Now Shipping !

Digital Evidence and
Computer Crime
2nd Edition
by Eoghan Casey

Digital Evidence and Computer Crime, 2nd Edition
Forensic Science, Computers, and the Internet
by Eoghan Casey
Published by Academic Press
690 pp
Publication date: 2004

To order now click here. For details, including the table of contents, introduction, information about the contributors, and related resources click here.

Digital evidence - evidence that is stored or transmitted using computers - can be useful in any investigation, including homicide, child exploitation, computer intrusion, and corporate malfeasance. The scope of computer crime has expanded further with the proliferation of networks, mobile devices, and equipment with computers embedded in them. Digital evidence from these systems can help establish when events occurred, where victims and suspects were, with whom they communicated, and may even show their intent to commit a crime. Despite the ubiquity of computer-facilitated crime, few people are well versed in the technical, investigative and legal issues related to digital evidence. As a result, digital evidence is often overlooked, collected incorrectly, or analyzed ineffectively.

Digital Evidence and Computer Crime, Second Edition provides the knowledge and skills necessary to uncover, preserve, and use digital evidence effectively in any kind of investigation. This text articulates the many facets of handling and utilizing digital evidence, providing a valuable resource for digital investigators in law enforcement, computer security, and the military. It will also serve to inform attorneys and judges about the key issues surrounding digital evidence. In addition to updated and expanded coverage on topics included in the first edition, this edition contains ten new chapters that include coverage of the investigative process, investigative reconstruction, sex offenders on the Internet, as well as how to examine Windows, UNIX, Macintosh, and handheld computers. Relevant legal issues from both the U.S. and European perspectives are discussed as is deductive criminal profiling, a systematic approach to focusing an investigation and understanding criminal motivations.

Criminal Profiling:
An Introduction to Behavioral Evidence Analysis
2nd Edition
by Brent E. Turvey, MS

A discussion of criminal profiling in the context of the Internet is provided by Eoghan Casey in Chapter 27 (Cyberpatterns: Criminal Behavior on the Internet). For further information on this book, see the Criminal Profiling shelf.

Eoghan's recommendation: This text provides a good introduction to forensic analysis of personal computers, focusing on investigating computer fraud. Although the technical information in this book is mainly related to IBM compatible computers and is somewhat outdated, enough general concepts and applied examples are covered to make the text more generally useful. Chapter 5 "Computers, Evidence, and the Law" could be developed into a book itself, presenting English computer crime legislation and discussing admissibility of evidence. I recommend this book to investigators and attorneys who deal with computer fraud and personal computers as a source of evidence.

Eoghan's recommendation: This introductory text provides a good overview of responding to incidents and handling the associated evidence.

Eoghan's recommendation: This introductory text provides an overview of handling computers as a source of evidence, providing sample files to help readers apply concepts. Some sample files and additional information about this book are available here.

Eoghan's recommendation: Though this book is written for Information Security Professionals to help them avoid incidents, it has enough legal and investigative information to be useful to a wider audience, including law enforcement. For example, this book contains a well researched overview of the history of computer crime and presents some guidelines for investigating incidents. Also, Carroll discusses computer crime laws from around the world in more detail than any other single author. The remainder of the book covers other important aspects of information security such as planning, policy making, physical security, communications security and system security. I recommend this book to anyone who already has some understanding of computer crime and wants to learn more without getting too technical.

Eoghan's recommendation: This is the closest thing that I have found to a comprehensive history of computer related crime. This collection of essays covers the evolution of computer crime, starting with The Discovery of Computer Abuse (1946-76), moving on to The Criminalization of Computer Crime (1977-1987), going on to describe The Demonization of Hackers (1988-92), and ending with The Censorship Period (1993-present). Though this book is very expensive, I recommend it to anyone who has a serious interest in computer crime. As well as being an excellent historical reference, this book introduces the reader to important individuals, including Kenneth Rosenblatt, Gene Spafford and Donn Parker (see their books below).

