Alternate Data Storage Forensics

Alternate Data Storage Forensics

by Amber Schroader, Tyler Cohen
Released April 2011
Publisher(s): Syngress
ISBN: 9780080554754

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Learn to pull “digital fingerprints” from alternate data storage (ADS) devices including: iPod, Xbox, digital cameras and more from the cyber sleuths who train the Secret Service, FBI, and Department of Defense in bleeding edge digital forensics techniques. This book sets a new forensic methodology standard for investigators to use.
This book begins by describing how alternate data storage devices are used to both move and hide data. From here a series of case studies using bleeding edge forensic analysis tools demonstrate to readers how to perform forensic investigations on a variety of ADS devices including: Apple iPods, Digital Video Recorders, Cameras, Gaming Consoles (Xbox, PS2, and PSP), Bluetooth devices, and more using state of the art tools. Finally, the book takes a look into the future at “not yet every day” devices which will soon be common repositories for hiding and moving data for both legitimate and illegitimate purposes.
  • Authors are undisputed leaders who train the Secret Service, FBI, and Department of Defense
  • Book presents "one of a kind" bleeding edge information that absolutely can not be found anywhere else
  • Today the industry has exploded and cyber investigators can be found in almost every field

Table of contents

  1. Front Cover
  2. Alternate Data Storage Forensics
  3. Copyright Page (1/2)
  4. Copyright Page (2/2)
  5. Contents (1/2)
  6. Contents (2/2)
  7. Chapter 1. Digital Forensics and Analyzing Data
    1. Introduction
    2. The Evolution of Computer Forensics
    3. Phases of Digital Forensics (1/7)
    4. Phases of Digital Forensics (2/7)
    5. Phases of Digital Forensics (3/7)
    6. Phases of Digital Forensics (4/7)
    7. Phases of Digital Forensics (5/7)
    8. Phases of Digital Forensics (6/7)
    9. Phases of Digital Forensics (7/7)
    10. Summary
    11. References
    12. Solutions Fast Track
    13. Frequently Asked Questions
  8. Chapter 2. Seizure of Digital Information
    1. Introduction
    2. Defining Digital Evidence
    3. Digital Evidence Seizure Methodology (1/2)
    4. Digital Evidence Seizure Methodology (2/2)
    5. Factors Limiting the Wholesale Seizure of Hardware (1/2)
    6. Factors Limiting the Wholesale Seizure of Hardware (2/2)
    7. Other Options for Seizing Digital Evidence (1/4)
    8. Other Options for Seizing Digital Evidence (2/4)
    9. Other Options for Seizing Digital Evidence (3/4)
    10. Other Options for Seizing Digital Evidence (4/4)
    11. Common Threads within Digital Evidence Seizure
    12. Determining the Most Appropriate Seizure Method
    13. Summary
    14. Works Cited
    15. Solutions Fast Track
    16. Frequently Asked Questions
  9. Chapter 3. Introduction to Handheld Forensics
    1. Digital Forensics
    2. What Is the Handheld Forensic Impact? (1/3)
    3. What Is the Handheld Forensic Impact? (2/3)
    4. What Is the Handheld Forensic Impact? (3/3)
    5. Cellular Handling
    6. Evidence Preservation
    7. Maintain a Forensic Data Connection
    8. Analysis and Reporting
  10. Chapter 4. PDA, Blackberry, and iPod Forensic Analysis
    1. Introduction
    2. PDA Forensics
    3. PDA Investigative Tips
    4. Expansion Sleeve Removed
    5. Deploying PDA Forensic Tools
    6. Introduction to the Blackberry
    7. Security for Stored Data
    8. Forensic Examination of a Blackberry
    9. Attacking The Blackberry
    10. Securing the Blackberry (RIM)
    11. iPod Forensics
    12. Misuse of an iPod
    13. iPod Investigation
    14. The iPod and Windows
    15. The iPod and Linux
    16. User Accounts
    17. Deleted Files
    18. iPod Time Issues
    19. Registry Key Containing the iPod’s USB/Firewire Serial Number
    20. iPod Tools
    21. Summary
    22. Notes
    23. Solutions Fast Track
    24. Frequently Asked Questions
  11. Chapter 5. E-mail Forensics
    1. Introduction
    2. Where to Start?
    3. Forensic Acquisition
    4. Processing Local Mail Archives (1/2)
    5. Processing Local Mail Archives (2/2)
    6. Using Paraben's Network E-mail Examiner (NEMX)
  12. Chapter 6. Router Forensics
    1. Introduction
    2. Network Forensics
    3. Searching for Evidence
    4. An Overview of Routers
    5. Hacking Routers
    6. Investigating Routers
    7. Incident Response
    8. Summary
    9. Solutions Fast Track
    10. Frequently Asked Questions
  13. Chapter 7. Legal Issues of Intercepting WiFi Transmissions
    1. Introduction
    2. WiFi Technology
    3. Understanding WiFi RF
    4. Scanning RF
    5. Eavesdropping on WiFi
    6. Fourth Amendment Expectation of Privacy in WLANs
    7. Summary
    8. Works Cited
    9. Solutions Fast Track
    10. Freyuently Asked Questions
  14. Chapter 8. CD and DVD Forensics
    1. Physical Characteritics of CD and DVD Media
    2. CD Features (1/5)
    3. CD Features (2/5)
    4. CD Features (3/5)
    5. CD Features (4/5)
    6. CD Features (5/5)
    7. CD and DVD Logical Structure (1/4)
    8. CD and DVD Logical Structure (2/4)
    9. CD and DVD Logical Structure (3/4)
    10. CD and DVD Logical Structure (4/4)
    11. Space Allocation by CD and DVD File Systems
    12. Disc Accessibility Problems
    13. Forensic Binary Images
    14. Collecting CD and DVD Evidence
    15. Preparing for Disc Examination (1/2)
    16. Preparing for Disc Examination (2/2)
  15. Chapter 9. MP3 Forensics
    1. Introduction
    2. History
    3. Why Is an iPod Considered Alternative Media?
    4. Imaging and Hashing
    5. Hardware vs . Nonhardware Imaging (1/2)
    6. Hardware vs . Nonhardware Imaging (2/2)
    7. Types of iPods
    8. File Systems
    9. “Hacking Tools” and Encrypted Home Directories
    10. Evidence: Normal vs . Not Normal (1/3)
    11. Evidence: Normal vs . Not Normal (2/3)
    12. Evidence: Normal vs . Not Normal (3/3)
    13. Analysis Tools
    14. Summary
  16. Index (1/5)
  17. Index (2/5)
  18. Index (3/5)
  19. Index (4/5)
  20. Index (5/5)

Product information

  • Title: Alternate Data Storage Forensics
  • Author(s): Amber Schroader, Tyler Cohen
  • Release date: April 2011
  • Publisher(s): Syngress
  • ISBN: 9780080554754