eBook - ePub
Digital Forensics
André Årnes, André Årnes
This is a test
Buch teilen
- English
- ePUB (handyfreundlich)
- Über iOS und Android verfügbar
eBook - ePub
Digital Forensics
André Årnes, André Årnes
Angaben zum Buch
Buchvorschau
Inhaltsverzeichnis
Quellenangaben
Über dieses Buch
The definitive text for students of digital forensics, as well as professionals looking to deepen their understanding of an increasingly critical field
Written by faculty members and associates of the world-renowned Norwegian Information Security Laboratory (NisLab) at the Norwegian University of Science and Technology (NTNU), this textbook takes a scientific approach to digital forensics ideally suited for university courses in digital forensics and information security. Each chapter was written by an accomplished expert in his or her field, many of them with extensive experience in law enforcement and industry. The author team comprises experts in digital forensics, cybercrime law, information security and related areas.
Digital forensics is a key competency in meeting the growing risks of cybercrime, as well as for criminal investigation generally. Considering the astonishing pace at which new information technology – and new ways of exploiting information technology – is brought on line, researchers and practitioners regularly face new technical challenges, forcing them to continuously upgrade their investigatory skills. Designed to prepare the next generation to rise to those challenges, the material contained in Digital Forensics has been tested and refined by use in both graduate and undergraduate programs and subjected to formal evaluations for more than ten years.
- Encompasses all aspects of the field, including methodological, scientific, technical and legal matters
- Based on the latest research, it provides novel insights for students, including an informed look at the future of digital forensics
- Includes test questions from actual exam sets, multiple choice questions suitable for online use and numerous visuals, illustrations and case example images
- Features real-word examples and scenarios, including court cases and technical problems, as well as a rich library of academic references and references to online media
Digital Forensics is an excellent introductory text for programs in computer science and computer engineering and for master degree programs in military and police education. It is also a valuable reference for legal practitioners, police officers, investigators, and forensic practitioners seeking to gain a deeper understanding of digital forensics and cybercrime.
Häufig gestellte Fragen
Wie kann ich mein Abo kündigen?
Gehe einfach zum Kontobereich in den Einstellungen und klicke auf „Abo kündigen“ – ganz einfach. Nachdem du gekündigt hast, bleibt deine Mitgliedschaft für den verbleibenden Abozeitraum, den du bereits bezahlt hast, aktiv. Mehr Informationen hier.
(Wie) Kann ich Bücher herunterladen?
Derzeit stehen all unsere auf Mobilgeräte reagierenden ePub-Bücher zum Download über die App zur Verfügung. Die meisten unserer PDFs stehen ebenfalls zum Download bereit; wir arbeiten daran, auch die übrigen PDFs zum Download anzubieten, bei denen dies aktuell noch nicht möglich ist. Weitere Informationen hier.
Welcher Unterschied besteht bei den Preisen zwischen den Aboplänen?
Mit beiden Aboplänen erhältst du vollen Zugang zur Bibliothek und allen Funktionen von Perlego. Die einzigen Unterschiede bestehen im Preis und dem Abozeitraum: Mit dem Jahresabo sparst du auf 12 Monate gerechnet im Vergleich zum Monatsabo rund 30 %.
Was ist Perlego?
Wir sind ein Online-Abodienst für Lehrbücher, bei dem du für weniger als den Preis eines einzelnen Buches pro Monat Zugang zu einer ganzen Online-Bibliothek erhältst. Mit über 1 Million Büchern zu über 1.000 verschiedenen Themen haben wir bestimmt alles, was du brauchst! Weitere Informationen hier.
Unterstützt Perlego Text-zu-Sprache?
Achte auf das Symbol zum Vorlesen in deinem nächsten Buch, um zu sehen, ob du es dir auch anhören kannst. Bei diesem Tool wird dir Text laut vorgelesen, wobei der Text beim Vorlesen auch grafisch hervorgehoben wird. Du kannst das Vorlesen jederzeit anhalten, beschleunigen und verlangsamen. Weitere Informationen hier.
Ist Digital Forensics als Online-PDF/ePub verfügbar?
Ja, du hast Zugang zu Digital Forensics von André Årnes, André Årnes im PDF- und/oder ePub-Format sowie zu anderen beliebten Büchern aus Medicina & Medicina forense. Aus unserem Katalog stehen dir über 1 Million Bücher zur Verfügung.
Information
1
Introduction
André Årnes
Testimon Forensic Laboratory, Norwegian University of Science and Technology (NTNU), Gjøvik, Norway; and Telenor Group, Oslo, Norway
The world is becoming increasingly interconnected. We find connected devices in virtually every home, and computer networks are the nervous systems of corporate and government organizations everywhere. According to Internet Live Stats (2016), there are almost 3.5 billion Internet users in the world as of August 2016, covering close to 50% of the world's population. The Internet is, however, a network of networks consisting of competing and concurrent technologies with users from different organizations and countries. Unfortunately for the investigator, the Internet was designed for robustness and redundancy, rather than security and traceability. This increases the complexity and uncertainty of digital investigations and represents a formidable challenge for digital forensics practitioners.
