Digital Forensics Explained
Preview
Book Description
The field of computer forensics has experienced significant growth recently and those looking to get into the industry have significant opportunity for upward mobility. Focusing on the concepts investigators need to know to conduct a thorough investigation, Digital Forensics Explained provides an overall description of the forensic practice from a practitioner’s perspective.
Starting with an overview, the text describes best practices based on the author’s decades of experience conducting investigations and working in information technology. It illustrates the forensic process, explains what it takes to be an investigator, and highlights emerging trends. Filled with helpful templates and contributions from seasoned experts in their respective fields, the book includes coverage of:
- Internet and email investigations
- Mobile forensics for cell phones, iPads, music players, and other small devices
- Cloud computing from an architecture perspective and its impact on digital forensics
- Anti-forensic techniques that may be employed to make a forensic exam more difficult to conduct
- Recoverability of information from damaged media
- The progression of a criminal case from start to finish
- Tools that are often used in an examination, including commercial, free, and open-source tools; computer and mobile tools; and things as simple as extension cords
- Social media and social engineering forensics
- Case documentation and presentation, including sample summary reports and a cover sheet for a cell phone investigation
The text includes acquisition forms, a sequential process outline to guide your investigation, and a checklist of supplies you’ll need when responding to an incident. Providing you with the understanding and the tools to deal with suspects who find ways to make their digital activities hard to trace, the book also considers cultural implications, ethics, and the psychological effects that digital forensics investigations can have on investigators.
Table of Contents
What Is Digital Forensics and What Should You Know about It?
Introduction
Forensic Science
What Does It Take to Be a Digital Forensic Investigator?
Educational Opportunities
What Opportunities Are There for Digital Forensic Investigators?
What Are the Trends and Challenges in Digital Forensics?
Resources Available to Digital Forensic Investigators
Conclusion
References
Digital Forensic Approaches and Best Practices
Introduction
First Response
Responding to a Case
Conclusion
References
Other Useful References
Digital Forensics Tool Kit
Introduction
Computer Forensics
Write Blockers
Imaging
Add-Ons and Other Technologies
Tools
Mobile Forensics Tools
Visual Analysis
Secured Storage
Damaged Media
Summary
Internet and E-Mail Examinations
Introduction
E-mail
Chat and Messaging Logs
Peer to Peer
Search Engine Activity
Internet History
Social Networking and Gaming
Malware and Viruses
Summary
Mobile Forensics
Introduction
Mobile Phone Technology
How a Call Is Made
Forensic Challenges
Forensic Process
Digital Cell Phone Investigation
Geographic Positioning Systems
Cameras
Summary
Cellular Communications Technology Overview
References
Cloud Computing and Digital Forensics, Prof. Gerald Emerick
Introduction
Infrastructure as a Service
Platform as a Service
Software as a Service
Service and Deployment Models
Customer versus Cloud Provider Responsibilities
Other Service Models
Multi-Tenancy
User Access and Provisioning
Data Protection and Breaches
Information Technology and Information Security Governance and Change Control Processes
Service Access Vulnerabilities
Migration Planning
Incident Response
Virtualization
Security Benefits of Cloud
Incident Response, Det . Jason Otting
Introduction
Case Summary
The Initiation of an Investigation
Information
Evidence Gathering
Interviews and the Analyzing of Evidence
Analyzing the Electronic Evidence
Prosecution and Testimony
Things to Consider
Conclusion
Report Writing and Presentation
Introduction
Report Content and Considerations
Sample Reports
Presenting and Testifying
Archiving
Summary
Social Media Forensics, Dr. Barbara L. Ciaramitaro
Introduction to Social Media
Social Networking
E-mail
Blogs
Microblogs
Event Coordination
Location Identification
Multimedia Sharing
Search
Wikis
Web Conferencing
Virtual Worlds
Social Media Forensics
Street Gangs
Terrorist Activity
White Collar Crimes
Summary
References
Social Engineering Forensics, Dr. Barbara L. Ciaramitaro
Introduction to Social Engineering
Online Social Engineering Attacks
Telephone Social Engineering Attacks
Waste Management Social Engineering Attacks
Mobile Device Social Engineering Attacks
Personal Social Engineering Attacks
Reverse Social Engineering Attacks
Social Engineering Forensics
Social Engineering Attack Vector Vulnerabilities
Conclusion
References
Anti –Forensics, Prof. Velislav Pavlov
Anti-Forensic Definition and Concepts
Anti-Forensic Methods
Eliminate Trails
Hide Evidence
Destroy Evidence
Mobile Anti-Forensics
Conclusion
References
Link and Visual Analysis
Introduction
Link and Visual Analysis
Conclusion
Psychological, Ethical, and Cultural Implications of Digital Forensics
Introduction
Psychological Implications of Digital Forensics
Ethical Implications of Digital Forensics
Cultural Implications
Conclusion
References
Index
Editor(s)
Biography
Dr. Greg Gogolin is a father, as well as a professor at Ferris State University in Big Rapids, Michigan. Greg spent almost twenty years in information technology before becoming a professor at Ferris State University in 1999. While at Ferris State University, he has been the primary author of the bachelor of science degree in information security and intelligence and the master of science in information security and intelligence.
Prior to Ferris, he worked as a programmer, database administrator, systems analyst and project manager at small and multinational corporations. Dr. Gogolin actively consults in information technology and is a licensed private investigator specializing in digital forensics cases. He has degrees in arts, computer information systems, applied biology, computer information systems management, and administration and holds a doctorate from Michigan State University. He has current CISSP, EnCE, and PMP certifications, and is particularly thankful to have the opportunity to teach some of the brightest students in the world in the bachelor of science in information security and intelligence and the master of science in information systems management programs at Ferris State University in Michigan, and the master of science in cyber security at the University of Maryland University Center.
Dr. Gogolin has published in Information Security Journal: "A Global Perspective, Digital Investigations, Digital Forensic Practice" and has made chapter contributions to IGI Global’s Mobile Technology Consumption: Opportunities and Challenges; Virtual Worlds and E-Commerce: Technologies and Applications for Building Customer Relationships; and Nova Science Publisher’s Crime Rates, Types, and Hot Spots, as well as other periodicals. He has presented at many conferences and collaborates on information security and digital forensic issues worldwide. His current research interest is a National Science Foundation-funded inquiry into the recovery of data from damaged media. He is also actively building relationships with other universities worldwide, including Saxion University of Applied Science, the Netherlands.