Eoghan's recommendation: Donn Parker was concerned with computer crime before it was a crime and he was instrumental in the enactment of the first computer crime law in Florida in 1978. This book brings together over two decades of experience, describing many cases to clarify important concepts. As such, there is something in this book for everyone even though it is aimed at Information Security Professionals. The chapter covering criminal motivations is disappointing but at least the subject is considered. I recommend this to anyone who wants a comprehensive and relatively non-technical introduction to computer related crime.

Eoghan's recommendation: This is an excellent book that covers fundamental technical aspects of computer hardware, drive geometry, file systems, and electronic organizers. Although the focus is on Intel hardware and FAT file systems, key concepts are presented in a manner to be generally useful. The section on electronic organizers deals with manual examination of these devices since the tools for processing these devices were not widely available at the time this book was written. This is a must read for practitioners in the field.

Eoghan's recommendation: Kenneth Rosenblatt is Deputy District Attorney for Santa Clara County, California. His proximity to Silicon Valley probably contributes to his deep knowledge of high-technology crime. He is an authority on the subject, making this book a must for law enforcement, lawyers, computer security professionals and anyone who will be involved in the investigation of computer crimes including computer intrusions, component theft and information theft. This book provides a mixture of technical information, guidelines for investigations, legal precedents, discussions of relevant legal issues, and much more. Additionally, this book comes with a computer diskette that contains useful examples and forms including checklists, warrants, affidavits and a sample protective order. This book is thorough, technical and well written making it an excellent resource and reference (the privacy chapter is particularly useful).

Eoghan's recommendation: This text provides excellent coverage of incident response and the role of computer forensics in this process. In addition to providing a solid methodology useful to novices and experts alike, this text contains technical materials to challenge experienced professionals. Written by experienced investigators, this book is a must read. Additional information and resources relating to this book are available at www.incidentresponsebook.com

Eoghan's recommendation: This book focuses on crimes targeting computer systems, presenting the basics of investigating computer intrusions, denial of service attacks, and other pure computer crimes. This text also covers basic forensic examination of computers, relying heavily on tools created by New Technology, Inc. (tools not included). Although this book is weak on technical details and practical examples, it is strong on the procedural and conceptual elements of computer crime investigation, making it a good introductory text for information security professionals.

Eoghan's recommendation: Although somewhat outdated, this is a quick read and with practical advice from an experienced investigator of crimes involving computers (Diliberto) and a network systems specialist (Clark). The technical information in this book is mainly related to IBMs and compatibles (e.g. how to create a boot disk). However, there is a great deal of practical information that is applicable in a variety of investigations. My favorite chapter in this book is "Investigating Bulletin Boards". Many of the guidelines in this chapter are directly relevant in investigations involving the Internet. I recommend this book to investigators in the law enforcement community.

For more information on a book, or to order, please click on the title of the book

Bandits on the Information Superhighway (What You Need to Know)
by Daniel J. Barrett
Published by O'Reilly & Assoc.
Publication date: February 1,1996

Computer Crime: A Crimefighter's Handbook
by Karl A. Seger, Vonstorch, David Icove
Published by O'Reilly & Assoc
Publication date: September 1995

Eoghan's note: This book began as a training manual in the FBI giving a good overview of computer crime as defined in federal and state statutes. In other words, this book focuses on crimes such as computer intrusion and theft of assets and information. As well as providing rough guidelines for collecting computers as evidence, this book discusses computer security risks in general terms and presents some preventative measures that can be taken to protect computer systems. Computer crime statutes from around the world are reproduced in this book for reference. A table of some computer criminal characteristics is provided in this book to help develop profiles but this profiling tool is very limited. Though there is not enough technical detail in this book to enable you to investigate a computer crime, it is an excellent starting point and a useful reference. This book is a good read for members of the law enforcement and legal communities. Also, professionals who are responsible for dealing with computer security in an organization will find some of the discussions useful.

