Cyber Forensics: Examining Emerging and Hybrid Technologies
- Length: 382 pages
- Edition: 1
- Language: English
- Publisher: CRC Press
- Publication Date: 2021-09-13
- ISBN-10: 036752418X
- ISBN-13: 9780367524180
- Sales Rank: #0 (See Top 100 Books)
Threat actors, be they cyber criminals, terrorists, hacktivists or disgruntled employees, are employing sophisticated attack techniques and anti-forensics tools to cover their attacks and breach attempts. As emerging and hybrid technologies continue to influence daily business decisions, the proactive use of cyber forensics to better assess the risks that the exploitation of these technologies pose to enterprise-wide operations is rapidly becoming a strategic business objective. This book moves beyond the typical, technical approach to discussing cyber forensics processes and procedures. Instead, the authors examine how cyber forensics can be applied to identifying, collecting, and examining evidential data from emerging and hybrid technologies, while taking steps to proactively manage the influence and impact, as well as the policy and governance aspects of these technologies and their effect on business operations.
A world-class team of cyber forensics researchers, investigators, practitioners and law enforcement professionals have come together to provide the reader with insights and recommendations into the proactive application of cyber forensic methodologies and procedures to both protect data and to identify digital evidence related to the misuse of these data. This book is an essential guide for both the technical and non-technical executive, manager, attorney, auditor, and general practitioner who is seeking an authoritative source on how cyber forensics may be applied to both evidential data collection and to proactively managing today’s and tomorrow’s emerging and hybrid technologies. The book will also serve as a primary or supplemental text in both under- and post-graduate academic programs addressing information, operational and emerging technologies, cyber forensics, networks, cloud computing and cybersecurity.
Cover Half Title Title Page Copyright Page Dedication Contents Preface Acknowledgements Editor Contributors Chapter 1 Cyber forensics: Compliance and auditing Introduction Cyber Forensics Event Timeline Why Is Cyber Forensics Important? Cyber Forensics and Today’s Auditing Profession Cyber Forensics: A Timeline of Significant Contributions Cyber Forensics: Solving Digital Crimes One Byte at a Time Future Challenges for Cyber Forensics Cyber Forensics Relevant Laws and Regulations Computer Fraud and Abuse Act (CFAA) Cybercrime federal legislation – evolution State Legislation Hacking Laws and Punishments Definition of hacking and types of hackers Federal hacking laws Hacking laws: State laws Cyber Forensics Policies and Controls Policies Guidelines and procedures Performing the Forensic Process Phase 1 – Data collection Phase 2 – Examination Phase 3 – Analysis Phase 4 – Reporting Quality Standards for Digital Forensics Management Standards Workforce Standards Cyber Forensic Certifications CFCE – Certified Forensic Computer Examiner CHFI – Computer Hacking Forensic Investigator GCFA – GIAC Certified Forensic Analyst GCFE – GIAC Certified Forensic Examiner CCE – Certified Computer Examiner Certifications Compared: GCFE vs. CFCE vs. CCE Vendor-specific Certifications EnCase Certified Examiner (EnCE) Certification Program Best Digital Forensics Certifications The Role of Audit in Cyber Forensics External audit’s role in cyber forensics Internal audit Cyber Forensics Case Studies Eminent Cases Solved with Digital Forensics Summary Notes Chapter 2 IoT and the role of cyber forensics The Internet of Things (IoT) – Beginnings Describing the IoT Definitions Purpose Development Characteristics of IoT Devices Sensors Memory and processing Power capacity Operating systems Hardware Communications Intelligence Distributed data storage and processing Cloud computing Fog/edge computing The Problem of Heterogeneity Current Status and Future Trends Statistics Trends New Targets and Tools of Crime Threats at The Edge/Perception/Sensing Layer Threats at The Network/Communication Layer Threats at The Cloud/Fog