, , , ,
A comprehensive and broad introduction to computer and intrusion forensics, this practical book helps you master the tools, techniques and underlying concepts you need to know, covering the areas of law enforcement, national security and the private sector. The book presents case studies from around the world, and treats key emerging areas such as stegoforensics, image identification, authorship categorization, link discovery and data mining. You also learn the principles and processes for effectively handling evidence from digital sources and law enforcement considerations in dealing with computer-related crimes, as well as how the effectiveness of computer forensics procedures may be influenced by organizational security policy. The book opens with a comprehensive introduction to computer and intrusion forensics and relates them to computer security in general and computer network security. It details the current practice of computer forensics and its role in combating computer crime, and examines the relationship between intrusion detection and intrusion forensics. What's more, the book explores the most important new areas for future research in computer forensics. This leading-edge resource is an indispensable reference for working professionals and post-graduate students alike.
Table Of Contents
Computer Crime, Computer Forensics and Computer Security -Introduction. Human behaviour in the electronic age. The nature of computer crime. Establishing a case in computer forensics. Legal considerations. Computer security and its relationship to computer forensics. Overview of the following chapters.; Current Practice -Introduction. Electronic Evidence. Forensic Tools. Emerging Procedures and Standards. Computer Crime Legislation and Computer Forensics. Networks and Intrusion Forensics.; Computer Forensics in Law Enforcement and National Security - The Origins and History of Computer Forensics. The Role of Computer Forensics in Law Enforcement. Principles of Evidence. Computer Forensics Model for Law Enforcement. Forensic Examination. Forensic Resources and Tools. Competencies and Certification. Computer Forensics and National Security.; Computer Forensics in Forensic Accounting - Auditing and fraud detection. Defining fraudulent activity. Technology and fraud detection. Fraud Detection Techniques. Visual analysis techniques. Building a fraud analysis model.; Case Studies - The Case of Little Nicky Scarfo. The Case of El Griton. Melissa. The World Trade Centre Bombing and Operation Oplan Bojinka. Other cases.; Intrusion Detection and Intrusion Forensics - Intrusion detection, computer forensics and information warfare. Intrusion Detection Systems. Analysing Computer Intrusions. Network Security. Intrusion Forensics . Future Directions for IDS and Intrusion Forensics.; Research Directions and Future Developments -Introduction. Forensic Data Mining - Finding Useful Patterns in Evidence. Text Categorization. Authorship Attribution: Identifying E-mail Authors. Association Rule Mining - Application to Investigative Profiling. Evidence Extraction, Link Analysis and Link Discovery. Stego-Forensic Analysis. Image Mining. Cryptography and Cryptanalysis. The Future - Society and Technology.;