Book Review: Challenges to Digital Forensic Evidence

Similar documents
Book Review: Digital Crime and Forensic Science in Cyberspace

How to Write a Paper for a Forensic Damages Journal

Department of American Studies M.A. thesis requirements

Career Research Paper. Instructions

Journal of Equipment Lease Financing Author Guidelines

How to write & publish your research results

The editorial process for linguistics journals: Survey results

EDITORIAL POLICY. Open Access and Copyright Policy

University of the Potomac WRITING STYLE GUIDE 2013

Peer Review Process in Medical Journals

An Advanced Workshop on Publication Methods in Academic and Scientific Journals HOW TO PUBLISH. Lee Glenn, Ph.D. November 6 th, 2017

[PDF] The Elements Of Graphic Design

ICOMOS Charter for the Interpretation and Presentation of Cultural Heritage Sites

BOOK REVIEWS. Yale Law Journal. Volume 23 Issue 8 Yale Law Journal. Article 7

Cause and effect essay example pdf >>>CLICK HERE<<<

TEACHER/SCHOLAR OF THE YEAR University of Florida TEMPLATE

RESEARCH PAPER. Statement of research issue, possibly revised

Information for organisations seeking to be prescribed as a 'key cultural institution'

I. GENERAL OVERVIEW OF RECENT MAJOR DEVELOPMENTS AND RELATIONSHIP TO GOVERNMENT

SENTENCING ADVOCACY WORKSHOP. Storytelling at Sentencing. Tony Natale, Assistant Federal Public Defender, West Palm Beach, FL

ISO Digital Forensics- Video Analysis

ESTIMATING AND COSTING FOR THE METAL MANUFACTURING INDUSTRIES (COST ENGINEERING) BY ROBERT CREESE, M. ADITHAN

How to be an effective reviewer

Should the Journal of East Asian Libraries Be a Peer- Reviewed Journal? A Report of the Investigation and Decision

LITERAL UNDERSTANDING Skill 1 Recalling Information

ABOUT ASCE JOURNALS ASCE LIBRARY

Publishing India Group

The Routledge Course in Translation Annotation: Arabic-English-Arabic

PUBLISHING 101: NAVIGATING THE ACADEMIC PUBLISHING PROCESS SURVIVAL SKILLS FOR GRADUATE STUDENTS MISSISSIPPI STATE UNIVERSITY LIBRARIES

ESCAPE: HOW TO BEAT THE NARCISSIST BY H G TUDOR DOWNLOAD EBOOK : ESCAPE: HOW TO BEAT THE NARCISSIST BY H G TUDOR PDF

The Write Way: A Writer s Workshop

How to publish your results

How to publish your results

Ronald N. Morris & Associates, Inc. Ronald N. Morris Certified Forensic Document Examiner

PUBLISHER FOR NEW AUTHORS. Information for. new Authors

Grading Summary: Examination 1 45% Examination 2 45% Class participation 10% 100% Term paper (Optional)

The Publishing Landscape for Humanities and Social Sciences: Navigation tips for early

WRITING A REVIEW FOR JTW: REFLECTING ON SCHOLARSHIP

Co-Publishing Music History Online: Strategies for Collaborations between Senior and Junior Scholars. James L. Zychowicz, Ph. D.

adfh Digital Crime and Digital Terrorism

LANGAUGE AND LITERATURE EUROPEAN LANDMARKS OF IDENTITY (ELI) GENERAL PRESENTATION OF ELI EDITORIAL POLICY

Book Review: Treatise of International Criminal Law, Vol. i: Foundations and General Part, Oxford University Press, Oxford, 2013, written by Kai Ambos

Department of American Studies B.A. thesis requirements

So You Have to Write a Paper? Consider Writing a Literature Review

History. Ancient Laws and Institutes of England

Welcome to the Purdue OWL. Evaluating Sources: Overview

How to Publish A scientific Research Article

** There is no excuse for sloppy referencing. Follow the directions below exactly.

Choral Sight-Singing Practices: Revisiting a Web-Based Survey

someone paper for research for research for someone research someone for

GUIDELINES TO AUTHORS

Geological Magazine. Guidelines for reviewers

Welcome to the Library Intro to Human Services Fall 2009 Comparing Magazine and Journal Articles. What is a Periodical Database?