Computer-Related Risks
by Peter G. Neumann
Published by Addison-Wesley Pub CO
Publication date: January 1995

Computers, Surveillance, and Privacy
by David Lyon (Editor), Elia Zureik (Editor)
Published by Univ of Minnesota Press
Publication date: April 1,1996

The Cuckoo's Egg: Tacking a Spy Through the Maze of Computer Espionage
by Cliff Stoll
Published by Pocket Books
Publication date: July 1995

Eoghan's note: An easy to read account of an beginner learning to investigate computer intrusions. This will give hope to anyone who has had to deal with computer crime or wants to deal with computer crime.

From the Publisher: Welcome to the dark side of cyberspace! Here is a Cook's tour of online crime, with sound, practical advice (some of it from the hackers themselves!) which you can put to immediate use. Cyber Crime is everybody's quick 'n easy guide to safeguarding home and business computers and keeping clear of the online bad guys. Covers phreakers, hackers, viruses, harassment, data diddling, stalking, fraud, pornography, pedophiles, e-mail security, privacy.

Midwest Book Review: Cyber crime manifests itself as pornography on the web, online harassment and stalking, e-mail security violation, data security violation, virus implantation, fraud, unauthorized credit card access, and more. Cyber Crime is a much needed book wherein readers will learn about the three step scale of vulnerability, cyber-cops and how they walk the "digital beat" and view intimate portraits of hackers and the tools they use. Complete with indispensable appendices, a list of online resources and a glossary of terms, Cyber Crime is as vital an addition to the computer shelf as any "how-to" software manual.

Synopsis: One of the first lawyers to "live and work in cyberspace, " uses his extensive personal and professional experiences on the Net as a backdrop for discussing questions that have an impact on every online traveler such as What's the difference between public and private e-mail? How does libel law apply to electronic messages? and others. This is a timely exploration of the complex issues surrounding free speech and the right to privacy.

Amazon.com: Written by a highly regarded and well-known expert in the field, CyberLaw provides a comprehensive guide to legal issues which have arisen as a result of the growth of the Internet and World Wide Web. As well as discussing each topic in detail, the book includes extensive coverage of the relevant cases and their implications for the future. The book covers a wide range of legal issues, including copyright and trademark issues, defamation, and privacy.

Amazon.com Books: Jonathan Littman takes us into the mind of Kevin Mitnick, cyberspace's most wanted hacker. Drawing on over fifty hours of phone conversations with Mitnick on the run, Littman reveals Mitnick's double life; his narrow escapes; his new identities; his mastery of "social engineering"; his obsession with revenge. The electronic adventure story that emerges reads like a spy thriller, but also raises questions about Internet security and tensions between constitutional rights of privacy and law enforcement. A good companion piece to the other side of the story, Tsutomu Shimomura's book Takedown.

Eoghan's note: This book contains a collection of essays by hackers, computer scientists, philosophers, software engineers and others covering issues on the Internet including property, privacy and freedom of speech.

High-Technology Crime Investigator's Handbook; Working in the Global Information Environment
by Dr. Gerald L. Kovacich, William C. Boni
Paperback, 298 pages
Published by Butterworth-Heinemann
Publication date: September 15, 1999

Amazon.com: This book is coming at a time when high technology crime is growing at a rapid pace, and private and public law enforcement are struggling to keep up. The book will inform readers about the potential of high tech crimes, in addition to the resources that are available to combat them. This book is unique in that it fully covers the management of a high tech investigation unit. Criminals today are often better equipped than the agencies responsible for stopping them. Federal, state, county, and local law enforcement agencies and civilian investigative organizations lag far behind in their procurement and use of high technology equipment, and methods of conducting technology-related investigations.