Layer Recorders of Crime Focus for Executives, Directors, and Managers IoT devices today Home and wearable devices Utilities/energy Health/wellness Business/industrial Transportation Smart cities Vulnerabilities/Risks/Exposure Devices Networks Cloud The Role of Cyber Forensics The Forensic Process The collection phase The examination phase The analysis phase The reporting phase Example Recommendations Risk Mitigation and Preventative Steps Securing the devices Securing the network Securing the cloud Cyber Forensic Processes Engineering examination solutions Summary Questions to Consider Planning questions Security framework questions Legal and contract considerations Law enforcement examiner questions Non-law enforcement examiner questions General examiner questions Acronyms Notes Chapter 3 Cyber forensics: Examining commercial Unmanned Aircraft Systems (UASs) and Unmanned Aerial Vehicles (UAVs) Introduction What Is an Unmanned Aircraft System (UAS)? Uses and MISUSES of Unmanned Aerial Vehicles (UAVs) UAV Cyber Forensic Examination Process Cyber Forensic Examination Challenges UAV and mobile technology Mobile technology, GCS, and UAV forensic examination Challenges facing UAV forensic investigations UAV – Owner/registrant What Type of Data May Be Found on a UAV? Basic UAV forensic artifacts What data are stored on the UAV? Controllerless flight operation Where can data be found? In the UAV Removable memory card (SD, micro SD, etc.) Unmanned Aerial Vehicles: Where Data Can Be Found UAV anatomy Flash memory (NAND, NOR, etc.) Flasher tools Pros and cons of using flasher tools UAV Forensic Examination – Frameworks UAV Data Preservation Has the UAV been tampered with? Data sources to be manipulated Data preservation NIST and the UAV Computer Forensic Reference Datasets (CFReDS) Obtaining forensic evidence UAV Digital Examination – Questions for Management UAV digital forensic examination questions Summary Acronyms Notes Chapter 4 Cloud forensics Cloud Computing Essential Characteristics Service Models Deployment Models Virtualization Virtualization Types Digital Forensics Cloud Forensics Technical Dimension Organizational Dimension Legal Dimension Additional Considerations Forensic Investigation Models Digital Forensic Models Cloud Forensic Models Summary and Future Research Notes Chapter 5 Forensics of the digital social triangle with an emphasis on Deepfakes Introduction Why Is America (and Western Civilization) Vulnerable? Understanding the Relationship between Social Networks, Media, and Engineering Social media Identifying online sites as social media Social Networking Why Is Social Networking So Powerful? Social Engineering Hadnagy’s social engineering pyramid OSINT/Intelligence Pretext development Attack plan Attack launch Reporting OSINT Categories and Types of Social Engineering Traits of Social Engineering Attacks Social Engineering Life Cycle Attack and OODA Loop Models Social Engineering Techniques Phishing (also known as spam phishing) Spear phishing Catfishing Catfish warning signs Whaling Baiting Vishing Pretexting Scareware (deception/fraudware software) Scammy Ads Formjacking Tailgating (piggybacking) Quid pro quo Doxxing Deepfakes Authorship Attribution Centrality Degree Closeness Betweenness Social Network Analysis (SNA) Social Network Investigations in Digital Forensics Stage 1: URL feature extraction Stage 2: Corroborating evidence Social Snapshot Framework Social snapshot client Automated web browser Third-Party social snapshot application Hijack Digital image forensics Analysis Data Tracing for Forensics and Other OSN Methods Deepfake Forensics The process of deepfake creation Tools and skills to generate deepfakes The Process of Producing a Deepfake Deepfake Detection Tools Levels of Forensic Techniques Representative Sampling of Deep fake Forensic Methods In The Blink Of An Eye Biological Signals Neural Networks White and Black-Box Attacks ForensicTransfer Understanding Properties of Fake Images Co-motion Pattern Detection Summary and Future Focus Areas Five Management Awareness Discussion Points for Managers Social Engineering Forensic Discussion Questions Notes Chapter 6 Operational technology, industrial control systems, and cyber