eBook - ePub
Digital Forensics
André à rnes, André à rnes
This is a test
Partager le livre
- English
- ePUB (adapté aux mobiles)
- Disponible sur iOS et Android
eBook - ePub
Digital Forensics
André à rnes, André à rnes
DĂ©tails du livre
Aperçu du livre
Table des matiĂšres
Citations
Ă propos de ce livre
The definitive text for students of digital forensics, as well as professionals looking to deepen their understanding of an increasingly critical field
Written by faculty members and associates of the world-renowned Norwegian Information Security Laboratory (NisLab) at the Norwegian University of Science and Technology (NTNU), this textbook takes a scientific approach to digital forensics ideally suited for university courses in digital forensics and information security. Each chapter was written by an accomplished expert in his or her field, many of them with extensive experience in law enforcement and industry. The author team comprises experts in digital forensics, cybercrime law, information security and related areas.
Digital forensics is a key competency in meeting the growing risks of cybercrime, as well as for criminal investigation generally. Considering the astonishing pace at which new information technology â and new ways of exploiting information technology â is brought on line, researchers and practitioners regularly face new technical challenges, forcing them to continuously upgrade their investigatory skills. Designed to prepare the next generation to rise to those challenges, the material contained in Digital Forensics has been tested and refined by use in both graduate and undergraduate programs and subjected to formal evaluations for more than ten years.
- Encompasses all aspects of the field, including methodological, scientific, technical and legal matters
- Based on the latest research, it provides novel insights for students, including an informed look at the future of digital forensics
- Includes test questions from actual exam sets, multiple choice questions suitable for online use and numerous visuals, illustrations and case example images
- Features real-word examples and scenarios, including court cases and technical problems, as well as a rich library of academic references and references to online media
Digital Forensics is an excellent introductory text for programs in computer science and computer engineering and for master degree programs in military and police education. It is also a valuable reference for legal practitioners, police officers, investigators, and forensic practitioners seeking to gain a deeper understanding of digital forensics and cybercrime.
Foire aux questions
Comment puis-je résilier mon abonnement ?
Il vous suffit de vous rendre dans la section compte dans paramĂštres et de cliquer sur « RĂ©silier lâabonnement ». Câest aussi simple que cela ! Une fois que vous aurez rĂ©siliĂ© votre abonnement, il restera actif pour le reste de la pĂ©riode pour laquelle vous avez payĂ©. DĂ©couvrez-en plus ici.
Puis-je / comment puis-je télécharger des livres ?
Pour le moment, tous nos livres en format ePub adaptĂ©s aux mobiles peuvent ĂȘtre tĂ©lĂ©chargĂ©s via lâapplication. La plupart de nos PDF sont Ă©galement disponibles en tĂ©lĂ©chargement et les autres seront tĂ©lĂ©chargeables trĂšs prochainement. DĂ©couvrez-en plus ici.
Quelle est la différence entre les formules tarifaires ?
Les deux abonnements vous donnent un accĂšs complet Ă la bibliothĂšque et Ă toutes les fonctionnalitĂ©s de Perlego. Les seules diffĂ©rences sont les tarifs ainsi que la pĂ©riode dâabonnement : avec lâabonnement annuel, vous Ă©conomiserez environ 30 % par rapport Ă 12 mois dâabonnement mensuel.
Quâest-ce que Perlego ?
Nous sommes un service dâabonnement Ă des ouvrages universitaires en ligne, oĂč vous pouvez accĂ©der Ă toute une bibliothĂšque pour un prix infĂ©rieur Ă celui dâun seul livre par mois. Avec plus dâun million de livres sur plus de 1 000 sujets, nous avons ce quâil vous faut ! DĂ©couvrez-en plus ici.
Prenez-vous en charge la synthÚse vocale ?
Recherchez le symbole Ăcouter sur votre prochain livre pour voir si vous pouvez lâĂ©couter. Lâoutil Ăcouter lit le texte Ă haute voix pour vous, en surlignant le passage qui est en cours de lecture. Vous pouvez le mettre sur pause, lâaccĂ©lĂ©rer ou le ralentir. DĂ©couvrez-en plus ici.
Est-ce que Digital Forensics est un PDF/ePUB en ligne ?
Oui, vous pouvez accĂ©der Ă Digital Forensics par AndrĂ© Ă
rnes, AndrĂ© Ă
rnes en format PDF et/ou ePUB ainsi quâĂ dâautres livres populaires dans Medicina et Medicina forense. Nous disposons de plus dâun million dâouvrages Ă dĂ©couvrir dans notre catalogue.
