Handbook of Computer Crime Investigation: Forensic Tools and Technology [Paperback]

The audience for this book is obviously the legal and law enforcement communities, so any library serving them would find this an excellent introduction. Any law firm looking to get into the field would do well to start here. - E-Streams Academic law, business or computer science collections will, however, find this book a useful introduction to an increasingly important field - even large public libraries will find an eager audience in an uncertain world. - E-Streams

Following on the success of his introductory text, "Digital Evidence and Computer Crime", Eoghan Casey brings together a few top experts to create the first detailed guide for professionals who are already familiar with digital evidence. "The Handbook of Computer Crime Investigation" helps readers master the forensic analysis of computer systems with a three-part approach covering tools, technology, and case studies. The Tools section provides the details on leading software programs, with each chapter written by that product's creator. The section ends with an objective comparison of the strengths and limitations of each tool. The main Technology section provides the technical 'how to' information for collecting and analyzing digital evidence in common situations, starting with computers, moving on to networks, and culminating with embedded systems. The Case Examples section gives readers a sense of the technical, legal, and practical challenges that arise in real computer investigations. The Tools section provides details of leading hardware and software. The main Technology section provides the technical 'how to' information for collecting and analysing digital evidence in common situations. Case Examples give readers a sense of the technical, legal, and practical challenges that arise in real computer investigations.

Eoghan Casey is founding partner of cmdLabs, author of the foundational book Digital Evidence and Computer Crime, and coauthor of Malware Forensics. For over a decade, he has dedicated himself to advancing the practice of incident handling and digital forensics. He helps client organizations handle security breaches and analyzes digital evidence in a wide range of investigations, including network intrusions with international scope. He has testified in civil and criminal cases, and has submitted expert reports and prepared trial exhibits for computer forensic and cyber-crime cases. Eoghan has performed thousands of forensic acquisitions and examinations, including Windows and UNIX systems, Enterprise servers, smart phones, cell phones, network logs, backup tapes, and database systems. He has performed vulnerability assessments, deployed and maintained intrusion detection systems, firewalls and public key infrastructures, and developed policies, procedures, and educational programs for a variety of organizations. In addition, he conducts research and teaches graduate students at Johns Hopkins University Information Security Institute, is editor of the Handbook of Digital Forensics and Investigation, and is Editor-in-Chief of Elsevier's International Journal of Digital Investigation.