This book is for those who desire to learn more about investigating and fighting digital crimes. It covers latest challenges faced in digital forensic like email forensic, mobile forensic and cloud forensic. It also sequentially explains disk forensic, network forensic, memory forensic, mobile forensic and cloud forensic. The lucid content of the book and the questions provided in each chapter help the learners to prepare themselves for digital forensic competitive exams.

Preface

Acknowledgements

About the Authors



1 Introduction to Computer Crimes

1.1 Introduction to Cybercrime

1.2 Categories of Cybercrimes

1.3 Types of Cybercrimes

1.4 The Internet Spawns Crime

1.5 Worms Versus Viruses

1.6 Role of Computers in Crimes

1.7 Cybercrime Statistics in India

1.8 Prevention of Cybercrime



2 Digital Forensic

2.1 Introduction to Digital Forensic

2.2 History of Forensic

2.3 Rules of Computer/Digital Forensic

2.4 Digital Forensic as a Discipline

2.5 Definition of Digital Forensic

2.6 Digital Forensic Investigations

2.7 Goal of Digital Forensic Investigation

2.8 Various DFI Process/Models/Framework

2.9 Ethical Issues



3 Digital Evidences

3.1 Introduction

3.2 What is Digital Evidence?

3.3 Rules of Digital Evidence

3.4 Characteristics of Digital Evidence

3.5 Types of Evidence

3.6 Challenges in Evidence Handling

3.7 Volatile Evidence

3.8 Evidence Handling Procedures

3.9 Ethical Issues/Legal Principles of Digital Evidence

3.10 Digital Evidence and Metadata



4 Ethical Hacking Methodology and Tools

4.1 Introduction

4.2 Types of Hackers

4.3 Reason for Hacking

4.4 Preventions from Hackers

4.5 Impact of Hacking

4.6 Steps Performed by Hackers

4.7 What is Ethical Hacking?

4.8 Who is an Ethical Hacker?

4.9 Ethical Issues

4.10 Ethical Hacking Process

4.11 Working of an Ethical Hacker

4.12 Identifying Types of Ethical Hacks

4.13 Different Tools for Ethical Hacking



5 Incidence Response Process

5.1 Introduction

5.2 Goals of Incident Response

5.3 People Involved in Incident Response Process

5.4 Incident Response Methodology

5.5 Activities in Initial Response

5.6 Phases after Detection of an Incident



6 Data Collection

6.1 Introduction

6.2 The Facts in a Criminal Case

6.3 People Involved in Data Collection Techniques

6.4 Live Data Collection

6.5 Live Data Collection from Windows System

6.6 Live Data Collection from UNIX System



7 Forensic Duplication

7.1 Introduction to Forensic Duplication

7.2 Rules of Forensic Duplication (Thumb Rule)

7.3 Necessity of Forensic Duplication

7.4 Forensic Duplicates as Admissible Evidence

7.5 Important Terms in Forensic Duplicate

7.6 Forensic Duplication Tool Requirements

7.7 Creating a Forensic Duplicate of a Hard Drive

7.8 Creating a Qualified Forensic Duplicate of a Hard Drive



8 File Systems

8.1 File Systems

8.2 Various Types of File Systems

8.3 Introduction to Storage Layers

8.4 Hard Disk Drive

8.5 Forensic Analysis of File Systems



9 Data Analysis

9.1 Preparation Steps for Forensic Analysis

9.2 Investigating Windows Systems

9.3 Investigating UNIX Systems

9.4 Hacker Tools



10 Network Forensic

10.1 Introduction to Intrusion Detection System

10.2 Types of Intrusion Detection System

10.3 Advantages and Disadvantages of IDS

10.4 Understanding Network Intrusions and Attacks

10.5 Recognizing Pre-Intrusion/Attack Activities

10.6 Port Scans

10.7 Address Spoofing

10.8 Attacking with Trojans, Viruses, and Worms

10.9 Understanding Password Cracking

10.10 Understanding Technical Exploits

10.11 Collecting Network-Based Evidence

10.12 Investigating Routers

10.13 Network Protocols



11 Report Writing

11.1 Goals of Report

11.2 Layout of an Investigative Report

11.3 Guidelines for Writing a Report



12 E-Mail Forensic

12.1 Introduction

12.2 Working of E-Mail

12.3 Steps in the E-Mail Communication

12.4 E-Mail Service Protocols

12.5 Internet Fraud

12.6 Securing Your E-Mail Account

12.7 IP Tracking

12.8 E-Mail Recovery

12.9 E-Mail Forensics Analysis Steps

12.10 E-Mail Forensic Tools



13 Mobile Phone Forensics

13.1 Mobile Hacking—SMS and Call Forging

13.2 Mobile Phone Forensics

13.3 Forensic Procedures

13.4 CIA Triad

13.5 Software and Hardware Mobile Phone Tricks

13.6 Android Forensics

13.7 Mobile Forensic Tools



14 Computer Forensics Tools

14.1 Introduction to Computer Forensics Tools

14.2 Evaluating Computer Forensics Tool Needs

14.3 Types of Computer Forensics Tools

14.4 Tasks Performed by Computer Forensics Tools

14.5 Tool Comparisons

14.6 Computer Forensics Software Tools

14.7 Computer Forensics Hardware Tools

14.8 Various Computer/Digital Forensic Tools



15 Cyber Law

15.1 Introduction to Cyber Laws

15.2 Three Bodies of Law

15.3 Types of Law

15.4 Levels of Law

15.5 Understanding Criminal Culpability

15.6 Level and Burden of Proof

15.7 Laws Related to Computers

15.8 The Indian Penal Code (IPC), 1860

15.9 Code of Criminal Procedure (CrPC), 1973

15.10 Electronic Communication Privacy Act (ECPA)

15.11 Level of Culpability

15.12 Mapping of Cybercrime with IT Act



16 Cloud Forensic

16.1 Introduction to Cloud Forensic

16.2 Three Dimensions of Cloud Forensic

16.3 Usage of Cloud Forensic

16.4 Challenges to Cloud Forensic

16.5 Opportunities

16.6 Impact of Cloud Computing on Digital Forensic

16.7 Cloud Forensic Tools



Summary

Key Terms

Solved Questions

Multiple Choice Questions

Fill in the Blanks

Review Questions

Case Study

Answer Key

Appendix A Lab Experiments

Further Reading