Informations
1
Introduction
AndrĂ© Ă
rnes
Testimon Forensic Laboratory, Norwegian University of Science and Technology (NTNU), GjĂžvik, Norway; and Telenor Group, Oslo, Norway
The world is becoming increasingly interconnected. We find connected devices in virtually every home, and computer networks are the nervous systems of corporate and government organizations everywhere. According to Internet Live Stats (2016), there are almost 3.5 billion Internet users in the world as of August 2016, covering close to 50% of the world's population. The Internet is, however, a network of networks consisting of competing and concurrent technologies with users from different organizations and countries. Unfortunately for the investigator, the Internet was designed for robustness and redundancy, rather than security and traceability. This increases the complexity and uncertainty of digital investigations and represents a formidable challenge for digital forensics practitioners.
Digital forensics is becoming increasingly important with the escalation of cybercrime and other network-related serious crimes. Understanding the laws and regulations governing electronic communications, cybercrimes, and data retention requires the continuous acquisition of new knowledge, methods, and tools. Digital evidence is everywhere and plays an important role in virtually any criminal investigation, from petty crimes to cybercrime, organized crime, and terrorism. It is therefore critically important that students of computer science and security acquire a fundamental understanding of digital forensics, in order to take part in the public debate and to act as experts in a legal context.
1.1 Forensic Science
Forensic science is a branch of science that is widely popularized in fiction and in contemporary media, ranging from Sir Arthur Conan Doyle's first Sherlock Holmes novel A Study in Scarlet published in 1887 to today's CSI and similar crime shows. It is commonly understood that forensic science is both highly inquisitive, requiring a creative mindset, and formalistic, requiring a strict adherence to established processes. An authoritative textbook in the field, Criminalistics (Saferstein, 2007), states that âforensic science in its broadest definition is the application of science to law.â The terms criminalistics and forensic science are used interchangeably, although criminalistics has a stronger flavor of the services of a crime laboratory. For the purpose of this book, we will only use the first term, as defined in Definition 1.1.
Definition 1.1: Forensic Science
The application of scientific methods to establish factual answers to legal problems.
A forensic scientist is responsible for the important task of establishing facts related to questions such as: what has happened, how did it happen, who has been involved, and when did it occur? To solve such problems, a forensic scientist draws on methods and tools from a wide range of theoretical and applied sciences, including biology, medicine, physics, geology, computer science, and electrical engineering. As it is often not possible to answer a problem with full certainty, a forensic scientist is also trained to apply statistics to express the results in terms of probabilities (for a comprehensive discussion, see Aitken & Taroni, 2004).
1.1.1 History of Forensic Science
Forensic science was established as a separate scientific domain during the 1800s and early 1900s. The contributions of this new area of science dramatically changed the effectiveness of law enforcement. A comprehensive overview of the contributions is available in Saferstein (2007), but some notable innovators and milestones are:
- Mathieu Orfila (1787â1853), considered the father of forensic toxicology, published the first scientific text on forensic toxicology in 1814.
- Alphonse Bertillon (1853â1914) developed a method for identification through body measurements and published a system on personal identification in 1879.
- Francis Galton (1822â1911) studied fingerprints as a means of identification and published the book Finger Prints in 1892.
- Hans Gross (1847â1915) established the principles for the application of science in investigations in several publications, the first one in 1893.
- Alberts S. Osborn (1858â1946) established scientific principles for document examination and published the book Questioned Documents in 1910.
- Leone Lattes (1887â1954) studied characteristics of blood types for identification and created a method for the analysis of blood groups in blood stains in 1915.
- Edmond Locard (1877â1966), recognized worldwide for promoting the scientific method in criminal investigation, established a police laboratory in Lyon in 1910.
1.1.2 Locard's Exchange Principle
Edmond Locard formulated the famous Locard's exchange principle, which has served as an important principle for subsequent research within forensic science. The principle states that âwhen a person or object comes in contact with another person or object, a cross-transfer of materials occursâ (Saferstein, 2007). In this way, every criminal can be connected to a crime through trace evidence. It should, however, be noted that the principle cannot necessarily be directly applied to digital forensics, as the dynamics of digital evidence is different from that of physical evidence. In this textbook, we will, nonetheless, adopt Definition 1.2.
Definition 1.2: Locard's Exchange Principle
Whenever two objects come into contact with one another, there is an exchange of materials between them.
1.1.3 Crime Reconstruction
Crime reconstruction (or crime scene reconstruction) is the process of determining the most likely hypothesis, or sequence of events, through the application of the scientific method. For the purpose of this textbook, we apply Definition 1.3, based on the book Crime Reconstruction by Chisum and Turvey (2008).
Definition 1.3: Crime Reconstruction
Crime reconstruction is the determination of the actions and events surrounding the commission of a crime.
A crime reconstruction can leverage a wide range of forensic methods, for example firearm ballistics tests, statistical simulations, and biological experiments. The objective is to establish a hypothesis about the event or sequence of events and then to test whether the hypothesis is possible or not. If the hypothesis is confirmed, then one possible explanation has been identified. If it is refuted, then the explanation is not possible and other hypotheses will have to be considered.
1.1.4 Investigations
An i...