Wiley.com
Print this page Share
E-book

Digital Forensics

Andre Arnes (Editor)
ISBN: 978-1-119-26241-1
376 pages
May 2017
Digital Forensics (1119262410) cover image

Description

The definitive text for students of digital forensics, as well as professionals looking to deepen their understanding of an increasingly critical field

Written by faculty members and associates of the world-renowned Norwegian Information Security Laboratory (NisLab) at the Norwegian University of Science and Technology (NTNU), this textbook takes a scientific approach to digital forensics ideally suited for university courses in digital forensics and information security. Each chapter was written by an accomplished expert in his or her field, many of them with extensive experience in law enforcement and industry. The author team comprises experts in digital forensics, cybercrime law, information security and related areas.  

Digital forensics is a key competency in meeting the growing risks of cybercrime, as well as for criminal investigation generally. Considering the astonishing pace at which new information technology – and new ways of exploiting information technology – is brought on line, researchers and practitioners regularly face new technical challenges, forcing them to continuously upgrade their investigatory skills. Designed to prepare the next generation to rise to those challenges, the material contained in Digital Forensics has been tested and refined by use in both graduate and undergraduate programs and subjected to formal evaluations for more than ten years.

  • Encompasses all aspects of the field, including methodological, scientific, technical and legal matters
  • Based on the latest research, it provides novel insights for students, including an informed look at the future of digital forensics
  • Includes test questions from actual exam sets, multiple choice questions suitable for online use and numerous visuals, illustrations and case example images
  • Features real-word examples and scenarios, including court cases and technical problems, as well as a rich library of academic references and references to online media

Digital Forensics is an excellent introductory text for programs in computer science and computer engineering and for master degree programs in military and police education. It is also a valuable reference for legal practitioners, police officers, investigators, and forensic practitioners seeking to gain a deeper understanding of digital forensics and cybercrime.

See More

Table of Contents

Preface xv

List of Contributors xvii

List of Figures xxi

List of Tables xxv

List of Examples xxvii

List of Definitions xxix

List of Abbreviations xxxi

1 Introduction 1
André Årnes

1.1 Forensic Science 1

1.2 Digital Forensics 4

1.3 Digital Evidence 7

1.4 Further Reading 9

1.5 Chapter Overview 10

1.6 Comments on Citation and Notation 10

2 The Digital Forensics Process 13
Anders O. Flaglien

2.1 Introduction 13

2.2 The Identification Phase 17

2.3 The  Collection Phase 24

2.4 The Examination Phase 33

2.5 The Analysis Phase 39

2.6 The Presentation Phase 45

2.7 Summary 47

2.8 Exercises 48

3 Cybercrime Law 51
Inger Marie Sunde

3.1 Introduction 51

3.2 The International Legal Framework of Cybercrime Law 54

3.3 Digital Crime – Substantive Criminal Law 76

3.4 Investigation Methods for Collecting Digital  Evidence 95

3.5 International Cooperation in Order to Collect Digital Evidence 109

3.6 Summary 115

3.7 Exercises 115

4 Digital Forensic Readiness 117
Ausra Dilijonaite

4.1 Introduction 117

4.2 Definition 117

4.3 Law Enforcement versus Enterprise Digital Forensic  Readiness 118

4.4 Why? A Rationale for Digital Forensic Readiness 119

4.5 Frameworks,  Standards,  and Methodologies 123

4.6 Becoming “Digital Forensic” Ready 126

4.7 Enterprise Digital Forensic  Readiness 127

4.8 Considerations  for  Law Enforcement 144

4.9 Summary 145

4.10 Exercises 145

5 Computer Forensics 147
Jeff Hamm

5.1 Introduction 147

5.2 Evidence Collection 148

5.3 Examination 152

5.4 Analysis 185

5.5 Summary 189

5.6 Exercises 190

6 Mobile and Embedded Forensics 191
Jens-Petter Sandvik

6.1 Introduction 192

6.2 Collection Phase 208

6.3 Examination Phase 247

6.4 Reverse Engineering and Analysis of Applications 267

6.5 Summary 270

6.6 Exercises 271

7 Internet Forensics 275
Petter Christian Bjelland

7.1 Introduction 275

7.2 Computer Networking 276

7.3 Layers of Network Abstraction 277

7.4 The Internet 279

7.5 Tracing Information on the Internet 289

7.6 Collection Phase – Local Acquisition 294

7.7 Collection Phase – Network Acquisition 298

7.8 Collection Phase – Remote Acquisition 300

7.9 Other Considerations 304

7.10 The Examination and Analysis Phases 306

7.11 Summary 311

7.12 Exercises 312

8 Challenges in Digital Forensics 313
Katrin Franke and André Årnes

8.1 Computational Forensics 313

8.2 Automation and Standardization 316

8.3 Research Agenda 317

8.4 Summary 317

9 Educational Guide 319
Stefan Axelsson

9.1 Teacher’s Guide 319

9.2 Student’s Guide 320

9.3 Summary 324

References 325

Index 333

See More

Author Information

ANDRÉ ÅRNES, PhD is Senior Vice President and Chief Security Office of Telenor Group and an Associate Professor on the faculty of the Norwegian Information Security Laboratory (NisLab) at the Norwegian University of Technology and Science (NTNU). An experienced cyber security expert, Dr. Årnes has extensive experience both as a security leader in a global corporation and as a computer crime special investigator in law enforcement.

See More

Related Titles

Back to Top