Digital forensics remains an under-researched area, partly due to the interdisciplinary challenges specific to this research. The authors draw on their unique combination of experiences in law enforcement investigation (Malin, FBI Cyber Behavioral Analysis Center), academic and practitioner forensics (Casey, digital forensic expert and Editor in Chief of Digital Investigation), and the legal field (Aquilina, former Assistant US Attorney) to provide comprehensive and practical insight into malware forensics for Linux systems.
Digital forensics and malware analysis are usually discussed separately in the literature; however, there are overlaps in both processes and techniques, and I am glad that this book attempts to fill this gap, integrating forensic practices into malware analysis.
Being a practical researcher, I enjoyed reading the book. The step-by-step guidance and technical details of potential forensic artifacts in the various chapters will be extremely useful to forensic investigation. The use of relevant court cases in the discussion also helps the reader to understand the context and real-world implications (for example, faced by a forensic investigator) better. I only have a minor quibble: I would have preferred to have the list of references, cases cited, and resources at the end of the book rather than at the end of each chapter.
In conclusion, this book is a useful companion for law enforcement and the forensic community, as it will enhance their capability to deal with cases involving malware on Linux systems. For example, the reminders and checklists in the “Pitfalls to Avoid” section are particularly handy.
More reviews about this item: Amazon