Computer Forensics Computer Science Investigation
, by Vacca, John R
- ISBN: 9781584503897 | 1584503890
- Cover: Paperback
- Copyright: 1/2/2005
Using personal computers as their weapons, hackers and criminals (some only 11 years old) have attacked the Internet, government agencies, financial companies, small businesses, and the credit card accounts of unsuspecting individuals. This completely updated book/CD package provides a complete overview of computer forensics from information security issues to "crime scene investigation," seizure of data, determining the "fingerprints" of the crime, and tracking down the criminals. The book's companion CD-ROM contains demos of the latest computer forensics software. Numerous exercises, case studies, and vignettes of actual crimes enhance the topics under discussion, and provide the reader with solutions to computer crime in the real world.
| Acknowledgments | p. xix |
| Foreword | p. xxi |
| Introduction | p. xxv |
| Overview of Computer Forensics Technology | p. 1 |
| Computer Forensics Fundamentals | p. 3 |
| Introduction to Computer Forensics | p. 4 |
| Use of Computer Forensics in Law Enforcement | p. 8 |
| Computer Forensics Assistance to Human Resources/Employment Proceedings | p. 9 |
| Computer Forensics Services | p. 10 |
| Benefits of Professional Forensics Methodology | p. 17 |
| Who Can Use Computer Forensic Evidence? | p. 18 |
| Case Histories | p. 24 |
| Case Studies | p. 27 |
| Summary | p. 28 |
| Chapter Review Questions and Exercises | p. 31 |
| Hands-On Projects | p. 33 |
| References | p. 34 |
| Types of Computer Forensics Technology | p. 35 |
| Types of Military Computer Forensic Technology | p. 36 |
| Types of Law Enforcement Computer Forensic Technology | p. 38 |
| Types of Business Computer Forensic Technology | p. 52 |
| Specialized Forensics Techniques | p. 57 |
| Hidden Data and How to Find It | p. 61 |
| Spyware and Adware | p. 61 |
| Encryption Methods and Vulnerabilities | p. 63 |
| Protecting Data from Being Compromised | p. 64 |
| Internet Tracing Methods | p. 65 |
| Security and Wireless Technologies | p. 69 |
| Avoiding Pitfalls with Firewalls | p. 71 |
| Biometric Security Systems | p. 72 |
| Summary | p. 73 |
| Chapter Review Questions and Exercises | p. 77 |
| Hands-On Projects | p. 79 |
| References | p. 81 |
| Types of Computer Forensics Systems | p. 83 |
| Internet Security Systems | p. 84 |
| Intrusion Detection Systems | p. 91 |
| Firewall Security Systems | p. 99 |
| Storage Area Network Security Systems | p. 108 |
| Network Disaster Recovery Systems | p. 112 |
| Public Key Infrastructure Systems | p. 113 |
| Wireless Network Security Systems | p. 115 |
| Satellite Encryption Security Systems | p. 118 |
| Instant Messaging (IM) Security Systems | p. 125 |
| Net Privacy Systems | p. 126 |
| Identity Management Security Systems | p. 129 |
| Identity Theft | p. 137 |
| Biometric Security Systems | p. 141 |
| Homeland Security Systems | p. 143 |
| Summary | p. 145 |
| Chapter Review Questions and Exercises | p. 148 |
| Hands-on Projects | p. 150 |
| References | p. 151 |
| Vendor and Computer Forensics Services | p. 153 |
| Occurrence of Cyber Crime | p. 154 |
| Cyber Detectives | p. 155 |
| Fighting Cyber Crime with Risk-Management Techniques | p. 156 |
| Computer Forensics Investigative Services | p. 162 |
| Forensic Process Improvement | p. 167 |
| Course Content | p. 176 |
| Case Histories | p. 180 |
| Summary | p. 182 |
| Chapter Review Questions and Exercises | p. 184 |
| Hands-On Projects | p. 186 |
| References | p. 186 |