Legal Research & Writing For Paralegals PDF

Legal Research Refresher: Secondary Authority Guide

GUIDELINES FOR THE PREPARATION OF A GRADUATE THESIS. Master of Science Program. (Updated March 2018)

Scientific Literature

Classroom. Chapter 3: Lesson 13

Campus Academic Resource Program Quick Reading: most important

Elegant Essay Checklists

Enabling editors through machine learning

MAKING MUSIC MAKE MONEY: AN INSIDER'S GUIDE TO BECOMING YOUR OWN MUSIC PUBLISHER (BERKLEE PRESS) BY ERIC BEALL

The Chicago. Manual of Style SIXTEENTH EDITION. The University of Chicago Press CHICAGO AND LONDON

Code Number: 174-E 142 Health and Biosciences Libraries

How to write a research paper based on a book >>>CLICK HERE<<<

Seeing Through Legalese

Attitudes to teaching and learning in The History Boys

PROFESSION WITHOUT DISCIPLINE WOULD BE BLIND

ANAHID'S GOURMET COOKBOOK BY ANAHID DONIGUIAN DOWNLOAD EBOOK : ANAHID'S GOURMET COOKBOOK BY ANAHID DONIGUIAN PDF

A STEP-BY-STEP PROCESS FOR READING AND WRITING CRITICALLY. James Bartell

Turn Your Idea into a Publication

Student Use of the Internet for Research Projects: A Problem? Our Problem? What Can We Do About It?

tip writings literature essays tip writings literature tip. essay writing tips essay

Dashboard Lesson 3: Cite Right with APA Palomar College, 2014

AUTHOR DECLARATION FORM

Writing & Submitting a Paper for a Peer Reviewed Life Sciences Journal

BIBLIOGRAPHIC INSTRUCTION FOR THE GEOSCIENCE UNDERGRADUATE: A DIGITAL WONDERLAND OR LOST IN SPACE?

Advantages of a Deposition

Interesting topic for research paper >>>CLICK HERE<<<

LM-5300.OL Credits: 3 Literature (CRN: )

Higher Education Research Data Collection (HERDC): Publications issues paper

Journal Papers. The Primary Archive for Your Work

Publishing Your Research in Peer-Reviewed Journals: The Basics of Writing a Good Manuscript.

Author Directions: Navigating your success from PhD to Book

ArtsECO Scholars Joelle Worm, ArtsECO Director. NAME OF TEACHER: Ian Jack McGibbon LESSON PLAN #1 TITLE: Structure In Sculpture NUMBER OF SESSIONS: 2

writes org Org write Org write paper Org paper review, write org

WEB FORM F USING THE HELPING SKILLS SYSTEM FOR RESEARCH

RESEARCH SOURCES A CRITICAL EVALUATION

Outline for an essay in mla format >>>CLICK HERE<<<

Music in Therapy for the Mentally Retarded

Lester Faigley Interview Transcript

Date Effected May 20, May 20, 2015

Trombone Study at the University of Florida

STANFORD LAW & POLICY REVIEW SOURCEPULLING GUIDE

A-Z Dream Symbology Dictionary

1.1 What is CiteScore? Why don t you include articles-in-press in CiteScore? Why don t you include abstracts in CiteScore?

History. Journal of an Embassy from the Governor General of India to the Court of Ava, in the year 1827

Secrecy in Limbo: What the Most Recent Settlement with the IRS Means for UBS and the Rest of the Swiss Banking Industry

TOURISM ECONOMICS AND POLICY (ASPECTS OF TOURISM) BY LARRY DWYER, PETER FORSYTH, WAYNE DWYER

Suggested Publication Categories for a Research Publications Database. Introduction

Transcription:

Publications 2008 Book Review: Challenges to Digital Forensic Evidence Gary C. Kessler Champlain College - Burlington, kessleg1@erau.edu Follow this and additional works at: http://commons.erau.edu/publication Part of the Information Security Commons Scholarly Commons Citation Kessler, G. C. (2008). Book Review: Challenges to Digital Forensic Evidence. Journal of Digital Forensics, Security and Law, 3(1). Retrieved from http://commons.erau.edu/publication/134 This Book Review is brought to you for free and open access by Scholarly Commons. It has been accepted for inclusion in Publications by an authorized administrator of Scholarly Commons. For more information, please contact commons@erau.edu.

BOOK REVIEWS Gary C. Kessler Editor Champlain College Burlington, VT 05401 gary.kessler@champlain.edu INTRODUCTION This issue presents the fifth Book Review column for the JDFSL. It is an experiment to broaden the services that the journal provides to readers, so we are anxious to get your reaction. Is the column useful and interesting? Should we include more than one review per issue? Should we also review products? Do you have suggested books/products for review and/or do you want to write a review? All of this type of feedback -- and more -- is appreciated. Please feel free to send comments to Gary Kessler (gary.kessler@champlain.edu) or Glenn S. Dardick (gdardick@dardick.net). BOOK REVIEW Cohen, F. (2008). Challenges to Digital Forensic Evidence. Livermore, CA: Fred Cohen & Associates. 129 pages, ISBN: 1-878109-41-3, US$39. Reviewed by Gary C. Kessler (gary.kessler@champlain.edu) This book is about evidence gleaned as the result of the digital forensics process and providing expert testimony about that evidence. I am always suspicious when someone self-proclaims themselves as an "expert" although all authors are doing just that, at least by inference. Readers who are familiar with the author, Fred Cohen, or his large body of published works will know that he neither proclaims his expertise quietly nor inaccurately. Indeed, Cohen is an ideal person to weigh in on the topic of suitability and malleability of information acquired from computers and about providing testimony about that information and the process with which it was found. Cohen's relatively short, self-published monograph is a very personal text that clearly draws on his years of experience. Written in the first person and largely devoid of external references (except for the occasional legal citation), you can practically hear Cohen speaking to you as you read the book; while reading it, I felt like I was back in a classroom. The book has six chapters, each of which ends with a set of questions, most of which I found to be interesting, pertinent, and thought-provoking, further adding to the feeling of being back in a seminar course. Chapter 1 is an introduction to the rest of the book. Cohen here sets the stage to who he is, why you should read the book, and why he wrote the book. The 57

personal nature of the writing becomes evident on page 1. Chapter 2 is titled "Overview" and is the second longest chapter of the book. This chapter reviews the basics of digital evidence and starts to outline where the process of digital evidence collection can go wrong -- i.e., the faults that can occur in the process, ranging from identifying and collecting evidence to imaging and analysis. This chapter concludes with a too-brief (in my opinion) discussion of the scientific method and application of Daubert principles. Chapter 3, "Mechanics of Writing Expert Rebuttals," starts with an outline of a digital forensics report. Cohen spends time here discussing why he prefers use of the first-person personal voice when writing a computer forensics reports rather than the common academic/scientific practice of using the third-person impersonal. It is a departure from some of the common wisdom but flows well into a chapter that discusses why we -- as experts -- need to disclose our errors, experiment to prove to ourselves even those things that we know to be true, and be very careful with version control of reports. Chapter 4 -- the longest chapter, occupying just more than a third of the book -- is a presentation of case studies. This chapter is where Cohen's experience as both an engineer and expert witness really shows and the stories here provide some interesting insights that readers will generally not find in standard academic texts. One of the case studies worth mentioning was about the use of Message Digest 5 (MD5) hashing. Too many practitioners rely too heavily on hashes, so much so that they sometimes forget whet the role of the hash it. Cohen observes that an MD5 checksum does not prove that the forensics copy of media matches the original but does validate the work we performed based upon our knowledge, experience, and training. This may sound like it is splitting hairs, but there is a precision in our language and word choices, and we must be careful about how we express ourselves, particularly in the legal and scientific settings. Chapter 5 is another too-short section of the book, this one describing testimony. Although I would like Cohen to have written more, what he does have provides excellent advice to the expert witness: be prepared, tell the truth and only what you know, don't say too much, learn to say "I don't know," and - - my personal favorite -- think before you talk. The final chapter, "How to Avoid Being Challenged," is a mere three pages (including end-of-chapter questions). The message, simply, is that computer forensics examiners need to be thorough and professional. Digital evidence is what it is and most successful challenges occur when the expert has made procedural errors or assertions that cannot be supported by the evidence. If we do our jobs well, we are told, challenges should be a minor issue. While this is all undoubtedly true, it does seem a bit glib to so state and leave it there; I wish 58

that this chapter was longer. In fact, I wish that the whole book was longer. Two chapters (2 and 4) occupy one -third of the book and I think that most of the remaining chapters could use deeper treatment. But this is largely because I liked the book and think that it adds a lot to the professional bookshelf and the classroom. It's not perfect, by any means, and Cohen does not pretend that this is the last word on any of these topics; few other books, however, pay this much attention to guiding computer forensics professionals though this aspect of their job. I do have some minor quibbles with the book. First, as alluded to above, I wish that the book had more references, although I recognize the difficulty in a personal book such as this. Second, I found the organization of the chapters to be a little challenging because I could not clearly distinguish between headings and subheadings. And, finally, the book is ostensibly about forensics evidence. While I fully understand how we use that term in our profession, I recall what an attorney told me some years ago: "It ain't evidence until the Court says it's evidence." But, no matter. Cohen's book is well-suited as both a text in a senior level undergraduate or graduate course in a digital forensics program or as a professional reference. Although it is certainly not the only text to read about these issues, Cohen is a well-qualified author and has written a book that is both an easy read yet quite meaty. Whether you follow or reject Cohen's advice, reading the book will stimulate discussion and positively affect how you do your job. 59

60

2024 © artsdocbox.com Privacy Policy | Terms of Service | Feedback