Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Digital forensic science : issues, methods, and challenges
Roussev V., Morgan & Claypool Publishers, San Rafael, CA, 2016. 156 pp. Type: Book (978-1-627059-59-6)
Date Reviewed: Jul 12 2017

Digital forensics is a challenging field that is becoming even more challenging over time due to changing technologies and computing paradigms. As computing moves more and more to mobile devices and cloud services, and away from traditional desktop and laptop computers, new tools and technologies will be needed to retrieve relevant data in digital forensic investigations.

Through approaching digital forensics from a computer science (CS)-centered viewpoint, the book illustrates the technical challenges of forensic investigations, and provides the technical background to prepare the reader to address these challenges. This approach puts this book into contrast with the majority of digital forensics texts available, which often devote a significant amount of coverage to legal and procedural issues. No coverage of such topics is found in this book, and it is not needed here, as that coverage is widely available elsewhere.

A brief history of digital forensics and an overview of forensic models are presented in just enough detail to provide appropriate context for the rest of the book. Separate chapters on system forensics and artifact forensics, which are the main focus of the book, follow. These sections include information on a wide variety of topics useful for digital forensics, including file and file system structures, approaches to analyzing memory contents, and hashing. The authors pay particular attention to how new technologies will affect forensic techniques, especially how the use of cloud services limits the available forensic information. Very few existing forensic tools are discussed, and when they are, it seems to be as an example of what types of operations are practical to do. The conclusion presents a brief overview of the major challenges the authors foresee affecting forensics in the near future.

At just 123 pages (not including the bibliography), this short book left me wanting more. Thankfully, many of its topics are covered in more detail elsewhere (although often not with the focus on forensics). I believe this book would be useful to anyone intending to write their own digital forensic tools, and would certainly be appropriate as a textbook in a forensics course that focused on the CS aspects of the topic. It would be less useful to those intending just to use existing tools for forensic investigations, although in this case it still may be somewhat interesting from the perspective of gaining greater understanding into what the tools are actually doing.
Reviewer:  Andrew Kalafut Review #: CR145412 (1709-0609)
Bookmark and Share
 
Security and Protection (K.6.5 )
 
 
Abuse And Crime Involving Computers (K.4.1 ... )
 
 
Security, Integrity, And Protection (H.2.7 ... )
 
Would you recommend this review?
yes
no
Other reviews under "Security and Protection": Date
CIRCAL and the representation of communication, concurrency, and time
Milne G. ACM Transactions on Programming Languages and Systems 7(2): 270-298, 1985. Type: Article		 Oct 1 1985
Computer security risk management
Palmer I., Potter G., Van Nostrand Reinhold Co., New York, NY, 1989. Type: Book (9780442302900)		 Apr 1 1991
Computers at risk
, National Academy Press, Washington, DC, 1991. Type: Book (9780309043885)		 Oct 1 1991
more...
E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use | Privacy Policy