Fundamentals of Digital Forensics
Springer International Publishing (Verlag)
978-3-031-53648-9 (ISBN)
This textbook describes the theory and methodology of digital forensic examinations, presenting examples developed in collaboration with police authorities to ensure relevance to real-world practice. The coverage includes discussions on forensic artifacts and constraints, as well as forensic tools used for law enforcement and in the corporate sector. Emphasis is placed on reinforcing sound forensic thinking, and gaining experience in common tasks through hands-on exercises.
This enhanced third edition describes practical digital forensics with open-source tools and includes an outline of current challenges and research directions.
Topics and features:
- Outlines what computer forensics is, and what it can do, as well as what its limitations are
- Discusses both the theoretical foundations and the fundamentals of forensic methodology
- Reviews broad principles that are applicable worldwide
- Explains how to find and interpret several important artifacts
- Describes free and open-source software tools
- Features content on corporate forensics, ethics, SQLite databases, triage, and memory analysis
- Includes new supporting video lectures on YouTube
This easy-to-follow primer is an essential resource for students of computer forensics, and will also serve as a valuable reference for practitioners seeking instruction on performing forensic examinations.
Joakim Kävrestad is a lecturer and researcher at Jönköping School of Engineering, Sweden, and an AccessData Certified Examiner. He also serves as a forensic consultant, with several years of experience as a forensic expert with the Swedish police. Marcus Birath is an adjunct senior lecturer in informatics at the University of Skövde. Nathan Clarke is a Professor of Cyber Security and Digital Forensics at the University of Plymouth. He is also an adjunct Professor at Edith Cowan University, Western Australia.
Part I: Theory.- 1. What Is Digital Forensics?.- 2. Ethics and Integrity.- Computer Theory.- 3. Notable Artifacts.- 4. Decryption and Password Enforcing.- Part II: The Forensic Process.- 5. Cybercrime, Cyber-Aided Crime and Digital Evidence.- 6. Incident Response.- Collecting Evidence.- 7. Triage.- Analyzing Data and Writing Reports.- Part III: Get Practical.- 8. Collecting Data.- 9. Indexing and Searching.- Cracking.- 10. Finding Artifacts.- 11. Some Common Questions and Tasks.- 12. FTK Specifics.- 13. Open-Source or Freeware Tools.- Part IV: Memory Forensics.- 14. Memory Analysis.- Memory Analysis Tools.- 15. Memory Analysis in Criminal Investigations.- 16. Malware Analysis.
Erscheinungsdatum | 26.03.2024 |
---|---|
Reihe/Serie | Texts in Computer Science |
Zusatzinfo | XIV, 298 p. 126 illus., 58 illus. in color. |
Verlagsort | Cham |
Sprache | englisch |
Maße | 155 x 235 mm |
Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
Schlagworte | AccessData • Computer Examination • Computer Forensic Methods • Computer forensics • criminal investigation • digital forensics • Forensics • live forensics • password cracking |
ISBN-10 | 3-031-53648-7 / 3031536487 |
ISBN-13 | 978-3-031-53648-9 / 9783031536489 |
Zustand | Neuware |
Haben Sie eine Frage zum Produkt? |
aus dem Bereich