Saturday, April 27, 2013
Digital Evidence and Computer Crime, 3rd Edition: Forensic Science, Computers, and the Internet, Eoghan Casey BS MA
"Throughout the book there are a number of good case studies used to illustrate points which enlivens the text. There are also details of legal cases from various legislative areas and examples of relevant situations that demonstrate the points being made. There are also a number of references to other literature and links to website URLs and tools available to assist the practitioner."--Best Digital Forensics Book in InfoSecReviews Book Awards
"Just finished 'Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet' by Eoghan Casey and featuring other contributing authors, and it's quite good. I bought this book because I wanted an all-encompassing book that provided insight on the various aspects of an investigation, especially the legal portion. And in this aspect the book does an excellent job, and is in-depth in area's I have yet to see in other books. The book is divided into five portions digital forensics, digital investigations, apprehending offenders, computers and network forensics. For me the book was worth it for the first three portions; however, the computers and network portions, while a good start, there are more in-depth books that provide better insight. Overall, the book was enjoyable from start to finish and I would recommend it to anyone looking for a great overview of digital forensic investigation process from start to finish. I am happy to add this book to my growing reference library."--Student of Security
"This hefty book on forensic evidence obtained from computers dispels the myths propagated by popular television series. It states from the premise that very few people are well versed in the technical, evidential, and legal issues concerning digital evidence. Oftentimes, the useful evidence that may be found in various digital media is overlooked, collected incorrectly, or analyzed ineffectively. It is the goal of the team of contributors to equip readers with the necessary knowledge and skills to be able to make use of digital evidence correctly and effectively.. It is quite obvious that the various authors draw from several fields, such as forensic science, computer science, political science, criminal justice, the law, and behavioral analysis; as such, it is multi- and interdisciplinary. More specifically, the authors tackle the specific crimes of cyber bullying, cyber stalking, identity theft, online sex offenders, fraudsters, and cyber threats. There is extensive use of boxed stories, legal cases, practitioner's tips, tables, the discussion of legislation, flow charts, treaties and journals, as well as figures, diagrams, pictures, and computer screen shots. The book is comparative in nature: it covers not only cyber law in the US, but also case law in the UK, Ireland, and the Netherlands. Given the ubiquity of the computer and the crimes that it can generate, learning about how other nations handle these issues helps in the formation of our own methods for dealing with crimes domestically, as well as those that cross national boundaries."--ACM's Computing Reviews.com
"A better title for Digital Evidence and Computer Crime might be the Comprehensive Guide to Everything You Need to Know About Digital Forensics. One is hard pressed to find another book overflowing with so many valuable details and real-world examples."--Ben Rothke on Slashdot.org (Sept 2011)
"The third edition of this comprehensive textbook on forensic science and the Internet is thoroughly updated to reflect the great leaps forward in technology in the six years since the previous printing. The work is divided into five sections covering digital forensics, digital investigations, apprehending offenders, computers and network forensics, and chapters provide practical instruction, case studies and discussions of the theoretical basis for all aspects of digital investigation and the use of computer evidence in forensics and law enforcement. The volume is intended for police, lawyers and forensic analysts and provides a comprehensive look at contemporary methodologies computer crime and crime prevention. Contributors include legal academics as well as computer, networking and forensics professional from around the world."--Book News, Reference & Research
"A better title for Digital Evidence and Computer Crime might be the Comprehensive Guide to Everything You Need to Know About Digital Forensics. One is hard pressed to find another book overflowing with so many valuable details and real-world examples. The book is also relevant for those who are new to the field, as it provides a significant amount of introductory material that delivers a broad overview to the core areas of digital forensics. The book progresses to more advanced and cutting-edge topics, including sections on various operating systems, from Windows and Unix to Macintosh. This is the third edition of the book and completely updated and reedited. When it comes to digital forensics, this is the reference guide that all books on the topic will be measured against. With a list price of $70.00, this book is an incredible bargain given the depth and breadth of topics discussed, with each chapter written by an expert in the field. For those truly serious about digital forensics, Digital Evidence and Computer Crime is an equally serious book."--Slashdot.com
When it comes to a physical crime scene and the resulting forensics, investigators can ascertain that a crime took place and gather the necessary evidence. When it comes to digital crime, the evidence is often at the byte level, deep in the magnetics of digital media, initially invisible from the human eye. That is just one of the challenges of digital forensics, where it is easy to destroy crucial evidence, and often difficult to preserve correctly.
For those looking for an authoritative guide, Digital Evidence and Computer Crime is an invaluable book that can be used to ensure that any digital investigation is done in a formal manner, that can ultimately be used to determine what happened, and if needed, used as evidence in court.
Written by Eoghan Casey, a leader in the field of digital forensics, in collaboration with 10 other experts, the book's 24 chapters and nearly 800 pages provide an all-encompassing reference. Every relevant topic in digital forensics is dealt with in this extraordinary book. Its breadth makes it relevant to an extremely large reading audience: system and security administrators, incident responders, forensic analysts, law enforcement, lawyers and more.