| Computer Forensics Evidence and Capture | p. 189 |
| Data Recovery | p. 191 |
| Data Recovery Defined | p. 191 |
| Data Backup and Recovery | p. 192 |
| The Role of Backup in Data Recovery | p. 200 |
| The Data-Recovery Solution | p. 203 |
| Hiding and Recovering Hidden Data | p. 206 |
| Case Histories | p. 209 |
| Summary | p. 212 |
| Chapter Review Questions and Exercises | p. 214 |
| Hands-On Projects | p. 216 |
| References | p. 216 |
| Evidence Collection and Data Seizure | p. 217 |
| Why Collect Evidence? | p. 217 |
| Collection Options | p. 218 |
| Obstacles | p. 218 |
| Types of Evidence | p. 219 |
| The Rules of Evidence | p. 220 |
| Volatile Evidence | p. 223 |
| General Procedure | p. 224 |
| Collecting and Archiving | p. 224 |
| Methods of Collection | p. 225 |
| Artifacts | p. 226 |
| Collection Steps | p. 226 |
| Controlling Contamination: The Chain of Custody | p. 228 |
| Reconstructing the Attack | p. 229 |
| Summary | p. 229 |
| Chapter Review Questions and Exercises | p. 231 |
| Hands-on Projects | p. 232 |
| References | p. 233 |
| Duplication and Preservation of Digital Evidence | p. 235 |
| Preserving the Digital Crime Scene | p. 238 |
| Computer Evidence Processing Steps | p. 240 |
| Legal Aspects of Collecting and Preserving Computer Forensic Evidence | p. 247 |
| Summary | p. 252 |
| Chapter Review Questions and Exercises | p. 254 |
| Hands-on Projects | p. 255 |
| References | p. 256 |
| Computer Image Verification and Authentication | p. 257 |
| Special Needs of Evidential Authentication | p. 258 |
| Practical Considerations | p. 264 |
| Practical Implementation | p. 265 |
| Summary | p. 268 |
| Chapter Review Questions and Exercises | p. 271 |
| Hands-on Projects | p. 273 |
| References | p. 273 |
| Computer Forensics Analysis | p. 275 |
| Discovery of Electronic Evidence | p. 277 |
| Electronic Document Discovery: A Powerful New Litigation Tool | p. 278 |
| Summary | p. 281 |
| Chapter Review Questions and Exercises | p. 283 |
| Hands-on Projects | p. 285 |
| References | p. 285 |
| Identification of Data | p. 287 |
| Timekeeping | p. 288 |
| Forensic Identification and Analysis of Technical Surveillance Devices | p. 291 |
| Summary | p. 297 |
| Chapter Review Questions and Exercises | p. 299 |
| Hands-on Projects | p. 300 |
| References | p. 301 |
| Reconstructing Past Events | p. 303 |
| How to Become a Digital Detective | p. 304 |
| Useable File Formats | p. 305 |
| Unusable File Formats | p. 305 |
| Converting Files | p. 306 |
| Summary | p. 309 |
| Chapter Review Questions and Exercises | p. 310 |
| Hands-on Projects | p. 312 |
| References | p. 313 |
| Networks | p. 315 |
| Network Forensics Scenario | p. 316 |
| A Technical Approach | p. 316 |
| Destruction of Email | p. 319 |
| Damaging Computer Evidence | p. 321 |
| Tools Needed for Intrusion Response to the Destruction of Data | p. 323 |
| System Testing | p. 324 |
| Summary | p. 326 |
| Chapter Review Questions and Exercises | p. 328 |
| Hands-on Projects | p. 330 |
| References | p. 331 |
| Countermeasures: Information Warfare | p. 333 |
| Fighting Against Macro Threats: Defensive Strategies for Governments and Industry Groups | p. 335 |
| Is the U.S. Government Prepared for Information Warfare? | p. 335 |
| Are Other Governments Prepared for Information Warfare? | p. 339 |
| What Industry Groups Have Done to Prepare for Information Warfare | p. 341 |
| Strategic Diplomacy and Information Warfare | p. 344 |
| The Role of International Organizations | p. 354 |
| The Role of Global Military Alliances | p. 359 |
