Digital forensics, an emerging trend in the field of forensic science, involves electronic media as evidence in the court of law. The term is synonymous with computer forensics or cyber forensics. Digital forensics focuses on the acquisition, analysis, and representation of digital evidence in forensic investigations. This book intends to cover this aspect of digital forensics.

The book consists of 11 chapters. Chapter 1 introduces digital forensics, including its categories, users, evidence and examination processes, cybercrime, and the process of a digital forensics investigation. Chapter 2 covers technical computing concepts such as data representation, memory and storage types, file systems, and the computing environment as a prerequisite “to verify the authenticity of any piece of digital data.” Chapter 3 identifies the requirements of a forensic lab, for example, electrical equipment, lab furniture, hardware devices, and the most popular commercial and open-source forensic software. Chapter 4 covers first responder tasks, that is, identification, seizure, documentation, transportation of electronic media for detailed investigation, and conducting interviews.

Chapter 5 is about forensic image file formats and digital evidence acquisition validation and challenges, including both volatile and nonvolatile memories such as random-access memory (RAM), network information and hard disk drive (HDD), tape, solid-state drive, flash thumb, and so on.

Chapter 6 focuses on using free and open-source software, such as Arsenal Image Mounter, OSFMount, Autopsy, Redline, and Volatility, to analyze hard drive and RAM forensic images. Chapter 7 illustrates some forensic features, including file recovery and format identification, registry analysis of the Windows OS, and specifically Windows 10 features forensics. Chapter 8 looks at web browsers such as Google Chrome, Firefox, and Internet Explorer/Edge, and email forensics through manual analysis, as well as using simple and free tools like NirSoft and Web Historian.

Chapter 9 discusses anti-forensics techniques and the nature of difficulties during forensic investigation, evidence acquisition, and presentation of evidence at trial. Chapter 10 covers open-source intelligence, including benefits and challenges, the deep web and darknets, and legal implications. The short chapter 11 is on creating and writing digital forensics reports, including components such as investigator information, case description, investigation, summary of findings, and explanation of terms.

An unnumbered introduction explores the digital forensics term, and a short summary and index make reading worthwhile. The book claims to target specific audiences, including law enforcement and defense personnel; systems, security, and banking professionals; information technology (IT) students; and especially judges and lawyers who lack a technical background.

More reviews about this item: Amazon