCES

    Chapter 6. Antiforensics

    Introduction

    Hiding Data

    Password Attacks

    Steganography

    Data Destruction

    Summary

    REFERENCES

    Chapter 7. Legal

    Introduction

    The Fourth Amendment

    Criminal Law—Searches Without a Warrant

    Searching with a Warrant

    Electronic Discovery (eDiscovery)

    Expert Testimony

    Summary

    REFERENCES

    Chapter 8. Internet and E-Mail

    Introduction

    Internet Overview

    Web Browsers—Internet Explorer

    E-Mail

    Social Networking Sites

    Summary

    REFERENCES

    Chapter 9. Network Forensics

    Introduction

    Network Fundamentals

    Network Security Tools

    Network Attacks

    Incident Response

    Network Evidence and Investigations

    Summary

    REFERENCES

    Chapter 10. Mobile Device Forensics

    Introduction

    Cellular Networks

    Operating Systems

    Cell Phone Evidence

    Cell Phone Forensic Tools

    Global Positioning Systems (GPS)

    Summary

    REFERENCES

    Chapter 11. Looking Ahead

    Introduction

    Standards and Controls

    Cloud Forensics (Finding/Identifying Potential Evidence Stored In the Cloud)

    Solid State Drives (SSD)

    Speed of Change

    Summary

    REFERENCES

    Index

Product details

  • No. of pages: 208
  • Language: English
  • Copyright: © Syngress 2012
  • Published: February 24, 2012
  • Imprint: Syngress
  • eBook ISBN: 9781597496629

About the Author

John Sammons

John Sammons is an Associate Professor and Director of the undergraduate program in Digital Forensics and Information Assurance at Marshall University in Huntington, West Virginia. John teaches digital forensics, electronic discovery, information security and technology in the School of Forensic and Criminal Justices Sciences. He's also adjunct faculty with the Marshall University graduate forensic science program where he teaches the advanced digital forensics course. John, a former police officer, is also an Investigator with the Cabell County Prosecuting Attorney’s Office and a member of the West Virginia Internet Crimes Against Children Task Force. He is a Member of the American Academy of Forensic Sciences, the High Technology Crime Investigation Association, and Infragard.

John is the founder and President of the Appalachian Institute of Digital Evidence. AIDE is a non-profit organization that provides research and training for digital evidence professionals including attorneys, judges, law enforcement and information security practitioners in the private sector. He is the author of best-selling book, The Basics of Digital Forensics published by Syngress.

Affiliations and Expertise

Associate Professor and Director of the Digital Forensics and Information Assurance program, Marshall University, Huntington, WV, USA

Ratings and Reviews

Write a review

There are currently no reviews for "The Basics of Digital Forensics"