| Marshall Law and Cyberspace | p. 361 |
| The Super Cyber Protection Agencies | p. 363 |
| Summary | p. 365 |
| Chapter Review Questions and Exercises | p. 367 |
| Hands-on Projects | p. 370 |
| References | p. 370 |
| The Information Warfare Arsenal and Tactics of the Military | p. 371 |
| Overview of Military Tactics | p. 376 |
| Offensive Ruinous IW Tools and Tactics | p. 378 |
| Offensive Containment IW Tools and Tactics | p. 380 |
| Defensive Preventive IW Tools and Tactics | p. 384 |
| Defensive Ruinous IW Tools and Tactics | p. 385 |
| Defensive Responsive Containment IW Tools and Tactics | p. 386 |
| Countering Sustained Terrorist IW Tactics | p. 389 |
| Dealing with Random Terrorist IW | p. 394 |
| Summary | p. 407 |
| Chapter Review Questions and Exercises | p. 410 |
| Hands-on Projects | p. 412 |
| References | p. 413 |
| The Information Warfare Arsenal and Tactics of Terrorists and Rogues | p. 415 |
| The Terrorist Profile | p. 421 |
| Why Terrorists and Rogues Have an Advantage in IW | p. 424 |
| The Dark World of the Cyber Underground | p. 430 |
| The Criminal Cafe in Cyberspace | p. 433 |
| The Super Computer Literate Terrorist | p. 438 |
| The New Security Professionals | p. 440 |
| The Middle East Cyberwar | p. 441 |
| The New Tools of Terrorism | p. 444 |
| Why Tools Are Easy to Get and Use | p. 452 |
| Why Nasty People Are So Hard to Track Down and Capture | p. 453 |
| The IW Games | p. 459 |
| Summary | p. 462 |
| Chapter Review Questions and Exercises | p. 465 |
| Hands-on Projects | p. 467 |
| References | p. 468 |
| The Information Warfare Arsenal and Tactics of Private Companies | p. 469 |
| Surviving Offensive Ruinous IW | p. 476 |
| Surviving Offensive Containment IW | p. 478 |
| Participating in Defensive Preventive IW Planning | p. 480 |
| Benefiting from and Surviving Defensive Ruinous IW | p. 482 |
| Benefiting from and Surviving Defensive Responsive Containment IW | p. 484 |
| Protection Against Random Terrorist IW Tactics | p. 487 |
| What to Do When Terrorists Keep Attacking | p. 490 |
| Countering Sustained Rogue IW | p. 492 |
| Protection Against Random Rogue IW | p. 493 |
| Keeping the Amateur Rogue out of the Cyberhouse | p. 501 |
| Summary | p. 501 |
| Chapter Review Questions and Exercises | p. 503 |
| Hands-on Projects | p. 505 |
| References | p. 506 |
| The Information Warfare Arsenal of the Future | p. 507 |
| Weapons of the Future | p. 509 |
| The Global Positioning System | p. 522 |
| Snoop, Sniff, and Snuff Tools | p. 527 |
| Email Wiretaps Like Carnivore Can Steal Sensitive Correspondence | p. 529 |
| IW Weapons of the Future | p. 532 |
| Nanotechnology | p. 538 |
| Summary | p. 543 |
| Chapter Review Questions and Exercises | p. 545 |
| Hands-on Projects | p. 547 |
| References | p. 547 |
| Surveillance Tools for Information Warfare of the Future | p. 549 |
| Monitoring Everything | p. 549 |
| Cyber Surveillance | p. 552 |
| The Cyber Footprint and Criminal Tracking | p. 553 |
| The Implications of Cookies and Integrated Platforms | p. 564 |
| Wintel Inside, or How Your Computer Is Watching You | p. 566 |
| Data Mining for What? | p. 569 |
| The Internet Is Big Brother | p. 577 |
| The Wireless Internet: Friend or Foe? | p. 579 |
| Summary | p. 580 |
| Chapter Review Questions and Exercises | p. 582 |
| Hands-on Projects | p. 583 |
| References | p. 584 |
| Civilian Casualties: The Victims and Refugees of Information Warfare | p. 585 |
| What the Cyber Masses Have to Lose | p. 587 |
| The Destruction of Personal Assets in IWs | p. 597 |
| Short- and Long-Term Personal Economic Impact on Cyber Citizens | p. 601 |
| The Violation of Privacy During Information Wars | p. 602 |
| The Individual Exposed | p. 604 |
| Identity Theft | p. 606 |
| Monitoring Private Affairs in Cyberspace | p. 609 |
| The New Order and State Medical ID Cards | p. 613 |
| Big Brother Is Here and Is Staying | p. 616 |
| Summary | p. 618 |
| Chapter Review Questions and Exercises | p. 620 |
| Hands-on Projects | p. 622 |
| References | p. 623 |
| Advanced Computer Forensics Systems and Future Directions | p. 625 |
| Advanced Computer Forensics | p. 627 |
| Advanced Encryption: The Need to Conceal | p. 628 |
| Advanced Hacking | p. 640 |
| Advanced Tracker Hackers | p. 647 |
| The Problems of the Present | p. 663 |
| Summary | p. 666 |
| Chapter Review Questions and Exercises | p. 669 |
| Hands-on Projects | p. 670 |
| References | p. 671 |
| Summary, Conclusions, and Recommendations | p. 673 |
| Summary | p. 674 |
| Conclusions | p. 681 |
| Recommendations | p. 684 |
| Final Word: Computer Forensic Needs and Challenges | p. 699 |
| Chapter Review Questions and Exercises | p. 700 |
| References | p. 703 |
| Frequently Asked Questions | p. 705 |
| What Is Computer Forensics? | p. 705 |
| Why Computer Forensics? | p. 705 |
| What Is Data Recovery? | p. 705 |
| Are There Instances When Data Cannot Be Recovered? | p. 706 |
| Computer Forensics Resources | p. 709 |
| General Forensics Resources | p. 709 |
| Computer Crime | p. 711 |
| File Formats and Extensions | p. 711 |
| Cryptography and Steganography | p. 712 |
| Links to Computer Forensics and Related Law Enforcement Web Pages | p. 713 |
| Law Enforcement Links | p. 713 |
| Organizations | p. 714 |
| Mailing Lists | p. 714 |
| USDOJ Guidelines for Searching and Seizing Computers | p. 715 |
| Computer Forensic and Security Software Available Free of Charge to Law Enforcement Agencies | p. 715 |
| Miscellaneous | p. 715 |
| More Computer Forensics Cases | p. 717 |
| Lost Files | p. 717 |
| Corrupted Files | p. 718 |
| Disappearing Files | p. 718 |
| Computer Forensics | p. 718 |
| Forensic Accounting | p. 719 |
| Corporate Investigation into PC Pornography | p. 719 |
| Data Recovery | p. 719 |
| Industrial Espionage | p. 720 |
| Family Members Bolt | p. 720 |
| Former Employer | p. 720 |
| Goods Left to Rot | p. 721 |
| Managers Start New Company | p. 721 |
| Family Member Steals Clients | p. 721 |
| Erased Email | p. 721 |
| Bank Suspects | p. 722 |
| Former Managers | p. 722 |
| Former Catalog Designers | p. 722 |
| Model Pursued | p. 722 |
| Encrypted Mail | p. 723 |
| Two Attorneys Can't Speak Civilly | p. 723 |
| Big Real Estate Deal | p. 723 |
| Doctor Accused | p. 723 |
| Former Employee Claims | p. 724 |
| Ex-Partner Claims | p. 724 |
| Former Manager | p. 724 |
| Answers to Review Questions and Exercises, Hands-on Projects, Case Projects, and Optional Team Case Projects by Chapter | p. 725 |
| Checklists by Chapter | p. 747 |
| About the CD-ROM | p. 781 |
| Glossary of Terms and Acronyms | p. 791 |
| Index | p. 819 |
| Table of Contents provided by Ingram. All Rights Reserved. |
What is included with this book?
The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.
Please wait while the item is added to your bag...
×
Digital License
You are licensing a digital product for a set duration. Durations are set forth in the product description, with "Lifetime" typically meaning five (5) years of online access and permanent download to a supported device. All licenses are non-transferable.
More details can be found here.