Digital forensic science, or digital forensics, is the application of scientific tools and methods to identify, collect, and analyze digital (data) artifacts in support of legal proceedings. From a more technical perspective, it is the process of reconstructing the relevant sequence of events that have led to the currently observable state of a target IT system or (digital) artifacts.
Over the last three decades, the importance of digital evidence has grown in lockstep with the fast societal adoption of information technology, which has resulted in the continuous accumulation of data at an exponential rate. Simultaneously, there has been a rapid growth in network connectivity and the complexity of IT systems, leading to more complex behavior that needs to be investigated.
The goal of this book is to provide a systematic technical overview of digital forensic techniques, primarily from the point of view of computer science. This allows us to put the field in the broader perspective of a host of related areas and gain better insight into the computational challenges facing forensics, as well as draw inspiration for addressing them. This is needed as some of the challenges faced by digital forensics, such as cloud computing, require qualitatively different approaches; the sheer volume of data to be examined also requires new means of processing it.
Table of Contents
Definitions and Models
Open Issues and Challenges
About the Author(s)Vassil Roussev
, University of New Orleans
Vassil Roussev is a Professor of Computer Science and the Director of the Cyber Security program at the University of New Orleans. Since 2004, Roussev's primary research area has been digital forensics, with a particular emphasis on performance and scalability issues. He is a member of the NIST Working Group on Approximate Matching, and is a Co-Founder and Director of the DFRWS non-profit organization. DFRWS promotes digital forensic research via its two annual technical conferences, in North America and Europe, and the publication of annual challenges and research data sets. Vassil Roussev is an Editor of the Journal of Digital Investigation and the Journal of Digital Forensics, Security and Law, and is the author of over 50 peer reviewed publications in cyber security and digital forensics. He received B.S. and M.S. degrees from Sofia University, as well as M.S. and Ph.D. degrees in Computer Science from the University of North Carolina-Chapel Hill.