You are previewing Digital Forensics.
O'Reilly logo
Digital Forensics

Book Description

Digital Forensics: Threatscape and Best Practices surveys the problems and challenges confronting digital forensic professionals today, including massive data sets and everchanging technology. This book provides a coherent overview of the threatscape in a broad range of topics, providing practitioners and students alike with a comprehensive, coherent overview of the threat landscape and what can be done to manage and prepare for it. Digital Forensics: Threatscape and Best Practices delivers you with incisive analysis and best practices from a panel of expert authors, led by John Sammons, bestselling author of The Basics of Digital Forensics.

    • Learn the basics of cryptocurrencies (like Bitcoin) and the artifacts they generate.
      • Learn why examination planning matters and how to do it effectively.
        • Discover how to incorporate behaviorial analysis into your digital forensics examinations.
          • Stay updated with the key artifacts created by the latest Mac OS, OS X 10.11, El Capitan.
            • Discusses the threatscapes and challenges facing mobile device forensics, law enforcement, and legal cases
              • The power of applying the electronic discovery workflows to digital forensics.
                • Discover the value of and impact of social media forensics.

Table of Contents

  1. Cover
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Dedication
  6. List of Contributors
  7. Editor Biography
  8. Biographies
  9. Acknowledgments
  10. Chapter 1: The cryptocurrency enigma
    1. Abstract
    2. Purpose
    3. Introduction
    4. What makes a currency?
    5. Cryptocurrency
    6. Public key encryption basics
    7. Forensic relevance
    8. Bitcoin
    9. Bitcoin protocol
    10. Forensic artifacts
    11. Multibit HD
    12. The bitcoin protocol in action
    13. Summary
  11. Chapter 2: The key to forensic success: examination planning is a key determinant of efficient and effective digital forensics
    1. Abstract
    2. Introduction
    3. The four phases of digital forensics
    4. It is a matter of questions
    5. Investigative questions
    6. Legal questions
    7. Forensic questions
    8. Identification
    9. Classification/individualization
    10. Association
    11. Reconstruction
    12. Forensic questions as a bridge
    13. Developing forensic hypotheses
    14. Knowing how far to go
    15. Starting the plan
    16. How do you know when you are done?
    17. Examination phase – data extraction
    18. The forensic analysis
    19. The examination planning process
    20. Conclusion
  12. Chapter 3: Psychological profiling as an investigative tool for digital forensics
    1. Abstract
    2. Current model
    3. Issues
    4. New model
    5. Phases
    6. Limitations
    7. Case studies
    8. Conclusions
  13. Chapter 4: The intersection between social media, crime, and digital forensics: #WhoDunIt?
    1. Abstract
    2. Introduction
    3. Social media and crime
    4. Social media and digital forensics
    5. Social media evidence on the network
    6. Social media evidence on the physical device
    7. Summary
  14. Chapter 5: Mobile device forensics: threats, challenges, and future trends
    1. Abstract
    2. Introduction
    3. The hardware versus software complexity trend
    4. Cloud services and mobile platforms – inherent vulnerabilities
    5. There is an app for that – forensic challenges and threats within apps
    6. Persistent threats and challenges – what lies ahead for mobile device forensics
    7. Conclusion
  15. Chapter 6: Digital forensics in an eDiscovery world
    1. Abstract
    2. Introduction
    3. eDiscovery processes and EDRM
    4. Digital investigations workflows
  16. Chapter 7: OS X El Capitan forensics
    1. Abstract
    2. Introduction
    3. Default directory structure
    4. User
    5. {User name}/library
    6. New features in OS X 10.11 El Capitan
    7. Conclusion
    8. Quick reference table
  17. Chapter 8: Cybercrimes: an overview of contemporary challenges and impending threats
    1. Abstract
    2. Combating cybercrimes
    3. Current cybercrimes and evolving threats
    4. Hacking
    5. Future issues for law enforcement and digital forensic analysts
  18. Chapter 9: Legal
    1. Abstract
    2. Introduction
    3. The fourth amendment
    4. Search warrants
    5. Federal privacy legislation
    6. Drones
    7. Tracking vehicles
    8. Tracking cell phones
    9. Automated license plate readers
    10. Cell phones
    11. Encryption
    12. Encryption and cell phones
    13. The internet of things
    14. The dark web
    15. Malware
    16. Looking ahead
  19. Author Index
  20. Subject Index