The Basics of Digital Forensics
The Primer for Getting Started in Digital Forensics
- 1st Edition - February 24, 2012
- Author: John Sammons
- Language: English
The Basics of Digital Forensics provides a foundation for people new to the field of digital forensics. This book teaches you how to conduct examinations by explaining what digi… Read more
World Book Day celebration
Where learning shapes lives
Up to 25% off trusted resources that support research, study, and discovery.
Description
Description
The Basics of Digital Forensics provides a foundation for people new to the field of digital forensics. This book teaches you how to conduct examinations by explaining what digital forensics is, the methodologies used, key technical concepts and the tools needed to perform examinations. Details on digital forensics for computers, networks, cell phones, GPS, the cloud, and Internet are discussed. Readers will also learn how to collect evidence, document the scene, and recover deleted data. This is the only resource your students need to get a jump-start into digital forensics investigations.
This book is organized into 11 chapters. After an introduction to the basics of digital forensics, the book proceeds with a discussion of key technical concepts. Succeeding chapters cover labs and tools; collecting evidence; Windows system artifacts; anti-forensics; Internet and email; network forensics; and mobile device forensics. The book concludes by outlining challenges and concerns associated with digital forensics. PowerPoint lecture slides are also available.
This book will be a valuable resource for entry-level digital forensics professionals as well as those in complimentary fields including law enforcement, legal, and general information security.
Key features
Key features
- Learn all about what Digital Forensics entails
- Build a toolkit and prepare an investigative plan
- Understand the common artifacts to look for during an exam
Readership
Readership
Entry-level digital forensics professionals, also complimentary fields such as: law enforcement, legal, general information security.
Table of contents
Table of contents
Dedication
Preface
Acknowledgments
About the Author
About the Technical Editor
Chapter 1. Introduction
Introduction
What is Forensic Science?
What is Digital Forensics?
Uses of Digital Forensics
Locard's Exchange Principle
Scientific Method
Organizations of Note
Role of the Forensic Examiner in the Judicial System
Summary
REFERENCES
Chapter 2. Key Technical Concepts
Introduction
Bits, Bytes, and Numbering Schemes
File Extensions and File Signatures
Storage and Memory
Computing Environments
Data Types
File Systems
Allocated and Unallocated Space
How Magnetic Hard Drives Store Data
Basic Computer Function—Putting it All Together
Summary
REFERENCES
Chapter 3. Labs and Tools
Introduction
Forensic Laboratories
Policies and Procedures
Quality Assurance
Digital Forensic Tools
Accreditation
Summary
REFERENCES
Chapter 4. Collecting Evidence
Introduction
Crime Scenes and Collecting Evidence
Documenting the Scene
Chain of Custody
Cloning
Live System versus Dead System
Hashing
Final Report
Summary
REFERENCES
Chapter 5. Windows System Artifacts
Introduction
Deleted Data
Hibernation File (Hiberfile.Sys)
Registry
Print Spooling
Recycle Bin
Metadata
Thumbnail Cache
Most Recently Used (MRU)
Restore Points and Shadow Copy
Prefetch
Link Files
Summary
REFERENCES
Chapter 6. Antiforensics
Introduction
Hiding Data
Password Attacks
Steganography
Data Destruction
Summary
REFERENCES
Chapter 7. Legal
Introduction
The Fourth Amendment
Criminal Law—Searches Without a Warrant
Searching with a Warrant
Electronic Discovery (eDiscovery)
Expert Testimony
Summary
REFERENCES
Chapter 8. Internet and E-Mail
Introduction
Internet Overview
Web Browsers—Internet Explorer
Social Networking Sites
Summary
REFERENCES
Chapter 9. Network Forensics
Introduction
Network Fundamentals
Network Security Tools
Network Attacks
Incident Response
Network Evidence and Investigations
Summary
REFERENCES
Chapter 10. Mobile Device Forensics
Introduction
Cellular Networks
Operating Systems
Cell Phone Evidence
Cell Phone Forensic Tools
Global Positioning Systems (GPS)
Summary
REFERENCES
Chapter 11. Looking Ahead
Introduction
Standards and Controls
Cloud Forensics (Finding/Identifying Potential Evidence Stored In the Cloud)
Solid State Drives (SSD)
Speed of Change
Summary
REFERENCES
Index
Review quotes
Review quotes
"This book is an excellent introduction and overview of the field of Configuration Systems. It covers the most important developments in the field."—HPCMagazine.com, August 2014
"The book is quite easy to read – the author uses colloquial language and the text flows more like long magazine articles rather than a text book. A nice addition is computer forensic case studies that are peppered throughout the book."—The Journal of Digital Forensics, Security and Law,Vol. 9, No. 1, 2014
Product details
Product details
- Edition: 1
- Published: February 24, 2012
- Language: English
About the author
About the author
JS
John Sammons
John Sammons is a distinguished scholar and educator in digital forensics, currently serving as a Professor at Marshall University and Associate Director of the Institute for Cyber Security. With a background as a Huntington Police officer, he has been recognized for his investigative work by the U.S. Department of Justice.
He is the author and co-author of several notable books, including the acclaimed "The Basics of Digital Forensics," which was nominated for Digital Forensics Book of the Year in 2013. John also contributed to the digital forensics chapter of Douglas Ubelaker’s "Forensic Science: Current Issues, Future Directions."
In addition to his academic roles, he is the Fusion Center Liaison Officer for the West Virginia Intelligence Fusion Center and founded the Appalachian Institute of Digital Evidence, a non-profit focused on research and training in digital evidence. John holds multiple certifications and is a member of several professional organizations, including the American Academy of Forensic Sciences and the FBI Infragard. Before joining Marshall, he co-founded Second Creek Technologies, a digital forensics firm. He also teaches advanced digital forensics and firearms to graduate students and provides training for legal and law enforcement professionals.