You are previewing Placing the Suspect Behind the Keyboard.
O'Reilly logo
Placing the Suspect Behind the Keyboard

Book Description

Placing the Suspect Behind the Keyboard is the definitive book on conducting a complete investigation of a cybercrime using digital forensics techniques as well as physical investigative procedures. This book merges a digital analysis examiner's work with the work of a case investigator in order to build a solid case to identify and prosecute cybercriminals.

Brett Shavers links traditional investigative techniques with high tech crime analysis in a manner that not only determines elements of crimes, but also places the suspect at the keyboard. This book is a first in combining investigative strategies of digital forensics analysis processes alongside physical investigative techniques in which the reader will gain a holistic approach to their current and future cybercrime investigations.



• Learn the tools and investigative principles of both physical and digital cybercrime investigations—and how they fit together to build a solid and complete case.

• Master the techniques of conducting a holistic investigation that combines both digital and physical evidence to track down the "suspect behind the keyboard."

• The only book to combine physical and digital investigative techniques.

Table of Contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Acknowledgments
  6. About the Author
  7. About the Technical Editor
  8. Foreword
  9. Preface
  10. Chapter 1. Introduction
    1. Digital Evidence Collection
    2. Simple File Copying
    3. “Dead Box” Approaches
    4. “Live Box” Approaches
    5. Decision-Making FlowChart
    6. Preview/Triage
    7. SmartPhones and Cellular Devices
    8. Summary
    9. Bibliography
  11. Chapter 2. High Tech Interview
    1. Introduction
    2. The Main Goal of Questioning a Suspect
    3. The Line of Questions for Suspects
    4. Questions for Victims
    5. Questions for Network Administrators
    6. Summary
    7. Bibliography
  12. Chapter 3. Physical Investigations
    1. Introduction
    2. Hazards of Acting Upon Minimal Information
    3. Physical Surveillance
    4. Electronic Surveillance
    5. Obtaining Personal Information
    6. Undercover and Informant Operations
    7. Witnesses
    8. Deconfliction
    9. Summary
    10. Bibliography
  13. Chapter 4. Technical Investigations
    1. Introduction
    2. Digital Investigative Techniques
    3. Who? What? When? Why? Where? and How?
    4. “Other” Device Forensics
    5. Online Social Networking
    6. User Activity
    7. Digital Authorship
    8. Profiling
    9. Biological Forensic Evidence
    10. Triage and Previews
    11. Summary
    12. Bibliography
  14. Chapter 5. Putting It All Together
    1. “2+2=Putting it all together”
    2. Timelines
    3. Follow the Evidence
    4. Rabbit Holes
    5. Summary
    6. Bibliography
  15. Chapter 6. Investigative Case Management
    1. Introduction
    2. Bibliography
  16. Chapter 7. Case Presentation
    1. Introduction
    2. It’s Not Whether You Win or Lose
    3. Investigative Mindset
    4. Your Audience
    5. Preparation
    6. Organizing Case Information
    7. Value of Visuals
    8. The Suspect’s Machine
    9. Analogies
    10. Avoid TMI (Too Much Information)
    11. Your Presentation
    12. Summary
    13. Bibliography
  17. Chapter 8. Cheat Sheets and Quickstart Guides
    1. Introduction
    2. Cheat Sheets and Quickstart Guides
    3. Checklists
    4. Summary
    5. Bibliography
  18. Chapter 9. Some Things Will Become Easier, Others Not So Much
    1. Introduction
    2. It Will Become Easier to Place a Suspect Behind the Keyboard
    3. It Will Become More Difficult to Place a Suspect Behind the Keyboard
    4. Summary
    5. Bibliography
  19. Chapter 10. Online Investigations
    1. Introduction
    2. Online Investigations
    3. Capturing Webpages as Evidence
    4. Summary
    5. Bibliography
  20. Chapter 11. Case Studies
    1. Introduction
    2. A Day in the Life of a Cybercriminal
    3. The Life and Casework of a Cyber Investigator
    4. Testifying to Your Work
    5. Summary
    6. Bibliography
  21. Index