Digital Forensics
Threatscape and Best Practices
- 1st Edition - December 14, 2015
- Latest edition
- Editor: John Sammons
- Language: English
Digital Forensics: Threatscape and Best Practices surveys the problems and challenges confronting digital forensic professionals today, including massive data sets and everchang… Read more
Digital Forensics: Threatscape and Best Practices surveys the problems and challenges confronting digital forensic professionals today, including massive data sets and everchanging technology. This book provides a coherent overview of the threatscape in a broad range of topics, providing practitioners and students alike with a comprehensive, coherent overview of the threat landscape and what can be done to manage and prepare for it. Digital Forensics: Threatscape and Best Practices delivers you with incisive analysis and best practices from a panel of expert authors, led by John Sammons, bestselling author of The Basics of Digital Forensics.
- Learn the basics of cryptocurrencies (like Bitcoin) and the artifacts they generate
- Learn why examination planning matters and how to do it effectively
- Discover how to incorporate behaviorial analysis into your digital forensics examinations
- Stay updated with the key artifacts created by the latest Mac OS, OS X 10.11, El Capitan
- Discusses the threatscapes and challenges facing mobile device forensics, law enforcement,
and legal cases - The power of applying the electronic discovery workflows to digital forensics
- Discover the value of and impact of social media forensics
Information Security professionals of all levels, digital forensic examiners and investigators, InfoSec consultants, hackers, penetration testers, government officials and law enforcement officers
- Dedication
- List of Contributors
- Editor Biography
- Biographies
- Acknowledgments
- Chapter 1: The cryptocurrency enigma
- Abstract
- Purpose
- Introduction
- What makes a currency?
- Cryptocurrency
- Public key encryption basics
- Forensic relevance
- Bitcoin
- Bitcoin protocol
- Forensic artifacts
- Multibit HD
- The bitcoin protocol in action
- Summary
- Chapter 2: The key to forensic success: examination planning is a key determinant of efficient and effective digital forensics
- Abstract
- Introduction
- The four phases of digital forensics
- It is a matter of questions
- Investigative questions
- Legal questions
- Forensic questions
- Identification
- Classification/individualization
- Association
- Reconstruction
- Forensic questions as a bridge
- Developing forensic hypotheses
- Knowing how far to go
- Starting the plan
- How do you know when you are done?
- Examination phase – data extraction
- The forensic analysis
- The examination planning process
- Conclusion
- Chapter 3: Psychological profiling as an investigative tool for digital forensics
- Abstract
- Current model
- Issues
- New model
- Phases
- Limitations
- Case studies
- Conclusions
- Chapter 4: The intersection between social media, crime, and digital forensics: #WhoDunIt?
- Abstract
- Introduction
- Social media and crime
- Social media and digital forensics
- Social media evidence on the network
- Social media evidence on the physical device
- Summary
- Chapter 5: Mobile device forensics: threats, challenges, and future trends
- Abstract
- Introduction
- The hardware versus software complexity trend
- Cloud services and mobile platforms – inherent vulnerabilities
- There is an app for that – forensic challenges and threats within apps
- Persistent threats and challenges – what lies ahead for mobile device forensics
- Conclusion
- Chapter 6: Digital forensics in an eDiscovery world
- Abstract
- Introduction
- eDiscovery processes and EDRM
- Digital investigations workflows
- Chapter 7: OS X El Capitan forensics
- Abstract
- Introduction
- Default directory structure
- User
- {User name}/library
- New features in OS X 10.11 El Capitan
- Conclusion
- Quick reference table
- Chapter 8: Cybercrimes: an overview of contemporary challenges and impending threats
- Abstract
- Combating cybercrimes
- Current cybercrimes and evolving threats
- Hacking
- Future issues for law enforcement and digital forensic analysts
- Chapter 9: Legal
- Abstract
- Introduction
- The fourth amendment
- Search warrants
- Federal privacy legislation
- Drones
- Tracking vehicles
- Tracking cell phones
- Automated license plate readers
- Cell phones
- Encryption
- Encryption and cell phones
- The internet of things
- The dark web
- Malware
- Looking ahead
- Author Index
- Subject Index
- Edition: 1
- Latest edition
- Published: December 14, 2015
- Language: English
JS
John Sammons
John Sammons is a distinguished scholar and educator in digital forensics, currently serving as a Professor at Marshall University and Associate Director of the Institute for Cyber Security. With a background as a Huntington Police officer, he has been recognized for his investigative work by the U.S. Department of Justice.
He is the author and co-author of several notable books, including the acclaimed "The Basics of Digital Forensics," which was nominated for Digital Forensics Book of the Year in 2013. John also contributed to the digital forensics chapter of Douglas Ubelaker’s "Forensic Science: Current Issues, Future Directions."
In addition to his academic roles, he is the Fusion Center Liaison Officer for the West Virginia Intelligence Fusion Center and founded the Appalachian Institute of Digital Evidence, a non-profit focused on research and training in digital evidence. John holds multiple certifications and is a member of several professional organizations, including the American Academy of Forensic Sciences and the FBI Infragard. Before joining Marshall, he co-founded Second Creek Technologies, a digital forensics firm. He also teaches advanced digital forensics and firearms to graduate students and provides training for legal and law enforcement professionals.Affiliations and expertise
Associate Professor and Director of the Digital Forensics and Information Assurance program, Marshall University, Huntington, WV, USARead Digital Forensics on ScienceDirect