Hiding behind the keyboard : uncovering covert communication methods with forensic analysis

Hiding behind the keyboard uncovering covert communication methods with forensic analysis

Hiding Behind the Keyboard: Uncovering Covert Communication Methods with Forensic Analysis exposes the latest electronic covert communication techniques used by cybercriminals, along with the needed investigative methods for identifying them. The book shows how to use the Internet for legitimate cov...

Descripción completa

Detalles Bibliográficos
Otros Autores: Shavers, Brett, author (author), Blair, John, author (editor), Leibrock, Larry, editor
Formato: Libro electrónico
Idioma:Inglés
Publicado: Cambridge, MA : Elsevier [2016]
Edición:First edition
Materias:
Microsoft Windows (Computer file)
Operating systems (Computers)
Computer security.
Computer networks > Security measures.
Computer crimes.
Ver en Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009629898406719
Tabla de Contenidos:
  • Front Cover
  • Hiding Behind the Keyboard
  • Hiding Behind the Keyboard: Uncovering Covert Communication Methods with Forensic Analysis
  • Copyright
  • Contents
  • Foreword
  • INTRODUCTION
  • Introduction
  • WHAT THIS BOOK IS AND IS NOT
  • THE INTENDED AUDIENCE
  • Duration of Relevance for This Guide
  • SUMMARY
  • About the Authors
  • BRETT SHAVERS
  • JOHN BAIR
  • Acknowledgments
  • 1 - Laying the Foundation of Covert Communications
  • INTRODUCTION
  • A BRIEF HISTORY OF COVERT COMMUNICATION
  • COVERT COMMUNICATION OVERLOAD
  • Investigative Goals
  • COVERT COMMUNICATION GOALS
  • SUMMARY
  • REFERENCES
  • 2 - The Tor Browser
  • INTRODUCTION
  • HISTORY AND INTENDED USE OF THE ONION ROUTER
  • Two Ways of Looking at The Onion Router
  • HOW THE ONION ROUTER WORKS
  • A Few Important Points About Tor
  • From a Tor User's Perspective
  • So What's the Big Deal?
  • From Your Perspective
  • FORENSIC ANALYSIS OF THE ONION ROUTER
  • TRACKING CRIMINALS USING TOR
  • USED IN COMBINATION OF OTHER TOOLS AND METHODS
  • TAILS
  • RELATED TOR TOOLS AND APPLICATIONS
  • Hidden Services
  • SUMMARY
  • REFERENCES
  • 3 - Triaging Mobile Evidence
  • LOGICAL DATA
  • PHYSICAL DATA
  • EXAMPLES OF LOGICAL AND PHYSICAL DATA
  • WIRELESS CARRIERS
  • MOBILE NETWORK OPERATORS
  • MOBILE VIRTUAL NETWORK OPERATOR
  • DETERMINING TARGET NUMBER
  • FONEFINDER.NET
  • NUMBER PORTABILITY ADMINISTRATION CENTER
  • SEARCH.ORG
  • SUBSCRIBER IDENTITY MODULE
  • INTERNAL HARDWARE OF A SIM
  • THE SIM FILE SYSTEM
  • SIM SIZES AND EVOLUTION
  • TYPICAL EVIDENCE
  • SIM SECURITY-PIN AND PUK
  • TRIAGING DEVICES
  • DEVICES POWERED "ON"
  • DEVICES LOCATED "OFF"
  • MANUAL EXAMS
  • TOOLS AVAILABLE
  • Cellebrite USB Camera
  • Fernico ZRT
  • Project-A-Phone
  • Eclipse Kit 3
  • SOFTWARE SOLUTIONS
  • ScreenHunter
  • Snagit
  • Other Options
  • CHAPTER SUMMARY POINTS
  • REFERENCES FOR MANUAL TOOLS.
  • 4 - Mobile Extraction Issues
  • FLASH MEMORY
  • EMBEDDED MULTIMEDIA CARD, EMBEDDED MULTICHIP PACKAGE, AND MULTICHIP PACKAGE
  • THE FUNCTION OF NAND
  • NAND Operation Rules
  • Wear Leveling and Garbage Collection
  • SQLite Databases
  • How Does All This Present Problems?
  • ENCODING
  • Binary
  • Binary to Decimal
  • Hexadecimal
  • American Standard Code for Information Exchange
  • Unicode
  • Big and Little Endian
  • Nibble Reversed
  • Seven-Bit Short Message Service Protocol Description Unit
  • EPOCHS
  • UNIX
  • Unix 48 bit
  • UNIX Decimal 10Byte
  • GPS
  • AOL
  • GSM
  • Decimal Format
  • 64bit
  • File Time Formatted
  • HTML
  • JAVA
  • MSDOS
  • Binary-Coded Decimal
  • ISO 8601
  • Bit Date
  • MAC Absolute
  • CELLEBRITE PHYSICAL ANALYZER
  • Project Tree Example
  • Multimedia Message Service
  • USER-INSTALLED APPLICATIONS
  • USER-ENABLED SECURITY
  • BST
  • IP-Box and MFC Dongle
  • Advanced Nondestructive Exams-Joint Test Action Group
  • Destructive Exams
  • ADVANCED VALIDATION
  • Ultra Compare Professional
  • Chapter Summary
  • REFERENCES FOR LISTED TOOLS
  • 5 - Data Hiding
  • INTRODUCTION
  • WHAT IS STEGANOGRAPHY
  • HIDING DATA BEHIND DATA
  • STEGANALYSIS
  • Intercepted Steganography Files
  • Steganalysis Applications
  • How Much Information Can Be Hidden
  • STEGANOGRAPHY METHODS
  • Investigative Steps
  • RELEVANT CASES
  • SUMMARY
  • REFERENCES
  • 6 - Cryptography and Encryption
  • INTRODUCTION
  • BRIEF HISTORY OF ENCRYPTION AND CRYPTOGRAPHY
  • Tell Me What I Need to Know
  • BASIC WORKING KNOWLEDGE
  • HARDWARE
  • Big Boy Encryption Toys
  • Here Come the Computers
  • Ease of Use Makes It User-Friendly
  • PUBLIC AND PRIVATE KEYS
  • Breaking Encryption
  • THE KEY IS THE KEY
  • SO TELL ME SOMETHING I CAN DO ABOUT THIS!
  • When Nothing Works
  • BACK TO STEGANOGRAPHY
  • SUMMARY
  • REFERENCES
  • 7 - Antiforensics
  • INTRODUCTION.
  • THE EASY AND VERY EFFECTIVE METHODS
  • Hiding the Evidence
  • Whole Device Encryption
  • Data Wiping
  • Physical Destruction
  • THE BEST METHODS AREN'T THE MOST COMMONLY USED METHODS
  • ANOTHER SIMPLE METHOD
  • FILE SIGNATURE MANIPULATION
  • TIME STAMP MODIFICATIONS
  • DECOY STORAGE DEVICES
  • PORTABLE APPS
  • HIDDEN OPERATING SYSTEMS
  • VIRTUAL MACHINES
  • PLANNING AGAINST ANTIFORENSICS
  • FINDING COMMUNICATION RECORDS ON HARD DRIVES
  • Locked Computers
  • Mobile Devices
  • WHEN ALL ELSE FAILS OR IS LIKELY TO FAIL
  • SUMMARY
  • REFERENCES
  • 8 - Electronic Intercepts
  • INTRODUCTION
  • VALUE OF ELECTRONICALLY INTERCEPTED COMMUNICATIONS
  • AUTHORITY AND NECESSITY
  • TECHNOLOGY
  • Capture Communications at the Source
  • Capture Communications at the Receiver
  • Trap and Trace/Pen Registers/Dialed Number Recorders
  • Wiretaps
  • Internet
  • TECHNICAL BARRIERS
  • FINDING CELL PHONE NUMBERS
  • SUMMARY
  • REFERENCES
  • 9 - Digital Identity
  • INTRODUCTION
  • IDENTITY
  • Biometric Identity
  • Digital Identity
  • FINDING THE DIGITAL IDENTITY
  • First Things First
  • Dark Web
  • Third-Party Providers
  • SUMMARY
  • REFERENCES
  • 10 - Putting It All Together
  • INTRODUCTION
  • COLLECTING REAL-TIME COMMUNICATIONS
  • Online Communications
  • Electronic Intercepts
  • COLLECTING HISTORICAL COMMUNICATIONS
  • Online Historical Information
  • Government Access Resources
  • From Seized Electronic Devices
  • TURNING INFORMATION INTO INTELLIGENCE
  • Link and Social Networking Analysis
  • THE (VIRTUALLY) IMPOSSIBLE
  • Cryptography and Steganography
  • Software Applications
  • Tor and Anonymous Chat
  • Devices
  • NON-TECH COMMUNICATIONS
  • PUTTING THE CASE TOGETHER
  • Associations and Relationships Analysis
  • SUMMARY
  • REFERENCES
  • 11 - Closing Thoughts
  • INTRODUCTION
  • PRIVACY EXPECTATIONS
  • LEGAL AND TECHNICAL CONSIDERATIONS
  • Legal Considerations.
  • Technical Considerations
  • The Internet Does Connect to the Physical World
  • Technology Makes Crimes Easier to Commit and Easier to Get Caught
  • SUMMARY
  • REFERENCES
  • Index
  • A
  • B
  • C
  • D
  • E
  • F
  • G
  • H
  • I
  • J
  • K
  • L
  • M
  • N
  • O
  • P
  • Q
  • R
  • S
  • T
  • U
  • V
  • W
  • X
  • Back Cover.

Ejemplares similares