Contents. Digital Forensics ACKNOWLEDGMENTS.. AUTHOR BIOGRAPHIES INTRODUCTION. Foundations of Digital Forensics

Size: px

Start display at page:

Download "Contents. Digital Forensics ACKNOWLEDGMENTS.. AUTHOR BIOGRAPHIES INTRODUCTION. Foundations of Digital Forensics"

Delilah Poole
7 years ago
Views:

1 Contents ACKNOWLEDGMENTS.. AUTHOR BIOGRAPHIES INTRODUCTION PART 1 Digital Forensics CHAPTER 1 Foundations of Digital Forensics Eoghan Casey CHAPTER 2 Digital Evidence Increasing Awareness of Digital Evidence... Digital Forensics: Past, Present, and Future Principles of Digital Forensics Challenging Aspects of Digital Evidence Following the Cybertrail Digital Forensics Research Summary Language of Computer C r i m e Investigation.. Eoghan CHAPTER 3 Casey Language of Computer Crime Investigation The Rôle of Computers in Crime Summary Digital E v i d e n c e i n the Courtroom Eoghan Casey Duty of Experts Admissibility Levels of Certainty in Digital Forensics Direct versus Circumstantial Evidence. Scientific Evidence

2 3.6 Presenting Digital Evidence Summary 81 CHAPTER 4 Cybercrime Law: A United States Perspective 85 Susan W. Brenner 4.1 Fédéral Cybercrime Law State Cybercrime Law Constitutional Law Fourth Amendment Fifth Amendment and Encryption 115 CHAPTER 5 Cybercrime Law: A European Perspective 123 Bert-Jaap Koops and Tessa Robinson PART The European and National Legal Frameworks Progression of Cybercrime Législation in Europe Spécifie Cybercrime Offenses Computer-Integrity Crimes Computer-Assisted Crimes Content-Related Cybercrimes Other Offenses Jurisdiction Summary 182 Digital Investigations CHAPTER 6 Conducting Digital Investigations 187 and Bradley Schatz 6.1 Digital Investigation Process Models Scaffolding for Digital Investigations Applying the Scientific Method in Digital Investigations Investigative Scenario: Security Breach Summary 224 CHAPTER 7 Handling a Digital Crime Scène Published Guidelines for Handling Digital Crime Scènes Fundamental Principles Authorization 234

3 7.4 Preparing to Handle Digital Crime Scènes Surveying the Digital Crime Scène Preserving the Digital Crime Scène Summary 253 CHAPTER 8 Investigative Reconstruction with Digital Evidence 255 and Brent E. Turvey 8.1 Equivocal Forensic Analysis Victimology Crime Scène Characteristics Threshold Assessments Summary 282 CHAPTER 9 Modus Operandi, Motive, and Technology 285 Brent E. Turvey PART Axes to Pathological Criminals and Other Unintended Conséquences Modus Operandi Technology and Modus Operandi Motive and Technology Current Technologies Summary 304 Apprehending Offenders CHAPTER 10 Violent Crime and Digital Evidence 307 and Terrance Maguire 10.1 The Role of Computers in Violent Crime Processing the Digital Crime Scène Investigative Reconstruction Conclusions 321 CHAPTER 11 Digital Evidence as Alibi Investigating an Alibi Time as Alibi Location as Alibi Summary 328

4 CHAPTER 12 Sex Offenders on the Internet 329, Monique M. Ferraro, and Michael McGrath 12.1 Old Behaviors, New Medium Légal Considérations Identifying and Processing Digital Evidence Investigating Online Sexual Offenders Investigative Reconstruction Case Example: Scott Tyree Case Example: Peter Chapman Summary 362 CHAPTER 13 Computer Intrusions 369 and Christopher Daywalt 13.1 How Computer Intruders Operate Investigating Computer Intrusions Forensic Préservation of Volatile Data Post-Mortem Investigation of a Compromised System Investigation of Malicious Computer Programs Investigative Reconstruction Summary 419 CHAPTER 14 Cyberstalking 421 PART How Cyberstalkers Operate Investigating Cyberstalking Cyberstalking Case Example Summary 433 Computers CHAPTER 15 Computer Basics for Digital Investigators A Brief History of Computers Basic Opération of Computers Représentation of Data Storage Media and Data Hiding File Systems and Location of Data 450

5 15.6 Dealing with Password Protection and Encryption Summary 462 CHAPTER 16 Applying Forensic Science to Computers Préparation Survey Documentation Préservation Examination and Analysis Reconstruction Reporting Summary 510 CHAPTER 17 Digital Evidence on Windows Systems File Systems Data Recovery Log Files Registry Internet Traces Program Analysis Summary 548 CHAPTER 18 Digital Evidence on UNIX Systems UNIX Evidence Acquisition Boot Disk File Systems Overview of Digital Evidence Processing Tools Data Recovery Log Files File System Traces Internet Traces Summary 585 CHAPTER 19 Digital Evidence on Macintosh Systems File Systems Overview of Digital Evidence Processing Tools 590

6 19.3 Data Recovery File System Traces Internet Traces Summary 602 CHAPTER 20 Digital Evidence on Mobile Devices and Benjamin Turnbull PART 5 This chapter appears online at Network Forensics CHAPTER 21 Network Basics for Digital Investigators 607 and Benjamin Turnbull 21.1 A Brief History of Computer Networks Technical Overview of Networks Network Technologies Connecting Networks Using Internet Protocols Summary 631 CHAPTER 22 Applying Forensic Science to Networks Préparation and Authorization Identification Documentation, Collection, and Préservation Filtering and Data Réduction Class/Individual Characteristics and Evaluation of Source Evidence Recovery Investigative Reconstruction Reporting Results Summary 668 CHAPTER 23 Digital Evidence on the Internet Rôle of the Internet in Criminal Investigations Internet Services: Legitimate versus Criminal Uses 672

7 Contents 23.3 Using the Internet as an Investigative Tool Online Anonymity and Self-Protection Forgery and Tracking Usenet Forgery and Tracking Searching and Tracking on IRC Summary 711 CHAPTER 24 Digital Evidence on Physical and Data-Link Layers Ethernet Linking the Data-Link and Network Layers: Encapsulation Ethernet versus ATM Networks Documentation, Collection, and Préservation Analysis Tools and Techniques Summary 736 CHAPTER 25 Digital Evidence at the Network and Transport Layers TCP/IP Setting up a Network TCP/IP-Related Digital Evidence Summary 769 CASE INDEX 771 NAME INDEX 773 SUBJECT INDEX 775

Digital Evidence and Computer Crime. Third Edition

Digital Evidence and Computer Crime Third Edition Related titles by Handbook of Digital Forensics and Investigation Edited by http://www.elsevierdirect.com/product.jsp?isbn=9780123742674 Malware Forensics: