Practical Digital Forensics

Get started with the art and science of digital forensics with this practical, hands-on guide!
Preview in Mapt
Code Files

Practical Digital Forensics

Richard Boddington

1 customer reviews
Get started with the art and science of digital forensics with this practical, hands-on guide!
Mapt Subscription
FREE
$29.99/m after trial
eBook
$10.00
RRP $39.99
Save 74%
Print + eBook
$49.99
RRP $49.99
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$0.00
$10.00
$49.99
$29.99 p/m after trial
RRP $39.99
RRP $49.99
Subscription
eBook
Print + eBook
Start 30 Day Trial

Frequently bought together


Practical Digital Forensics Book Cover
Practical Digital Forensics
$ 39.99
$ 10.00
Serverless Design Patterns and Best Practices Book Cover
Serverless Design Patterns and Best Practices
$ 35.99
$ 10.00
Buy 2 for $20.00
Save $55.98
Add to Cart

Book Details

ISBN 139781785887109
Paperback372 pages

Book Description

Digital Forensics is a methodology which includes using various tools, techniques, and programming language. This book will get you started with digital forensics and then follow on to preparing investigation plan and preparing toolkit for investigation.

In this book you will explore new and promising forensic processes and tools based on ‘disruptive technology’ that offer experienced and budding practitioners the means to regain control of their caseloads. During the course of the book, you will get to know about the technical side of digital forensics and various tools that are needed to perform digital forensics. This book will begin with giving a quick insight into the nature of digital evidence, where it is located and how it can be recovered and forensically examined to assist investigators. This book will take you through a series of chapters that look at the nature and circumstances of digital forensic examinations and explains the processes of evidence recovery and preservation from a range of digital devices, including mobile phones, and other media. This book has a range of case studies and simulations will allow you to apply the knowledge of the theory gained to real-life situations.

By the end of this book you will have gained a sound insight into digital forensics and its key components.

Table of Contents

Chapter 1: The Role of Digital Forensics and Its Environment
Understanding the history and purpose of forensics – specifically, digital forensics
Defining digital forensics and its role
Looking at the history of digital forensics
Studying criminal investigations and cybercrime
Outlining civil investigations and the nature of e-discovery
The role of digital forensic practitioners and the challenges they face
Case studies
References
Summary
Chapter 2: Hardware and Software Environments
Describing computers and the nature of digital information
Operating systems
Describing filesystems that contain evidence
Locating evidence in filesystems
Explaining password security, encryption, and hidden files
Case study – linking the evidence to the user
References
Summary
Chapter 3: The Nature and Special Properties of Digital Evidence
Defining digital evidence
The special characteristics of digital evidence
The technical complexities of digital evidence
Determining the value and admissibility of digital evidence
Case study – linking the evidence to the user
References
Summary
Chapter 4: Recovering and Preserving Digital Evidence
Understanding the chain of custody
Describing the physical acquisition and safekeeping of digital evidence
Recovering digital evidence through forensic imaging processes
Acquiring digital evidence through live recovery processes
Outlining the efficacy of existing forensic tools and the emergence of enhanced processes and tools
Case studies – linking the evidence to the user
References
Summary
Chapter 5: The Need for Enhanced Forensic Tools
Digital forensics laboratories
Emerging problems confronting practitioners because of increasingly large and widely dispersed datasets
Processes and forensic tools to assist practitioners to deal more effectively with these challenges
Empowering non-specialist law enforcement personnel and other stakeholders to become more effective first respondents at digital crime scenes
Case study – illustrating the challenges of interrogating large datasets
References
Summary
Chapter 6: Selecting and Analyzing Digital Evidence
Structured processes to locate and select digital evidence
Locating digital evidence
Selecting digital evidence
More effective forensic tools
Case study – illustrating the recovery of deleted evidence held in volume shadows
Summary
Chapter 7: Windows and Other Operating Systems as Sources of Evidence
The Windows Registry and system files and logs as resources of digital evidence
Apple and other operating system structures
Remote access and malware threats
Case study – corroborating evidence using Windows Registry
References
Summary
Chapter 8: Examining Browsers, E-mails, Messaging Systems, and Mobile Phones
Locating evidence from Internet browsing
Messaging systems
E-mail analysis and the processing of large e-mail databases
The growing challenge of evidence recovery from mobile phones and handheld devices
Case study – mobile phone evidence in a bomb hoax
Summary
Chapter 9: Validating the Evidence
The nature and problem of unsound digital evidence
Impartiality in selecting evidence
The structured and balanced analysis of digital evidence
Formalizing the validation of digital evidence
The presentation of digital evidence
Ethical issues confronting digital forensics practitioners
Case study – presumed unauthorized use of intellectual property
Summary
Chapter 10: Empowering Practitioners and Other Stakeholders
The evolving nature of digital evidence vis-à-vis the role of the practitioner
Solutions to the challenges posed by new hardware and software
More efficacious evidence recovery and preservation
Challenges posed by communication media and the cloud
The need for effective evidence processing and validation
Contingency planning
References
Summary

What You Will Learn

  • Gain familiarity with a range of different digital devices and operating and application systems that store digital evidence.
  • Appreciate and understand the function and capability of forensic processes and tools to locate and recover digital evidence.
  • Develop an understanding of the critical importance of recovering digital evidence in pristine condition and ensuring its safe handling from seizure to tendering it in evidence in court.
  • Recognise the attributes of digital evidence and where it may be hidden and is often located on a range of digital devices.
  • Understand the importance and challenge of digital evidence analysis and how it can assist investigations and court cases.
  • Explore emerging technologies and processes that empower forensic practitioners and other stakeholders to harness digital evidence more effectively.

Authors

Table of Contents

Chapter 1: The Role of Digital Forensics and Its Environment
Understanding the history and purpose of forensics – specifically, digital forensics
Defining digital forensics and its role
Looking at the history of digital forensics
Studying criminal investigations and cybercrime
Outlining civil investigations and the nature of e-discovery
The role of digital forensic practitioners and the challenges they face
Case studies
References
Summary
Chapter 2: Hardware and Software Environments
Describing computers and the nature of digital information
Operating systems
Describing filesystems that contain evidence
Locating evidence in filesystems
Explaining password security, encryption, and hidden files
Case study – linking the evidence to the user
References
Summary
Chapter 3: The Nature and Special Properties of Digital Evidence
Defining digital evidence
The special characteristics of digital evidence
The technical complexities of digital evidence
Determining the value and admissibility of digital evidence
Case study – linking the evidence to the user
References
Summary
Chapter 4: Recovering and Preserving Digital Evidence
Understanding the chain of custody
Describing the physical acquisition and safekeeping of digital evidence
Recovering digital evidence through forensic imaging processes
Acquiring digital evidence through live recovery processes
Outlining the efficacy of existing forensic tools and the emergence of enhanced processes and tools
Case studies – linking the evidence to the user
References
Summary
Chapter 5: The Need for Enhanced Forensic Tools
Digital forensics laboratories
Emerging problems confronting practitioners because of increasingly large and widely dispersed datasets
Processes and forensic tools to assist practitioners to deal more effectively with these challenges
Empowering non-specialist law enforcement personnel and other stakeholders to become more effective first respondents at digital crime scenes
Case study – illustrating the challenges of interrogating large datasets
References
Summary
Chapter 6: Selecting and Analyzing Digital Evidence
Structured processes to locate and select digital evidence
Locating digital evidence
Selecting digital evidence
More effective forensic tools
Case study – illustrating the recovery of deleted evidence held in volume shadows
Summary
Chapter 7: Windows and Other Operating Systems as Sources of Evidence
The Windows Registry and system files and logs as resources of digital evidence
Apple and other operating system structures
Remote access and malware threats
Case study – corroborating evidence using Windows Registry
References
Summary
Chapter 8: Examining Browsers, E-mails, Messaging Systems, and Mobile Phones
Locating evidence from Internet browsing
Messaging systems
E-mail analysis and the processing of large e-mail databases
The growing challenge of evidence recovery from mobile phones and handheld devices
Case study – mobile phone evidence in a bomb hoax
Summary
Chapter 9: Validating the Evidence
The nature and problem of unsound digital evidence
Impartiality in selecting evidence
The structured and balanced analysis of digital evidence
Formalizing the validation of digital evidence
The presentation of digital evidence
Ethical issues confronting digital forensics practitioners
Case study – presumed unauthorized use of intellectual property
Summary
Chapter 10: Empowering Practitioners and Other Stakeholders
The evolving nature of digital evidence vis-à-vis the role of the practitioner
Solutions to the challenges posed by new hardware and software
More efficacious evidence recovery and preservation
Challenges posed by communication media and the cloud
The need for effective evidence processing and validation
Contingency planning
References
Summary

Book Details

ISBN 139781785887109
Paperback372 pages
Read More
From 1 reviews

Read More Reviews

Recommended for You

Practical Mobile Forensics - Second Edition Book Cover
Practical Mobile Forensics - Second Edition
$ 43.99
$ 10.00
Mobile Forensics - Advanced Investigative Strategies Book Cover
Mobile Forensics - Advanced Investigative Strategies
$ 39.99
$ 10.00
Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition Book Cover
Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition
$ 35.99
$ 10.00
Mastering Metasploit - Second Edition Book Cover
Mastering Metasploit - Second Edition
$ 39.99
$ 10.00
Expert Python Programming Book Cover
Expert Python Programming
$ 26.99
$ 5.40
Digital Forensics and Incident Response Book Cover
Digital Forensics and Incident Response
$ 35.99
$ 10.00