The Information Systems Security Officer's Guide: Establishing and Managing an Information Protection Program
by Dr. Gerald L. Kovacich
Paperback, 172 pages
Published by Butterworth-Heinemann
Publication date: May 1998

Amazon.com: The information systems security (infosec) profession is one of the fastest growing professions today, which has caused an ever-increasing need and demand for training of security professionals. With the advent of email and the Internet and their wide uses as methods of conducting business, a growing amount of emphasis is being placed on infosec. This book presents a total systems approach to the all the topics needed for the infosec professional, beginning with defining the position of the information systems security officer (ISSO), to establishing and managing an infosec program. It is based on a business approach, not a technical approach. The author writes from over 14 years of research and experience. Each chapter ends with thought-provoking questions for use by the instructor.

I-Way Robbery: Crime on the Internet
by William C. Boni, Dr. Gerald L. Kovacich
Paperback, 240 pages
Published by Butterworth-Heinemann
Publication date: May 1999

Amazon.com: I-Way Robbery is for security, investigative, law enforcement, and other criminal justice professionals, offering a unique look at the Internet as the new crime environment for the 21st century. The book provides an overview of the Internet, its impact on nations, societies, criminals, security officers, and law enforcement professionals, and includes recommended basic, protective measures. I-Way Robbery is written in non-technical terms. It is also an excellent reference for business and government agency managers who must understand their responsibilities as they relate to asset protection - especially those who have on and off ramps connected to the I-Way. Boni and Kovacich start with the basics and teach users about the Internet before teaching them about the security risks. This addresses the subject from the non-information systems perspective and educates the average user about the overall risks and appropriate protective measures they should enforce and follow. This book is a must-have for anyone with an interest in the pitfalls and precautions of doing business on the Internet

Eoghan's note: Though I am wary of recommending a book by "Anonymous, this book contains quite a bit of useful information about computer crime. Reading through this book you can learn about much of the jargon and many of the tools and resources that "hackers" use. The author of this book also has a more specific "Maximum Linux Security" book.

Eoghan's note: This is a very accessible book that I recommend to anyone who has little or no understanding of the legal issues on the Internet. Lance Rose is an attorney who specializes in online law and was co-author of the book Syslaw, published in 1992. This book presents many of the landmark cases involving computer networks and provides sage legal advice on a wide range of issues including privacy, defamation, pornography, computer intrusion, search and seizure. A second edition was scheduled to come out in 1997 but has been delayed.

Online Law: The SPA's Legal Guide to Doing Business on the Internet
by Thomas J. Smedinghoff (Editor)
Published by Addison Wesley Developers Press
Publication date: May 1996

Eoghan's note: At the moment, this is one the most comprehensive and up to date books about online law. The Software Publisher's Association wrote this book to encourage people to business on the Internet. Accordingly, they explain the legal issues clearly and put the future of online business in a very positive light. Read this for excellent legal interpretations, analyses and pointers.

Privacy on the Line: The Politics of Wiretapping and Encryption
by Diffie and Landau
Published by MIT Press
Publication date: February 1998

Eoghan's note: Privacy is an important consideration in any investigation, especially when new technologies and laws are involved. When investigators violate an individual's privacy the results can be catastrophic. For instance, investigators have been sued for disregarding key privacy laws during an investigation. This well-written book presents important laws and cases, discusses national security and cryptography and devotes a chapter to law enforcement. This to book can benefit law enforcement, attorneys and computer security professionals.

Secrets of a Super Hacker
by The Knightmare
Published by Loompanics Unlimited
Publication date: March 1,1994

Eoghan's note: Entertaining if you like anecdotes but lacks practical information.

Eoghan's note: A free speech book giving good coverage of several important cases involving the Internet (e.g. Amateur Action BBS; Baker; The Church of Scientology; Candyland's Bomb recipe pages). Read this book for the details of how the cases were investigated.

Eoghan's note: As the title claims, Tsutomu Shimomura is the man who caught Kevin Mitnick, an infamous computer cracker. This is a fun, informative read describing a significant historical event.

Your Personal Netspy: How You Can Access the Facts and Cover Your Tracks Using the Internet and Online Services
by Michael Wolff
Published by Wolff New Media
Publication date: August 1,1996