Eoghan Casey - Böcker

Following on the success of his introductory text, Digital Evidence and Computer Crime, Eoghan Casey brings together a few top experts to create the first detailed guide for professionals who are already familiar with digital evidence. The Handbook of Computer Crime Investigation helps readers master the forensic analysis of computer systems with a three-part approach covering tools, technology, and case studies.

The Tools section provides the details on leading software programs, with each chapter written by that product's creator. The section ends with an objective comparison of the strengths and limitations of each tool.

The main Technology section provides the technical "how to" information for collecting and analyzing digital evidence in common situations, starting with computers, moving on to networks, and culminating with embedded systems. The Case Examples section gives readers a sense of the technical, legal, and practical challenges that arise in real computer investigations.

The Tools section provides details of leading hardware and software The main Technology section provides the technical "how to" information for collecting and analysing digital evidence in common situations Case Examples give readers a sense of the technical, legal, and practical challenges that arise in real computer investigations

Investigating Child Exploitation and Pornography provides the historical, legal, technical, and social background for the laws prohibiting child exploitation, in particular, child pornography.

It offers a history of child exploitation cases and studies, outlining the roles of technology in this type of crime and the evidence they can contain, and documenting new research performed by the authors.

It details how successful undercover Internet operations are conducted, how the associated evidence is collected, and how to use the evidence to locate and apprehend the offender. The heart of this work is a legal section, detailing all of the legal issues that arise in Internet child exploitation cases. A forensic examination section presents evidentiary issues from a technical perspective and describes how to conduct a forensic examination of digital evidence gathered in the investigative and probative stages of a child exploitation case.

The book will become an indispensable resource for those involved in the investigation, prosecution, and study of computer-assisted child sexual exploitation.

The first comprehensive title in this subject area Uses real cases and examples of criminal behavior and the means to detect it Provides guidelines for developing a Field Manual and a Checklist to supplement the investigation and legal process Establishes a reliable system and legal, procedural-backed protocol by which to conduct an online sexual investigation and collect evidence

Handbook of Digital Forensics and Investigation builds on the success of the Handbook of Computer Crime Investigation, bringing together renowned experts in all areas of digital forensics and investigation to provide the consummate resource for practitioners in the field. It is also designed as an accompanying text to Digital Evidence and Computer Crime.

This unique collection details how to conduct digital investigations in both criminal and civil contexts, and how to locate and utilize digital evidence on computers, networks, and embedded systems. Specifically, the Investigative Methodology section of the Handbook provides expert guidance in the three main areas of practice: Forensic Analysis, Electronic Discovery, and Intrusion Investigation. The Technology section is extended and updated to reflect the state of the art in each area of specialization. The main areas of focus in the Technology section are forensic analysis of Windows, Unix, Macintosh, and embedded systems (including cellular telephones and other mobile devices), and investigations involving networks (including enterprise environments and mobile telecommunications technology).

This handbook is an essential technical reference and on-the-job guide that IT professionals, forensic practitioners, law enforcement, and attorneys will rely on when confronted with computer related crime and digital evidence of any kind.

Provides methodologies proven in practice for conducting digital investigations of all kindsDemonstrates how to locate and interpret a wide variety of digital evidence, and how it can be useful in investigationsPresents tools in the context of the investigative process, including EnCase, FTK, ProDiscover, foremost, XACT, Network Miner, Splunk, flow-tools, and many other specialized utilities and analysis platformsCase examples in every chapter give readers a practical understanding of the technical, logistical, and legal challenges that arise in real investigations

Digital Evidence and Computer Crime, Third Edition, provides the knowledge necessary to uncover and use digital evidence effectively in any kind of investigation.

It offers a thorough explanation of how computer networks function, how they can be involved in crimes, and how they can be used as a source of evidence. In particular, it addresses the abuse of computer networks as well as privacy and security issues on computer networks.

This updated edition is organized into five parts. Part 1 is about digital forensics and covers topics ranging from the use of digital evidence in the courtroom to cybercrime law. Part 2 explores topics such as how digital investigations are conducted, handling a digital crime scene, and investigative reconstruction with digital evidence. Part 3 deals with apprehending offenders, whereas Part 4 focuses on the use of computers in digital investigation. The book concludes with Part 5, which includes the application of forensic science to networks.

New to this edition are updated information on dedicated to networked Windows, Unix, and Macintosh computers, as well as Personal Digital Assistants; coverage of developments in related technology and tools; updated language for search warrant and coverage of legal developments in the US impacting computer forensics; and discussion of legislation from other countries to provide international scope. There are detailed case examples that demonstrate key concepts and give students a practical/applied understanding of the topics, along with ancillary materials that include an Instructor's Manual and PowerPoint slides.

This book will prove valuable to computer forensic students and professionals, lawyers, law enforcement, and government agencies (IRS, FBI, CIA, CCIPS, etc.).

Named The 2011 Best Digital Forensics Book by InfoSec Reviews Provides a thorough explanation of how computers & networks function, how they can be involved in crimes, and how they can be used as evidence Features coverage of the abuse of computer networks and privacy and security issues on computer networks

Linux Malware Incident Response is a "first look" at the Malware Forensics Field Guide for Linux Systems, exhibiting the first steps in investigating Linux-based incidents. The Syngress Digital Forensics Field Guides series includes companions for any digital and computer forensic investigator and analyst. Each book is a "toolkit" with checklists for specific tasks, case studies of difficult situations, and expert analyst tips. This compendium of tools for computer forensics analysts and investigators is presented in a succinct outline format with cross-references to supplemental appendices. It is designed to provide the digital investigator clear and concise guidance in an easily accessible format for responding to an incident or conducting analysis in a lab. Presented in a succinct outline format with cross-references to included supplemental components and appendices Covers volatile data collection methodology as well as non-volatile data collection from a live Linux system Addresses malware artifact discovery and extraction from a live Linux system

Malware Forensics: Investigating and Analyzing Malicious Code covers the complete process of responding to a malicious code incident. Written by authors who have investigated and prosecuted federal malware cases, this book deals with the emerging and evolving field of live forensics, where investigators examine a computer system to collect and preserve critical live data that may be lost if the system is shut down. Unlike other forensic texts that discuss live forensics on a particular operating system, or in a generic context, this book emphasizes a live forensics and evidence collection methodology on both Windows and Linux operating systems in the context of identifying and capturing malicious code and evidence of its effect on the compromised system. It is the first book detailing how to perform live forensic techniques on malicious code.

The book gives deep coverage on the tools and techniques of conducting runtime behavioral malware analysis (such as file, registry, network and port monitoring) and static code analysis (such as file identification and profiling, strings discovery, armoring/packing detection, disassembling, debugging), and more. It explores over 150 different tools for malware incident response and analysis, including forensic tools for preserving and analyzing computer memory. Readers from all educational and technical backgrounds will benefit from the clear and concise explanations of the applicable legal case law and statutes covered in every chapter. In addition to the technical topics discussed, this book also offers critical legal considerations addressing the legal ramifications and requirements governing the subject matter.

This book is intended for system administrators, information security professionals, network personnel, forensic examiners, attorneys, and law enforcement working with the inner-workings of computer memory and malicious code.

Winner of Best Book Bejtlich read in 2008! http://taosecurity.blogspot.com/2008/12/best-book-bejtlich-read-in-2008.html Authors have investigated and prosecuted federal malware cases, which allows them to provide unparalleled insight to the reader First book to detail how to perform "live forensic" techniques on malicous code In addition to the technical topics discussed, this book also offers critical legal considerations addressing the legal ramifications and requirements governing the subject matter