Digital Evidence and Computer Crime: Forensic Science, Computers, and the Internet » (1st Edition)

Eoghan Casey is founding partner of cmdLabs, author of the foundational book Digital Evidence and Computer Crime, and coauthor of Malware Forensics. For over a decade, he has dedicated himself to advancing the practice of incident handling and digital forensics. He helps client organizations handle security breaches and analyzes digital evidence in a wide range of investigations, including network intrusions with international scope. He has testified in civil and criminal cases, and has submitted expert reports and prepared trial exhibits for computer forensic and cyber-crime cases. Eoghan has performed thousands of forensic acquisitions and examinations, including Windows and UNIX systems, Enterprise servers, smart phones, cell phones, network logs, backup tapes, and database systems. He has performed vulnerability assessments, deployed and maintained intrusion detection systems, firewalls and public key infrastructures, and developed policies, procedures, and educational programs for a variety of organizations. In addition, he conducts research and teaches graduate students at Johns Hopkins University Information Security Institute, is editor of the Handbook of Digital Forensics and Investigation, and is Editor-in-Chief of Elsevier's International Journal of Digital Investigation.

Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet, Third Edition

by Eoghan Casey cmdLabs, Baltimore, Maryland, USA

Technical Editor Brent E. Turvey, Forensic Solutions LLC, Sitka, Alaska, USA

Contributors: Susan W. Brenner (University of Dayton School of Law), Bert-Jaap Koops (Tilburg University, Netherlands), Tessa Robinson (Law Library, Dublin, Ireland), Bradley Schatz (Schatz Forensic Pty. Ltd., Queensland), Terrance Maguire (cmdLabs), Monique M. Ferraro (Technology Forensics, LLC, Connecticut), Michael McGrath, Christopher Daywalt (cmdLabs)

Digital evidence - evidence that is stored on or transmitted by computers - can play a major role in any investigation, including homicide, child exploitation, computer intrusions and corporate malfeasance. The scope of computer crime has expanded further with the proliferation of networks, embedded systems, mobile devices and industrial control systems. Digital evidence from these systems can help establish when events occurred, where victims and suspects were, with whom they communicated, and may even show their intent to commit a crime.

Despite the ubiquity of computer-facilitated crime, few people are well-versed in the technical, investigative and legal issues related to digital evidence. As a result, digital evidence is often overlooked, collected incorrectly or analyzed ineffectively.

Digital Evidence and Computer Crime, Third Edition is completely updated, providing the knowledge necessary to uncover and use digital evidence effectively in any kind of investigation. The first and second editions introduced thousands of practitioners to this field, and this third edition expands on the material presented in previous editions to help digital forensic practitioners further develop their skills. The textbook teaches digital investigation and forensic methodologies, how computers and networks function, how they can be involved in crimes, and how they can be used as a source of evidence. This book is suitable for incident responders, forensic analysts, police and lawyers. Case examples and practitioner's tips are provided throughout each chapter to emphasize important concepts.

New chapters include coverage of:

• Handling digital crime scenes
• Investigating violent crimes
• Applying the scientific method to digital investigations
• Legal issues from both the U.S. and European perspectives

ISBN: 978-0-12-374268-1