Digital Evidence and Computer Crime: Forensic Science, Computers, and the Internet / Edition 1

Digital Evidence and Computer Crime: Forensic Science, Computers, and the Internet / Edition 1

by Eoghan Casey
     
 

ISBN-10: 012162885X

ISBN-13: 9780121628857

Pub. Date: 08/28/2000

Publisher: Elsevier Science

Digital evidence—evidence that is stored on or transmitted by computers—can play a major role in a wide range of crimes, including homicide, rape, abduction, child abuse, solicitation of minors, child pornography, stalking, harassment, fraud, theft, drug trafficking, computer intrusions, espionage, and terrorism.
Though an increasing number of criminals…  See more details below

Overview

Digital evidence—evidence that is stored on or transmitted by computers—can play a major role in a wide range of crimes, including homicide, rape, abduction, child abuse, solicitation of minors, child pornography, stalking, harassment, fraud, theft, drug trafficking, computer intrusions, espionage, and terrorism.
Though an increasing number of criminals are using computers and computer networks, few investigators are well-versed in the evidentiary, technical, and legal issues related to digital evidence. As a result, digital evidence is often overlooked, collected incorrectly, and analyzed ineffectively. The aim of this hands-on resource is to educate students and professionals in the law enforcement, forensic science, computer security, and legal communities about digital evidence and computer crime.
This work explains how computers and networks function, how they can be involved in crimes, and how they can be used as a source of evidence. As well as gaining a practical understanding of how computers and networks function and how they can be used as evidence of a crime, readers will learn about relevant legal issues and will be introduced to deductive criminal profiling, a systematic approach to focusing an investigation and understanding criminal motivations.
The accompanying CD-ROM contains simulated cases that integrate many of the topics covered in the text, teaching individuals about:
* Components of computer networks
* Use of computer networks in an investigation
* Abuse of computer networks
* Privacy and security issues on computer networks
* The law as it applies to computer networks


"This is the right book for the times."

—Lori Fenna, Chair, Electronic Frontier Foundation

"I had the enjoyable task of reviewing the galley proofs for Eoghan Casey's fine introductory book: Digital Evidence and Computer Crime recently, and I highly recommend it for anybody who is just entering the field of digital forensics.
This book has many fine features, including coverage of the basics of criminal investigation, legal issues in digital forensics, and of course, the technical information you need to get started in the field and understand what the experts are talking about. It covers the who, what, why, when, where, and how of digital evidence, addresses means, motive, and opportunity, and addresses the big picture issues very well. While I wouldn't take it on-scene, I think it is a valuable resource and well suited as a text for a first courses in digital forensics, or as a general reference for the field as it exists today. Regardless of whether your background is in the law, criminal investigation, or computers, this book is a useful resource.
I was particularly enamored with the number of examples included in the book. These case studies and situational demonstrations bring the book to life and add meaning that you can't get from a dry academic book, regardless of its coverage of details. The notions of remembering the victim and their link to the crime, the descriptions of complexities associated with Internet crime and globalization, and the concepts of investigation and sleuthing help the reader understand the difference between investigation and academics.
But Casey doesn't stop there. He goes on to include an extensive glossary, excellent citations, a useful index, sample printouts, URLs of well known sites, and a multimedia supplement (which was not available at the time of my review). All told, this book does a fine job of introducing the area and provides a useful resource for the active practitioner."
—Fred Cohen, Sandia National Laboratories, Livermore, California, U.S.A.

"This book addresses a diverse audience: law enforcement people who collect evidence, forensics scientists who perform analyses, lawyers who provide legal counsel, and technical people such as computer security professionals, programmers, and system administrators who can be called upon to produce digital evidence.
Digital Evidence gives an introduction to concepts from computer science (computer architecture, protocols, applications), forensics science (recovering, reconstructing and analyzing evidence), and behavioral analysis (modus operandi, motivation, what makes an offender choose a specific victim or target). For those who wish to know more, the book gives references to specialized literature and on-line resources. The sections on legal issues are a bit U.S.-specific, but can still be of interest to non-U.S. readers. To the investigator, the book gives a flavor of what it takes to examine a PC, MAC, NT or UNIX system, or to gather evidence at various layers of network protocols, including wireless networks. With computers, emphasis is on capturing disk information. With computer networks, emphasis is on the application layer: web, mail, news, and irc/icq. The book gives examples of common forgeries with email and usenet postings, and mentions IP spoofing without going into the technicalities.
To the legal person, the book gives a flavor of the challenges that one has to face when gathering digital evidence. Especially with information retrieved across networks it can be difficult to prove that data is authentic. And as the email and usenet examples show, it is relatively easy to forge time stamp and/or address information, but the book also shows that it is relatively easy to be found out.
Perhaps the most useful sections of the book are the ones with guidelines for how to perform specific investigations."
—Wietse Venema, IBM T.J. Watson Research Center, U.S.A.



Read More

Product Details

ISBN-13:
9780121628857
Publisher:
Elsevier Science
Publication date:
08/28/2000
Edition description:
Older Edition
Pages:
280
Product dimensions:
7.63(w) x 9.95(h) x 0.80(d)

Table of Contents

1.Introduction to Digital Evidence1
2.The Language of Cybercrime15
3.Modus Operandi, Motive and Technology25
4.Applying Forensic Science to Computers41
5.Digital Evidence on Computer Networks75
6.Digital Evidence on the Internet99
7.Digital Evidence at the Transport and Network Layers121
8.Digital Evidence on the Data-Link and Physical Layers145
9.Using Digital Evidence and Behavioral Evidence Analysis in an Investigation161
10.Computer Crackers171
11.Cyberstalking187
12.Digital Evidence as Alibi199
13.Laws, Jurisdiction, Search and Seizure207
14.Thoughts for the Future223
Appendix 1Summary of Resources231
Appendix 2Multimedia Supplement243

Read More

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >