Ebook: Advances in Digital Forensics III: IFIP International Conference on Digital Forensics, National Centre for Forensic Science, Orlando, Florida, January 28-January 31, 2007
Author: Barbara Endicott-Popovsky Brian Chee Deborah Frincke (auth.) Philip Craiger Sujeet Shenoi (eds.)
- Tags: Computer Science general
- Series: IFIP — The International Federation for Information Processing 242
- Year: 2007
- Publisher: Springer US
- Edition: 1
- Language: English
- pdf
ADVANCES IN DIGITAL FORENSICS III
Edited by: Philip Craiger and Sujeet Shenoi
Digital forensics deals with the acquisition, preservation, examination, analysis and presentation of electronic evidence. Networked computing, wireless communications and portable electronic devices have expanded the role of digital forensics beyond traditional computer crime investigations. Practically every crime now involves some aspect of digital evidence; digital forensics provides the techniques and tools to articulate this evidence. Digital forensics also has myriad intelligence applications. Furthermore, it has a vital role in information assurance -- investigations of security breaches yield valuable information that can be used to design more secure systems.
Advances in Digital Forensics III describes original research results and innovative applications in the emerging discipline of digital forensics. In addition, it highlights some of the major technical and legal issues related to digital evidence and electronic crime investigations. The areas of coverage include:
- Legal Issues
- Insider Threat Detection
- Rootkit Detection
- Authorship Attribution
- Forensic Techniques
- File System Forensics
- Network Forensics
- Portable Electronic Device Forensics
- Evidence Analysis and Management
- Formal Methods
This book is the third volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.9 on Digital Forensics, an international community of scientists, engineers and practitioners dedicated to advancing the state of the art of research and practice in digital forensics. The book contains a selection of twenty-four edited papers from the Third Annual IFIP WG 11.9 Conference on Digital Forensics, held at the National Center for Forensic Science, Orlando, Florida, USA in the spring of 2007.
Advances in Digital Forensics III is an important resource for researchers, faculty members and graduate students, as well as for practitioners and individuals engaged in research and development efforts for the law enforcement and intelligence communities.
Philip Craiger is an Assistant Professor of Engineering Technology and Assistant Director for Digital Evidence at the National Center for Forensic Science, University of Central Florida, Orlando, Florida, USA.
Sujeet Shenoi is the F.P. Walter Professor of Computer Science and a principal with the Center for Information Security at the University of Tulsa, Tulsa, Oklahoma, USA.
ADVANCES IN DIGITAL FORENSICS III
Edited by: Philip Craiger and Sujeet Shenoi
Digital forensics deals with the acquisition, preservation, examination, analysis and presentation of electronic evidence. Networked computing, wireless communications and portable electronic devices have expanded the role of digital forensics beyond traditional computer crime investigations. Practically every crime now involves some aspect of digital evidence; digital forensics provides the techniques and tools to articulate this evidence. Digital forensics also has myriad intelligence applications. Furthermore, it has a vital role in information assurance -- investigations of security breaches yield valuable information that can be used to design more secure systems.
Advances in Digital Forensics III describes original research results and innovative applications in the emerging discipline of digital forensics. In addition, it highlights some of the major technical and legal issues related to digital evidence and electronic crime investigations. The areas of coverage include:
- Legal Issues
- Insider Threat Detection
- Rootkit Detection
- Authorship Attribution
- Forensic Techniques
- File System Forensics
- Network Forensics
- Portable Electronic Device Forensics
- Evidence Analysis and Management
- Formal Methods
This book is the third volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.9 on Digital Forensics, an international community of scientists, engineers and practitioners dedicated to advancing the state of the art of research and practice in digital forensics. The book contains a selection of twenty-four edited papers from the Third Annual IFIP WG 11.9 Conference on Digital Forensics, held at the National Center for Forensic Science, Orlando, Florida, USA in the spring of 2007.
Advances in Digital Forensics III is an important resource for researchers, faculty members and graduate students, as well as for practitioners and individuals engaged in research and development efforts for the law enforcement and intelligence communities.
Philip Craiger is an Assistant Professor of Engineering Technology and Assistant Director for Digital Evidence at the National Center for Forensic Science, University of Central Florida, Orlando, Florida, USA.
Sujeet Shenoi is the F.P. Walter Professor of Computer Science and a principal with the Center for Information Security at the University of Tulsa, Tulsa, Oklahoma, USA.
ADVANCES IN DIGITAL FORENSICS III
Edited by: Philip Craiger and Sujeet Shenoi
Digital forensics deals with the acquisition, preservation, examination, analysis and presentation of electronic evidence. Networked computing, wireless communications and portable electronic devices have expanded the role of digital forensics beyond traditional computer crime investigations. Practically every crime now involves some aspect of digital evidence; digital forensics provides the techniques and tools to articulate this evidence. Digital forensics also has myriad intelligence applications. Furthermore, it has a vital role in information assurance -- investigations of security breaches yield valuable information that can be used to design more secure systems.
Advances in Digital Forensics III describes original research results and innovative applications in the emerging discipline of digital forensics. In addition, it highlights some of the major technical and legal issues related to digital evidence and electronic crime investigations. The areas of coverage include:
- Legal Issues
- Insider Threat Detection
- Rootkit Detection
- Authorship Attribution
- Forensic Techniques
- File System Forensics
- Network Forensics
- Portable Electronic Device Forensics
- Evidence Analysis and Management
- Formal Methods
This book is the third volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.9 on Digital Forensics, an international community of scientists, engineers and practitioners dedicated to advancing the state of the art of research and practice in digital forensics. The book contains a selection of twenty-four edited papers from the Third Annual IFIP WG 11.9 Conference on Digital Forensics, held at the National Center for Forensic Science, Orlando, Florida, USA in the spring of 2007.
Advances in Digital Forensics III is an important resource for researchers, faculty members and graduate students, as well as for practitioners and individuals engaged in research and development efforts for the law enforcement and intelligence communities.
Philip Craiger is an Assistant Professor of Engineering Technology and Assistant Director for Digital Evidence at the National Center for Forensic Science, University of Central Florida, Orlando, Florida, USA.
Sujeet Shenoi is the F.P. Walter Professor of Computer Science and a principal with the Center for Information Security at the University of Tulsa, Tulsa, Oklahoma, USA.
Content:
Front Matter....Pages n1-xx
Front Matter....Pages 1-1
Calibration Testing Of Network Tap Devices....Pages 3-19
On the Legality of Analyzing Telephone Call Records....Pages 21-39
Survey of Law Enforcement Perceptions Regarding Digital Evidence....Pages 41-52
Front Matter....Pages 53-53
Insider Threat Analysis Using Information-Centric Modeling....Pages 55-73
An Integrated System for Insider Threat Detection....Pages 75-86
Front Matter....Pages 87-87
Analysis of Tools for Detecting Rootkits and Hidden Processes....Pages 89-105
A Method for Detecting Linux Kernel Module Rootkits....Pages 107-116
Front Matter....Pages 117-117
Future Trends in Authorship Attribution....Pages 119-132
The Keyboard Dilemma and Authorship Identification....Pages 133-146
Front Matter....Pages 147-147
Factors Affecting One-Way Hashing of CD-R Media....Pages 149-161
Disk Drive I/O Commands and Write Blocking....Pages 163-177
A New Process Model for Text String Searching....Pages 179-191
Detecting Steganography Using Multi-Class Classification....Pages 193-204
Redacting Digital Information from Electronic Devices....Pages 205-214
Front Matter....Pages 215-215
In-Place File Carving....Pages 217-230
File System Journal Forensics....Pages 231-244
Front Matter....Pages 245-245
Using Search Engines to Acquire Network Forensic Evidence....Pages 247-253
A Framework for Investigating Railroad Accidents....Pages 255-265
Front Matter....Pages 267-267
Forensic Analysis of Xbox Consoles....Pages 269-280
Super-Resolution Video Analysis for Forensic Investigations....Pages 281-299
Front Matter....Pages 301-301
Specializing CRISP-DM for Evidence Mining....Pages 303-315
Applying The Biba Integrity Model to Evidence Management....Pages 317-327
Front Matter....Pages 329-329
Investigating Computer Attacks Using Attack Trees....Pages 331-343
Attack Patterns: A New Forensic and Design Tool....Pages 345-357
ADVANCES IN DIGITAL FORENSICS III
Edited by: Philip Craiger and Sujeet Shenoi
Digital forensics deals with the acquisition, preservation, examination, analysis and presentation of electronic evidence. Networked computing, wireless communications and portable electronic devices have expanded the role of digital forensics beyond traditional computer crime investigations. Practically every crime now involves some aspect of digital evidence; digital forensics provides the techniques and tools to articulate this evidence. Digital forensics also has myriad intelligence applications. Furthermore, it has a vital role in information assurance -- investigations of security breaches yield valuable information that can be used to design more secure systems.
Advances in Digital Forensics III describes original research results and innovative applications in the emerging discipline of digital forensics. In addition, it highlights some of the major technical and legal issues related to digital evidence and electronic crime investigations. The areas of coverage include:
- Legal Issues
- Insider Threat Detection
- Rootkit Detection
- Authorship Attribution
- Forensic Techniques
- File System Forensics
- Network Forensics
- Portable Electronic Device Forensics
- Evidence Analysis and Management
- Formal Methods
This book is the third volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.9 on Digital Forensics, an international community of scientists, engineers and practitioners dedicated to advancing the state of the art of research and practice in digital forensics. The book contains a selection of twenty-four edited papers from the Third Annual IFIP WG 11.9 Conference on Digital Forensics, held at the National Center for Forensic Science, Orlando, Florida, USA in the spring of 2007.
Advances in Digital Forensics III is an important resource for researchers, faculty members and graduate students, as well as for practitioners and individuals engaged in research and development efforts for the law enforcement and intelligence communities.
Philip Craiger is an Assistant Professor of Engineering Technology and Assistant Director for Digital Evidence at the National Center for Forensic Science, University of Central Florida, Orlando, Florida, USA.
Sujeet Shenoi is the F.P. Walter Professor of Computer Science and a principal with the Center for Information Security at the University of Tulsa, Tulsa, Oklahoma, USA.
Content:
Front Matter....Pages n1-xx
Front Matter....Pages 1-1
Calibration Testing Of Network Tap Devices....Pages 3-19
On the Legality of Analyzing Telephone Call Records....Pages 21-39
Survey of Law Enforcement Perceptions Regarding Digital Evidence....Pages 41-52
Front Matter....Pages 53-53
Insider Threat Analysis Using Information-Centric Modeling....Pages 55-73
An Integrated System for Insider Threat Detection....Pages 75-86
Front Matter....Pages 87-87
Analysis of Tools for Detecting Rootkits and Hidden Processes....Pages 89-105
A Method for Detecting Linux Kernel Module Rootkits....Pages 107-116
Front Matter....Pages 117-117
Future Trends in Authorship Attribution....Pages 119-132
The Keyboard Dilemma and Authorship Identification....Pages 133-146
Front Matter....Pages 147-147
Factors Affecting One-Way Hashing of CD-R Media....Pages 149-161
Disk Drive I/O Commands and Write Blocking....Pages 163-177
A New Process Model for Text String Searching....Pages 179-191
Detecting Steganography Using Multi-Class Classification....Pages 193-204
Redacting Digital Information from Electronic Devices....Pages 205-214
Front Matter....Pages 215-215
In-Place File Carving....Pages 217-230
File System Journal Forensics....Pages 231-244
Front Matter....Pages 245-245
Using Search Engines to Acquire Network Forensic Evidence....Pages 247-253
A Framework for Investigating Railroad Accidents....Pages 255-265
Front Matter....Pages 267-267
Forensic Analysis of Xbox Consoles....Pages 269-280
Super-Resolution Video Analysis for Forensic Investigations....Pages 281-299
Front Matter....Pages 301-301
Specializing CRISP-DM for Evidence Mining....Pages 303-315
Applying The Biba Integrity Model to Evidence Management....Pages 317-327
Front Matter....Pages 329-329
Investigating Computer Attacks Using Attack Trees....Pages 331-343
Attack Patterns: A New Forensic and Design Tool....Pages 345-357
....