"
Digital Evidence and Computer Crime provides an introduction to many concepts from computer science about networks, and in particular the Internet. It details the application of forensic science principles to the location, recovery, and examination of digital evidence...Each chapter in the book is fully supported by case examples to clarify particular points made. It also contains many references to specialized literature and on-line resources as well as a helpful glossary of terms...this book can be recommended mainly for people looking to expand their general knowledge and awareness of computer crime and the process of computer crime investigation, particularly those just entering the field of digital forensics."
-Dr. L.W. Russell, SCIENCE & JUSTICE
"This is the right book for the times."
-Lori Fenna, Chair, ELECTRONIC FRONTIER FOUNDATION
"I had the enjoyable task of reviewing the galley proofs for Eoghan Casey's fine introductory book:
Digital Evidence and Computer Crime recently, and I highly recommend it for anybody who is just entering the field of digital forensics.
This book has many fine features, including coverage of the basics of criminal investigation, legal issues in digital forensics, and of course, the technical information you need to get started in the field and understand what the experts are talking about. It covers the who, what, why, when, where, and how of digital evidence, addresses means, motive, and opportunity, and addresses the big picture issues very well. While I wouldn't take it on-scene, I think it is a valuable resource and well suited as a text for a first courses in digital forensics, or as a general reference for the field as it exists today. Regardless of whether your background is in the law, criminal investigation, or computers, this book is a useful resource.
I was particularly enamored with the number of examples included in the book. These case studies and situational demonstrations bring the book to life and add meaning that you can't get from a dry academic book, regardless of its coverage of details. The notions of remembering the victim and their link to the crime, the descriptions of complexities associated with Internet crime and globalization, and the concepts of investigation and sleuthing help the reader understand the difference between investigation and academics.
But Casey doesn't stop there. He goes on to include an extensive glossary, excellent citations, a useful index, sample printouts, URLs of well known sites, and a multimedia supplement (which was not available at the time of my review). All told, this book does a fine job of introducing the area and provides a useful resource for the active practitioner."
-Fred Cohen, Sandia National Laboratories, Livermore, California, USA
"This book addresses a diverse audience: law enforcement people who collect evidence, forensics scientists who perform analyses, lawyers who provide legal counsel, and technical people such as computer security professionals, programmers, and system administrators who can be called upon to produce digital evidence.
Digital Evidence gives an introduction to concepts from computer science (computer architecture, protocols, applications), forensics science (recovering, reconstructing and analyzing evidence), and behavioral analysis (modus operandi, motivation, what makes an offender choose a specific victim or target). For those who wish to know more, the book gives references to specialized literature and on-line resources. The sections on legal issues are a bit U.S.-specific, but can still be of interest to non-U.S. readers. To the investigator, the book gives a flavor of what it takes to examine a PC, MAC, NT or UNIX system, or to gather evidence at various layers of network protocols, including wireless networks. With computers, emphasis is on capturing disk information. With computer networks, emphasis is on the application layer: web, mail, news, and irc/icq. The book gives examples of common forgeries with email and usenet postings, and mentions IP spoofing without going into the technicalities.
To the legal person, the book gives a flavor of the challenges that one has to face when gathering digital evidence. Especially with information retrieved across networks it can be difficult to prove that data is authentic. And as the email and usenet examples show, it is relatively easy to forge time stamp and/or address information, but the book also shows that it is relatively easy to be found out.
Perhaps the most useful sections of the book are the ones with guidelines for how to perform specific investigations."
-Wietse Venema, IBM T.J. WATSON RESEARCH CENTER, U.S.A.
As a place to begin in the investigation of
computer-based crime, Digital Evidence and
Computer Crime represents a very good start.
Fortunately, he (the author) provides well-written and easily understandable explanations, albeit technically abbreviated, throughout. Perhaps, the best aspect of this book is the inclusion of case examples, which highlight various points Mr. Casey makes throughout. This book is a great resource for any individual seeking knowledge or beginning to understand this growing phenomenon, as well as some of the issues associated with the operational and related strategic challenges. - Resident Agent in Charge Matt Parsons U.S. Naval Criminal Investigative Service in FBI Law Enforcement Bulletin
In Digital Evidence and Computer Crime, however, Eoghan Casey brilliantly articulates technical details in lay terms for a wide audience ranging from those will little or no computer-related experience to knowledgeable experts in the field. Casey Amazingly translates sophisticated technological issues and concepts into straightforward, easy-to-understand language. For the experienced computer technician, Digital Evidence and Computer Crime extends technology into the realm of crime and the disciplines of criminal justice and the behavioral sciences. In conclusion, Digital Evidence and Computer Crime is written for a broad audience. It can be used as a textbook to guide academic curricula in any discipline and at any level - high school or college, undergraduate or graduate. The book also has great potential for courses on professional development, for managers and employees having little computer experience; or, the book may be simply enjoyed as leisure reading for anyone interested in 21st century cyber issues. However, this book should be required reading for certain groups of indiviuals, including defense lawyers, prosecutors, judges, law enforcement officers, security administrators and criminal justice teachers and their students. - Judith M. Collins, Associate Professor of Industrial and Organizational Psyschology, School of Criminal Justice, Michigan State Univerty in the Journal of Forensic Science