forensics Preface Industrial Control Systems (ICSs) Supervisory Control and Data Acquisition (SCADA) Systems SCADA configuration Distributed Control System (DCS) Programmable Logic Controller (PLC) What is inside a PLC? OT, ICS and SCADA Fundamentals Cyber Forensics and Operational Technology Operational Technology Operational Technology and Information Technology Cyber Forensic Examination of Industrial Control Systems ICS Distinct System Environments ICS Cyber Forensic Process Forensic Examination Methodologies for Industrial Control System Environments Challenges in Examining Industrial Control Systems Issues and Concerns When Performing an Examination of Industrial Control Systems The Forensic Process Identifying Potential Sources of Digital Evidence within an ICS Reference clock system Data historian Engineering workstations Field devices Human–Machine Interface (HMI) Programmable Logic Controller (PLC) and Remote Terminal Unit (RTU) Master Terminal Unit (MTU) OPC server Additional sources of ICS data ICS status issues ICS forensic summary ICS Digital Forensic Examination Questions for Management Summary Appendix 6.A: Cyber forensic tools useful in examining industrial control systems Acronyms Notes Chapter 7 Cyber forensics and risk management Overview of Enterprise Risk Management (ERM) Introduction Basics of enterprise risk management (ERM): How to get started What is enterprise risk management (ERM)? Some of the advantages of a successful ERM program ERM components The five ERM components Summary Considerations for Cyber Risk Management What is cyber risk management? ERM essential elements Seven considerations for cyber risk management Prepared, not bullet proof Cyber forensics and insider threats Summary Cyber Risk Management and the U.S. Government NIST risk management framework background Risk management framework (RMF) overview Risk-based approach Federal information security management act (FISMA) FISMA background Office of management and budget (OMB) Overview Summary Assessing Cyber Forensics Risk Digital forensic risk management process Calculating forensic risk Risk assessment – heat map Risk monitoring Summary How Cyber Forensic Readiness Reduces Business Risk Introduction What is forensic readiness? A forensic readiness implementation guide Summary Notes Chapter 8 Mobile device forensics: An introduction Introduction Computer forensics versus mobile device forensics Mobile Devices Mobile device hardening Mobile devices: a peek inside Personal Computer Forensics vs Mobile Device Forensics Now for the ultimate difference. It Depends! The Mobile Device: Operating Specs Mobile Device Data Recovery and Analysis Mobile device forensic suites The Mobile Device Forensic Process Seize the mobile device Secure the mobile device Identify the device Data recovery JTAG Accessing mobile device memory In System Programming (ISP) Where’s my data? Chip off NOR flash memory NAND flash memory Chip off – Heat flow technique Chip off – Mechanical technique Analysis Case example User attribution SQLite databases Reporting Summary Acronyms Notes Chapter 9 Forensic accounting and the use of E-discovery and cyber forensics Introduction Discovery Criminal Discovery Civil Discovery Limitations on Civil Investigations versus Criminal Investigations Electronically Stored Information (ESI) The E-Discovery Process Criminal E-Discovery Civil E-Discovery Evidentiary Issues Admission of ESI Authentication of ESI evidence Relevance and hearsay Daubert Conclusion Notes Chapter 10 Cyber forensic tools and utilities NIST Computer Forensics Tools and Techniques Catalog NIST – Computer Forensics Tool Testing Program (CFTT) Methodology overview Methodology process CFTT Technical Information CFTT Raw Test Files Overview Federated testing project Shared test suites Shared test reports Sharing test results Downloads CFReDS Cyber Forensic Tools and Utilities The top 10 Cyber forensics tools top 10 overviews Forensics Tools – Interviews with The Experts Summary Appendix 10.A: Interviews with Greg Chatten and Andrew Hrenak Interview #1 with greg chatten Interview #2 with andrew hrenak Notes Index
Donate to keep this site alive
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.