Synopses & Reviews
Digital evidence--evidence that is stored on or transmitted by computers--can play a major role in a wide range of crimes, including homicide, rape, abduction, child abuse, solicitation of minors, child pornography, stalking, harassment, fraud, theft, drug trafficking, computer intrusions, espionage, and terrorism.
Though an increasing number of criminals are using computers and computer networks, few investigators are well-versed in the evidentiary, technical, and legal issues related to digital evidence. As a result, digital evidence is often overlooked,
collected incorrectly, and analyzed ineffectively. The aim of this hands-on resource is to educate students and professionals in the law enforcement, forensic science, computer security, and legal communities about digital evidence and computer crime.
This work explains how computers and networks function, how they can be involved in crimes, and how they can be used as a source of evidence. As well as gaining a practical understanding of how computers and networks function and how they can be used as evidence of a crime, readers will learn about relevant legal issues and will be introduced to deductive criminal profiling, a systematic approach to focusing an investigation and understanding criminal motivations.
Readers will receive access to the author's accompanying Web site which contains simulated cases that integrate many of the topics covered in the text. Frequently updated, these cases teaching individuals about:
* Components of computer networks
* Use of computer networks in an investigation
* Abuse of computer networks
* Privacy and security issues on computer networks
* The law as it applies to computer networks
* Provides a thorough explanation of how computers and networks function, how they can be involved in crimes, and how they can be used as a source of evidence
* Offers readers information about relevant legal issues
* Features coverage of the abuse of computer networks and privacy and security issues on computer networks
* Free unlimited access to author's Web site which includes numerous and frequently updated case examples
Review
Praise for the First Edition:
Author Eoghan Casey does a superb job of applying forensic science to computers." -- Ben Rothke, SecurityManagement.com
Praise for Second Edition:
This book is a great reference for any security professional facing issues in this area. '" ComputerWorld
This behemoth of a book offers more than 680 pages of useful information on digital forensics and computer crime. '" ComputerWorld
'.something for everyone - law enforcement agencies that collect and process evidence, forensic analysts, lawyers and other information security professionals. '" ComputerWorld
...Casey does a great job making difficult concepts easy to understand. '" ComputerWorld
Review
Praise for the First Edition:
Author Eoghan Casey does a superb job of applying forensic science to computers." -- Ben Rothke, SecurityManagement.com
Praise for Second Edition:
This book is a great reference for any security professional facing issues in this area. ComputerWorld
This behemoth of a book offers more than 680 pages of useful information on digital forensics and computer crime. ComputerWorld
....something for everyone - law enforcement agencies that collect and process evidence, forensic analysts, lawyers and other information security professionals. ComputerWorld
...Casey does a great job making difficult concepts easy to understand. ComputerWorld
Review
>
....something for everyone - law enforcement agencies that collect and process evidence, forensic analysts, lawyers and other information security professionals. ComputerWorld
...Casey does a great job making difficult concepts easy to understand. ComputerWorld
Synopsis
Digital Evidence and Computer Crime, Second Edition, is a hands-on resource that aims to educate students and professionals in the law enforcement, forensic science, computer security, and legal communities about digital evidence and computer crime. This textbook explains how computers and networks function, how they can be involved in crimes, and how they can be used as a source of evidence.
In addition to gaining a practical understanding of how computers and networks function and how they can be used as evidence of a crime, students will learn about relevant legal issues and will be introduced to deductive criminal profiling, a systematic approach to focusing an investigation and understanding criminal motivations. Readers will receive unlimited access to the author's accompanying website, which contains simulated cases that integrate many of the topics covered in the text.
This text is required reading for anyone involved in computer investigations or computer administration, including computer forensic consultants, law enforcement, computer security professionals, government agencies (IRS, FBI, CIA, Dept. of Justice), fraud examiners, system administrators, and lawyers.
- Provides a thorough explanation of how computers and networks function, how they can be involved in crimes, and how they can be used as a source of evidence
- Offers readers information about relevant legal issues
- Features coverage of the abuse of computer networks and privacy and security issues on computer networks
Synopsis
puters and networks function and how they can be used as evidence of a crime, readers will learn about relevant legal issues and will be introduced to deductive criminal profiling, a systematic approach to focusing an investigation and understanding criminal motivations.
Readers will receive access to the author's accompanying Web site which contains simulated cases that integrate many of the topics covered in the text. Frequently updated, these cases teaching individuals about:
* Components of computer networks
* Use of computer networks in an investigation
* Abuse of computer networks
* Privacy and security issues on computer networks
* The law as it applies to computer networks
Synopsis
puters and networks function and how they can be used as evidence of a crime, readers will learn about relevant legal issues and will be introduced to deductive criminal profiling, a systematic approach to focusing an investigation and understanding criminal motivations.
Readers will receive access to the author's accompanying Web site which contains simulated cases that integrate many of the topics covered in the text. Frequently updated, these cases teaching individuals about:
* Components of computer networks
* Use of computer networks in an investigation
* Abuse of computer networks
* Privacy and security issues on computer networks
* The law as it applies to computer networks
Synopsis
ues on computer networks
* The law as it applies to computer networks
Synopsis
nts of computer networks
* Use of computer networks in an investigation
* Abuse of computer networks
* Privacy and security issues on computer networks
* The law as it applies to computer networks
About the Author
Eoghan Casey is founding partner of cmdLabs, author of the foundational book Digital Evidence and Computer Crime, and coauthor of Malware Forensics. For over a decade, he has dedicated himself to advancing the practice of incident handling and digital forensics. He helps client organizations handle security breaches and analyzes digital evidence in a wide range of investigations, including network intrusions with international scope. He has testified in civil and criminal cases, and has submitted expert reports and prepared trial exhibits for computer forensic and cyber-crime cases. Eoghan has performed thousands of forensic acquisitions and examinations, including Windows and UNIX systems, Enterprise servers, smart phones, cell phones, network logs, backup tapes, and database systems. He has performed vulnerability assessments, deployed and maintained intrusion detection systems, firewalls and public key infrastructures, and developed policies, procedures, and educational programs for a variety of organizations. In addition, he conducts research and teaches graduate students at Johns Hopkins University Information Security Institute, is editor of the Handbook of Digital Forensics and Investigation, and is Editor-in-Chief of Elsevier's International Journal of Digital Investigation.
Eoghan Casey, cmdLabs, Baltimore, MD, USA
Table of Contents
Part 1 - 1: Digital Evidence and Computer Crime; 2: History and Terminology of Computer Crime Investigation; 3: Technology and Law; 4: The Investigative Process; 5: Investigative Reconstruction; 6: Modus Operandi, Motive & Technology; 7: Digital Evidence in the Courtroom; Part 2 - 8: Computer Basics for Digital Evidence Examiners; 9: Applying Forensic Science to Computers; 10: Forensic Analysis of Windows Systems
Chapter 11: Forensic Analysis of Unix Systems; 12: Forensic Analysis of Macintosh Systems; 13: Forensic Analysis of Handheld Devices; Part 3 - 14: Network Basics for Digital Evidence Examiners; 15: Applying Forensic Science to Networks; 16: Digital Evidence on Physical and Data-Link Layers; 17: Digital Evidence on Network and Transport Layers; 18: Digital Evidence on the Internet; Part 4 - 19: Investigating Computer Intrusions; 20: Sex Offenders on the Internet; 21: Investigating Cyberstalking; 22: Digital Evidence as Alibi