Digital forensics is becoming increasingly important with the escalation of cybercrime and other network-related serious crimes. Understanding the laws and regulations governing electronic communications, cybercrimes, and data retention requires the continuous acquisition of new knowledge, methods, and tools. Digital evidence is everywhere and plays an important role in virtually any criminal investigation, from petty crimes to cybercrime, organized crime, and terrorism. It is therefore critically important that students of computer science and security acquire a fundamental understanding of digital forensics, in order to take part in the public debate and to act as experts in a legal context.
1.1 Forensic Science
Forensic science is a branch of science that is widely popularized in fiction and in contemporary media, ranging from Sir Arthur Conan Doyle's first Sherlock Holmes novel A Study in Scarlet published in 1887 to today's CSI and similar crime shows. It is commonly understood that forensic science is both highly inquisitive, requiring a creative mindset, and formalistic, requiring a strict adherence to established processes. An authoritative textbook in the field, Criminalistics (Saferstein, 2007), states that “forensic science in its broadest definition is the application of science to law.” The terms criminalistics and forensic science are used interchangeably, although criminalistics has a stronger flavor of the services of a crime laboratory. For the purpose of this book, we will only use the first term, as defined in Definition 1.1.
Definition 1.1: Forensic Science
The application of scientific methods to establish factual answers to legal problems.
A forensic scientist is responsible for the important task of establishing facts related to questions such as: what has happened, how did it happen, who has been involved, and when did it occur? To solve such problems, a forensic scientist draws on methods and tools from a wide range of theoretical and applied sciences, including biology, medicine, physics, geology, computer science, and electrical engineering. As it is often not possible to answer a problem with full certainty, a forensic scientist is also trained to apply statistics to express the results in terms of probabilities (for a comprehensive discussion, see Aitken & Taroni, 2004).
1.1.1 History of Forensic Science
Forensic science was established as a separate scientific domain during the 1800s and early 1900s. The contributions of this new area of science dramatically changed the effectiveness of law enforcement. A comprehensive overview of the contributions is available in Saferstein (2007), but some notable innovators and milestones are:
- Mathieu Orfila (1787–1853), considered the father of forensic toxicology, published the first scientific text on forensic toxicology in 1814.
- Alphonse Bertillon (1853–1914) developed a method for identification through body measurements and published a system on personal identification in 1879.
- Francis Galton (1822–1911) studied fingerprints as a means of identification and published the book Finger Prints in 1892.
- Hans Gross (1847–1915) established the principles for the application of science in investigations in several publications, the first one in 1893.
- Alberts S. Osborn (1858–1946) established scientific principles for document examination and published the book Questioned Documents in 1910.
- Leone Lattes (1887–1954) studied characteristics of blood types for identification and created a method for the analysis of blood groups in blood stains in 1915.
- Edmond Locard (1877–1966), recognized worldwide for promoting the scientific method in criminal investigation, established a police laboratory in Lyon in 1910.
1.1.2 Locard's Exchange Principle
Edmond Locard formulated the famous Locard's exchange principle, which has served as an important principle for subsequent research within forensic science. The principle states that “when a person or object comes in contact with another person or object, a cross-transfer of materials occurs” (Saferstein, 2007). In this way, every criminal can be connected to a crime through trace evidence. It should, however, be noted that the principle cannot necessarily be directly applied to digital forensics, as the dynamics of digital evidence is different from that of physical evidence. In this textbook, we will, nonetheless, adopt Definition 1.2.
Definition 1.2: Locard's Exchange Principle
Whenever two objects come into contact with one another, there is an exchange of materials between them.
1.1.3 Crime Reconstruction
Crime reconstruction (or crime scene reconstruction) is the process of determining the most likely hypothesis, or sequence of events, through the application of the scientific method. For the purpose of this textbook, we apply Definition 1.3, based on the book Crime Reconstruction by Chisum and Turvey (2008).
Definition 1.3: Crime Reconstruction
Crime reconstruction is the determination of the actions and events surrounding the commission of a crime.
A crime reconstruction can leverage a wide range of forensic methods, for example firearm ballistics tests, statistical simulations, and biological experiments. The objective is to establish a hypothesis about the event or sequence of events and then to test whether the hypothesis is possible or not. If the hypothesis is confirmed, then one possible explanation has been identified. If it is refuted, then the explanation is not possible and other hypotheses will have to be considered.
1.1.4 Investigations
An i...