In the introduction, Casey writes that one of the challenges of digital forensics is that the fundamental aspects of the field are still in development. Be it the terminology, tools, definitions, standards, ethics and more, there is a lot of debate amongst professionals about these areas. One of the book's goals is to assist the reader in tackling these areas and to advance the field. To that end, it achieves its goals and more.
Chapter 1 is appropriately titled Foundation of Digital Forensics, and provides a fantastic overview and introduction to the topic. Two of the superlative features in the book are the hundreds of case examples and practitioners' tips. The book magnificently integrates the theoretical aspects of forensics with real-world examples to make it an extremely decipherable guide.
Casey notes that one of the most important advances in the history of digital forensics took place in 2008 when the American Academy of Forensic Sciences created a new section devoted to digital and multimedia sciences. That development advanced digital forensics as a scientific discipline and provided a common ground for the varied members of the forensic science community to share knowledge and address current challenges.
In chapter 3 - Digital Evidence in the Courtroom - Casey notes that the most common mistake that prevents digital evidence from being admitted in court is that it is obtained without authorization. Generally, a warrant is required to search and seize evidence. This and other chapters go into detail on how to ensure that evidence gathered is ultimately usable in court.
Chapter 6 - Conducting Digital Investigations - is one of the best chapters in the book. Much of this chapter details how to apply the scientific method to digital investigations. The chapter is especially rich with tips and examples, which are crucial, for if an investigation is not conducted in a formal and consistent manner, a defense attorney will attempt to get the evidence dismissed.
Chapter 6 and other chapters reference the Association of Chief Police Officer's Good Practice Guide for Computer-Based Electronic Evidence as one of the most mature and practical documents to use when handling digital crime scenes. The focus of the guide is to help digital investigators handle the most common forms of digital evidence, including desktops, laptops and mobile devices.
The Good Practice Guide is important in that digital evidence comes in many forms, including audit trails, application, badge reader and ISP and IDS logs, biometric data, application metadata, and much more. The investigator needs to understand how all of these work and interoperate to ensure that they are collecting and interpreting the evidence correctly.
Chapter 9 - Modus Operandi - by Brent Turvey is a fascinating overview of how and why criminals commit crimes. He writes that while technologies and tools change, the underlying psychological needs and motives of the offenders and their associated criminal behavior has not changed through the ages.
Chapter 10 - Violent Crime and Digital Evidence - is another extremely fascinating and insightful chapter. Casey writes that whatever the circumstances of a violent crime, information is key to determining and thereby understanding the victim-offender relationship, and to developing an ongoing investigative strategy. Any details gleaned from digital evidence can be important, and digital investigators must develop the ability to prioritize what can be overwhelming amounts of evidence.
Chapter 13 - Forensic Preservation of Volatile Data - deals with the age-old forensic issue: to shut down or not to shut down? It provides a highly detailed sample volatile data preservation process for an investigator to follow to preserve volatile data from a system. There is also a fascinating section on the parallels between arson and digital intrusion investigations.
Part 4 of the book is Computers, in which the authors note that although digital investigators can use sophisticated software to recover deleted files and perform advanced analysis of computer hard drives, it is important for them to understand what is happening behind the scenes. A lack of understanding of how computers function and the processes that sophisticated tools have automated make it more difficult for digital investigators to explain their findings in court and can lead to incorrect interpretations of digital evidence.
Chapter 17 - File Systems - has an interesting section on dates and times. Given the importance of dates and times when investigating computer-related crimes, investigators need an understanding of how these values are stored and converted. The chapter has a table of the date-time stamp behavior on both FAT and NTFS file systems. Time stamps are not a trivial issue, as there are many different actions involved (file moved, deletion, copy, etc.) that can affect the date-time stamp in very different ways.
A better title for Digital Evidence and Computer Crime might be the Comprehensive Guide to Everything You Need to Know About Digital Forensics. One is hard pressed to find another book overflowing with so many valuable details and real-world examples.
The book is also relevant for those who are new to the field, as it provides a significant amount of introductory material that delivers a broad overview to the core areas of digital forensics.
The book progresses to more advanced and cutting-edge topics, including sections on various operating systems, from Windows and Unix to Macintosh.
This is the third edition of the book and completely upda#ted and reedited. When it comes to digital forensics, this is the reference guide that all books on the topic will be measured against.
With a list price of $70.00, this book is an incredible bargain given the depth and breadth of topics discussed, with each chapter written by an expert in the field. For those truly serious about digital forensics, Digital Evidence and Computer Crime is an equally serious book.
This book really is focused on legal aspects of computer crime and does not give a lot of detail about how to actually do any type of digital forensics. Great book for understanding some of the history and regulations on computer crime and would recommend for that reason. But if you want to know how to perform any type of digital forensics, get another book.
Product Details :
Hardcover: 840 pages
Publisher: Academic Press; 3 edition (May 4, 2011)
Language: English
ISBN-10: 0123742684
ISBN-13: 978-0123742681
Product Dimensions: 7.5 x 1.8 x 9.2 inches
More Details about Digital Evidence and Computer Crime, 3rd Edition: Forensic Science, Computers, and the Internet
or
Download Digital Evidence and Computer Crime, 3rd Edition: Forensic Science, Computers, and the Internet PDF Ebook
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment