Table of contents for Computer forensics and cyber crime : an introduction / Marjie T. Britz.

Bibliographic record and links to related information available from the Library of Congress catalog.

Note: Contents data are machine generated based on pre-publication provided by the publisher. Contents may have variations from the printed book or be incomplete or contain other coding.

Chapter 1 ¿ Introduction
I.	Cyberspace and Criminal Behavior
II.	Clarification of Terms
III.	Traditional Problems Associated with Computer Crime
a.	Physicality and jurisdictional concerns
b.	Perceived insignificance and stereotypes
c.	Prosecutorial reluctance
d.	Lack of reporting
e.	Lack of resources
f.	Jurisprudential inconsistency
IV.	Extant of the Problem
V.	The Emergence of e-Cash 
a.	Prepaid cards
b.	Stored value cards
c.	Mobile payments
d.	Digital precious metals
VI.	Conclusions
Chapter 2 ¿ Computer Terminology & History
I.	A Brief History of Computers
II.	Computer Language
a.	Understanding Data
III.	Computer Hardware
a.	Input Devices
b.	Output Devices
c.	Hard Drives and Other Mass Storage Devices
IV.	Computer Software
a.	Boot Sequence
b.	Operating System
V.	Alternatives to DOS
a.	Microsoft Windows
b.	Macintosh
VI.	Application Software
VII.	A Brief History of the Internet
VIII.	Network Language
IX.	Realms of the Cyberworld
X.	Categorizing Internet Communications
a.	World Wide Web
b.	Newsgroups/bulletin boards
c.	Internet Relay Chat
XI.	Future Issues and Conclusions
Chapter 3 ¿ Traditional Computer Crime: Hackers and Theft of Components
I.	Introduction
II.	Traditional Problems
III.	Recognizing and Defining Computer Crime
IV.	Three Incidents
V.	Phreakers: Yesterday¿s Hackers
a.	What is phreaking?
b.	The war on phreaking
VI.	Hacking
a.	Defining hacking
b.	Evolution in the hacking community
c.	Contemporary motivation
d.	Hierarchy of Contemporary Cyber-Criminals
i.	Script kiddies
ii.	Cyberpunks
iii.	Hackers/crackers
iv.	Cyber-criminal organizations
v.	Criminal hackers
VII.	Computer components as commodities
VIII.	Theft of intellectual property
a.	Software
b.	Data piracy
c.	WareZ
d.	Film piracy
IX.	Conclusions
Chapter 4 ¿ Contemporary Computer Crime
I.	Neo-Traditional crime
II.	Web based crime
a.	Interference with lawful use of computer
b.	Malware
i.	Viruses & Worms
c.	Denial of Service and DDoS
i.	Botnets & Zombie Armies
d.	Spam
e.	Ransomware
f.	Theft of Information, Data Manipulation & Web Encroachment
i.	Traditional methods of proprietary information theft
ii.	Trade secrets and copyrights
iii.	Political espionage
iv.	Data Manipulation ¿ Political Terrorism
v.	Web Encroachment
g.	Dissemination of Contraband or Offensive Materials
i.	Child Pornography
ii.	Child Enticement/Exploitation
h.	Online Pharmacies
i.	Online Gambling
i.	Lack of International Cooperation and the WTO
j.	\Threatening & Harassing Communications
k.	Online Fraud
i.	Web-Cramming/ISP Jacking
ii.	Fraud vs. Data Manipulation
iii.	IP Spoofing
l.	Securities Fraud and Stock Manipulation
III.	Ancillary Crimes
a.	Money laundering
i.	Process of money laundering
ii.	Fighting money laundering
IV.	Conclusions
Chapter 5 ¿ Identity Theft & Identity Fraud
I.	Introduction
a.	Clarification of terms
II.	Types of Identity Theft/Fraud
a.	Assumption of identity
b.	Theft for employment and/or border entry
c.	Criminal record identity theft/fraud
d.	Virtual identity theft/fraud
e.	Credit theft
III.	Prevalence and Victimology
a.	Victims and the Costs Associated with Victimization
b.	Future Increases
IV.	Physical Methods of Identity Theft
a.	Mail Theft
b.	Dumpster Diving
c.	Theft of Computers
d.	Bag operations
e.	Child Identity Theft
f.	Insiders
g.	Fraudulent or Fictitious Companies
h.	Card Skimming and ATM Manipulation and Fraudulent Machines
V.	Virtual or internet Facilitated Methods
a.	Phishing
b.	Spyware
c.	Trojans
d.	Keyloggers and Password Stealers
VI.	Crimes Facilitated by Identity Theft/ Fraud
a.	Insurance and Loan Fraud
b.	Immigration Fraud and Border Crossings
VII.	Conclusions and Recommendations 
Chapter 6 ¿ Organized Crime & Terrorism
I.	Introduction
II.	Terrorism
a.	Defining Terrorism
b.	Classification Through Motivation
c.	Roots of Contemporary Terrorism
d.	Terrorism as a Stage
e.	Cyberterrorism as a Concept
III.	Terror Online
a.	Propaganda, Information Dissemination, Recruiting, and Fundraising
b.	Training
c.	Research and Planning
d.	Communication
e.	Attack Mechanism
IV.	Terrorism and Crime
a.	Criminal activities
b.	Criminalizing Terrorist Acts
c.	Government Efforts
d.	Summary
V.	Organized Crime
a.	Defining Organized Crime
VI.	Organized Crime and Technology
a.	Extortion
b.	Cargo Heists and Armed Robbery
c.	Fraud
d.	Money laundering
e.	The Sex Trade
f.	Confidence Scams
g.	Fencing of Stolen Property
h.	Data Piracy and Counterfeit Goods
i.	Human Smuggling
VII.	Confronting Contemporary Organized Crime
VIII.	The Intersection Of Organized Crime And Terrorism
Chapter 7 ¿ Avenues for Prosecution and Government Efforts
I. 	Introduction
II.	Traditional Statutes
III.	Evolution of Computer-Specific Statutes
a.	Computer Fraud and Abuse Act of 1986
IV.	Evolving Child Pornography Statutes
V.	Evolving Identity Theft/Fraud Statutes
a.	Identity Theft and Assumption Deterrence Act of 1998
b.	The Financial Modernization Act of 1999
c.	Fair Credit Reporting Act
i.	Major Provisions to FACTA
d.	Identity Theft Penalty Enhancement Act of 2004
e.	Additional Efforts to Protect Personal Information
VI.	Federally Funded Initiatives and Collaborations
VII.	Law Enforcement Operations and Tools in the U.S.
a.	Investigative tools
i.	Packet Sniffers
ii.	Carnivore
iii.	Data Mining
1.	Terrorism Information Awareness Program (TIA)
2.	Computer-Assisted Passenger Prescreening System (CAPPS II)
3.	Multi-State Anti-Terrorism Information Exchange Pilot Project (MATRIX)
4.	Automated Targeting System (ATS)
5.	Terrorist Surveillance Program
b.	Collaborations and Professional Associations
VIII.	International Efforts
a.	OECD and the Select Committee of Experts on Computer-Related Crime of the Council of Europe
b.	Council of Europe¿s (CoEs) Cybercrime Conventions
i.	Financial Action Task Force
ii.	Interpol
iii.	Virtual Global Taskforce (VGT)
iv.	United Nations Convention against Transnational Organized Crime (UNCATOC) and Association of Southeast Asian Nations (ASEAN)
IX.	Conclusions
Chapter 8 ¿ Applying the First Amendment to Computer Related Crime
I.	Introduction And General Principles
II.	Obscenity In General
III.	Traditional Notions Of Decency
IV.	Emerging Statutes And The Availability Of Obscene Material To Children
V.	Defining Child Pornography
VI.	Applying Case Law To Child Pornography Statutes
VII.	Technology-Specific Legislation¿Contention In The Courts
VIII.	Internet Gambling
IX.	Conclusions
Chapter 9 ¿ The Fourth Amendment & Other Legal Issues
I.	Introduction
II.	History of the 4th Amendment
III.	The Expectation of Privacy and Electronic Surveillance
a.	Types of Recognized Privacy
IV.	Electronic Surveillance and the Right to Privacy 
V.	Private v. Public-Sector Searches
VI.	Application of Ortega to E-mail
a.	U.S. v. Simons
b.	U.S. v. Monroe
VII.	The Electronic communications Privacy Act and The Privacy Protection Act 
a.	Electronic Communications Privacy Act of 1986
b.	Three Titles Under ECPA
i.	Title I
ii.	Title II
iii.	Title III
c.	Privacy Protection Act
d.	Defining Interception under ECPA and the PPA
e.	Communications Assistance for Law Enforcement Act
f.	Challenges to the CALEA
g.	Applying the Wiretap Act to E-mail Interceptions ¿ U.S. v. Councilman
VIII.	The Patriot Act
a.	Enhanced Presidential Authority
b.	Electronic Surveillance and Criminal Investigations
i.	Title II and Electronic Surveillance 
c.	National Security Letters and Other 4th Amendment Issues
IX.	Current State of Privacy
a.	Challenges to Warranted Searches
i.	Seizure of Evidence
ii.	Third Party Origination
iii.	Other Arguments Used in Warranted Searches
b.	Warrantless Searches
i.	Consent
ii.	Exigent Circumstances and Emergency Situations
iii.	Incident to Arrest
iv.	Plain View
v.	Border Searches
vi.	Other Warrantless Searches
X.	Other Legal Considerations
a.	Vicinage
b.	Undercover Techniques
c.	Sentencing Guidelines
XI.	Conclusions
Chapter 10 ¿ Forensic Terminology & Developing Forensic Capabilities
I.	An Emerging Discipline
II.	Traditional Problems in Computer Investigations
b.	Inadequate Resources
c.	Lack of Communication and Cooperation Among Agencies 
d.	Over-Reliance on Automated Programs and Self-Proclaimed Experts
e.	Lack of Reporting
f.	Evidence Corruption
III.	Computer Forensic Science and Disk Structure
a.	Disk Structure and Data Storage
b.	Data Location
c.	Partition Table
d.	Data Management- Operating Instructions
e.	Data Integrity
IV.	Developing computer Forensic Science Capabilities
V.	Minimum Hardware Requirements
VI.	Minimum Software Requirements
a.	Data Preservation, Duplication, and Verification Tools
b.	Data Recovery/ Extraction Utilities
i.	Data Analysis Software
ii.	Reporting Software
iii.	Miscellaneous Software
VII.	A Sampling of Popular Forensic Software
a.	Maresware
b.	Guidance Software
c.	Ultimate Tool Kit
d.	Other Forensic Utilities
VIII.	Conclusion
Chapter 11 ¿ Searching and Seizing Computer Related Evidence
I.	Introduction
II.	Pre-Search Activities
a.	Warrant Preparation
i.	Probable Cause
ii.	Seizing Equipment
iii.	No-Knock Warrants
iv.	Secondary/Multiple Warrants
b.	Plan Preparation and Personnel Gathering
i.	On-Scene Personnel
c.	Preparing a Toolkit
i.	Traditional Equipment
ii.	Computer-Specific Equipment and Materials
III.	On-Scene Activities
a.	Knock, notice, document
b.	Securing the scene
c.	Determining the Need for Additional Assistance
d.	Scene Processing
i.	Photograph/Video
ii.	Sketching the Scene
iii.	Identifying Potential Evidence
e.	Locating Evidence
f.	Seizure and Documentation of Evidence
g.	Bagging and Tagging
h.	Interviewing Witnesses
i.	Scene Departure and Transportation of Evidence to Lab
j.	Conclusions
Chapter 12 ¿ Processing Evidence and Report Preparation
I.	An Emerging Discipline 
II.	Aspects of Data Analysis
a.	Establish Forensically Sterile Conditions
b.	Ensure Legitimacy and Capabilities of Analysis Tools
c.	Physical Examination 
d.	Creation and Verification of Image 
e.	Jumping the CMOS Password 
f.	Short Circuiting the Chip 
g.	Pulling the Battery 
h.	Default Passwords 
i.	Social Engineering/ Brute Force
j.	Key Disks 
k.	Image Verification
l.	Logical Examination
m.	Restoration of Files
n.	Listing of Files
o.	Examine Unallocated Space for Data Remnants
p.	Unlocking Files
q.	Brute Force/Social Engineering 
r.	Program Defaults and Program-Specific Crackers 
s.	Examination of User Data Files
t.	Piping of Evidence
u.	Examination of Executable Programs
III.	Non-Windows Operating Systems
a.	Macintosh Operating System
b.	Linux/Unix Operating Systems
IV.	Report Preparation and Final Documentation
V.	 Conclusion
Chapter 13 ¿ Conclusions & Future Issues
I.	Introduction
II.	Traditional Problems and Recommendations
a.	Establishing Technology Neutral Legislation
b.	Establishing accountability for internet users
c.	Increasinging public awareness and research capabilities
d.	Increasing inter-agency and intra-departmental cooperation
e.	Developing relationships between investigative agencies and the private sector
f.	Developing international cooperation
g.	Standardization of accreditation or expertise
h.	Miscellaneous
III.	Additional Approaches to Internet Crime
IV.	Future Trends and Emerging Concerns
a.	Wireless communications
b.	Data hiding: remote storage, encryption, an the like
c.	Governing decency and virtual pornography
d.	Data mining and increased interoperability
V.	Conclusions

Library of Congress Subject Headings for this publication:

Computer security.
Computer crimes.