Cybercrime Investigative Case Management
eBook - ePub

Cybercrime Investigative Case Management

An Excerpt from Placing the Suspect Behind the Keyboard

  1. 28 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Cybercrime Investigative Case Management

An Excerpt from Placing the Suspect Behind the Keyboard

About this book

Investigative Case Management is a "first look" excerpted from Brett Shavers' new Syngress book, Placing the Suspect Behind the Keyboard. Investigative case management is more than just organizing your case files. It includes the analysis of all evidence collected through digital examinations, interviews, surveillance, and other data sources. In order to place a suspect behind any keyboard, supporting evidence needs to be collected and attributed to a person. This first look provides you with traditional and innovative methods of data analysis to identify and eliminate suspects through a combination of supporting methods of analysis.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Cybercrime Investigative Case Management by Brett Shavers in PDF and/or ePUB format, as well as other popular books in Computer Science & Cyber Security. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Syngress
Year
2013
Print ISBN
9780124095069
eBook ISBN
9780124095465
Topic
Computer Science
Subtopic
Cyber Security
Index
Computer Science

Chapter 1

Investigative Case Management

1.1 Introduction
1.1.1 Basic Case Tracking
1.1.2 The Case Name
1.1.3 Note Taking
1.1.4 Analyzing Your Notes
1.1.5 Analysis with Spreadsheets
1.1.6 Analysis with Databases
1.1.7 Analysis Using Charts
1.1.8 Analysis Using Maps
1.1.9 Fresh Set of Eyes
1.1.10 Summary
Bibliography

1.1 Introduction

This chapter introduces several methods which may allow you to see inferences as you manage the information in your case. These inferences help connect the dots between evidence and suspects. Instead of simply taking notes during your investigation, create a system that can lead to discoveries that may be otherwise missed. Gone are the days of writing reports and placing reports in binders such as seen in Figure 1.1. A case with any amount electronic evidence from a single storage device will quickly overwhelm a system of binders.
image
Figure 1.1 Finding a single document in a shelf of binders can take more time than necessary compared to searching an electronic folder.
Investigative case management enables you to find information quickly and help you understand your investigation as a whole. Comprehending your reconstruction of the incident in your investigation will allow to you see the totality of the reconstructed incident as if you were there when it occurred. You will have more “Eureka!” moments when data can be seen as a whole and inferences between suspects and acts stand out clearly among all information.
There may be a few investigators and analysts who can keep a neat desk during complex cases whilst the rest of us struggle to keep ahead of growing mounds of paper. Hundreds of pages are printed to be sorted throughout the case, duplicates of forms, photos, mail, court orders, and evidence requests are constantly generated to be filed in some manner, and this can quickly engulf anyone. With multiple cases and exams of multiple storage devices in each case generating even more case records, a common scene of the work area can appear to look like the results of a small office hurricane. Work areas that are cluttered and disorganized will also coincidently consist of cases that are not solved quickly, or even solved at all. This chapter intends to give methods of controlling information and analyzing it at the same time.

1.1.1 Basic Case Tracking

If there is one rule to remember, it is to handle evidence and information as it is collected. As long as each item is bagged and tagged in your system, the odds of losing or overlooking information are minimized. Bagging and tagging can easily be accomplished using logs where evidence or information that arrives is logged on paper, as it arrives, and filed away.
Tip

A Stitch in Time Saves Nine

I have never seen success with any method of evidence that does not involve handling it immediately when collected. Evidence that is placed aside to deal with at a later time usually results in lost or missing evidence or forgetting where items of evidence originated. Handle it as soon as you touch it or you may never see it again.
All other methods of dealing with evidence make your case management that much easier. If you have a good system already, perhaps it can be made better using one of the methods described. And if one suggestion saves you minutes or hours over a period of time, then it is a worthwhile change to make.
Although electronic data can be reproduced and fingerprint cards photocopied and scanned, the reproductions of the actual physical items cannot be cloned. The storage of these types of items requires safe storage within a secured facility. Physical evidence storage is vitally important, but this will not be the focus of this chapter. The focus is to manage your investigation informati...

Table of contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Chapter 1. Investigative Case Management