Digital triage forensics [electronic book] : processing the digital crime scene / by Stephen Pearson, Richard Watson.

Enhanced descriptions from Syndetics:

Digital Triage Forensics: Processing the Digital Crime Scene provides the tools, training, and techniques in Digital Triage Forensics (DTF), a procedural model for the investigation of digital crime scenes including both traditional crime scenes and the more complex battlefield crime scenes. The DTF is used by the U.S. Army and other traditional police agencies for current digital forensic applications. The tools, training, and techniques from this practice are being brought to the public in this book for the first time. Now corporations, law enforcement, and consultants can benefit from the unique perspectives of the experts who coined Digital Triage Forensics. The text covers the collection of digital media and data from cellular devices and SIM cards. It also presents outlines of pre- and post- blast investigations.

This book is divided into six chapters that present an overview of the age of warfare, key concepts of digital triage and battlefield forensics, and methods of conducting pre/post-blast investigations. The first chapter considers how improvised explosive devices (IEDs) have changed from basic booby traps to the primary attack method of the insurgents in Iraq and Afghanistan. It also covers the emergence of a sustainable vehicle for prosecuting enemy combatants under the Rule of Law in Iraq as U.S. airmen, marines, sailors, and soldiers perform roles outside their normal military duties and responsibilities. The remaining chapters detail the benefits of DTF model, the roles and responsibilities of the weapons intelligence team (WIT), and the challenges and issues of collecting digital media in battlefield situations. Moreover, data collection and processing as well as debates on the changing role of digital forensics investigators are explored.

This book will be helpful to forensic scientists, investigators, and military personnel, as well as to students and beginners in forensics.

Table of contents provided by Syndetics

• Preface (p. vii)
• Introduction (p. ix)
• About the Authors (p. xiii)
• Chapter 1 New Age of Warfare: How Digital Forensics is Reshaping Today's Military (p. 1)
• Yesterday's ôBooby Trapö Is Today's IED (p. 1)
• The Invention of WIT (p. 4)
• ôCSIö Baghdad: Today's Intelligence Is Tomorrows Evidence (p. 8)
• Actionable Intelligence and Its Effect on the Battlefield (p. 9)
• Soldiers to ôBattlefield Copsö (p. 9)
• Summary (p. 11)
• References (p. 11)
• Chapter 2 Digital Triage Forensics and Battlefield Forensics (p. 13)
• Introduction (p. 13)
• DTF and Battlefield Forensics (p. 13)
• How does Evidence go from the Battlefield to the Lab? (p. 21)
• Five Levels of Exploitation of WIT Materials (p. 22)
• Summary (p. 23)
• References (p. 24)
• Chapter 3 Conducting Pre/Postblast Investigations (p. 25)
• Introduction (p. 25)
• WITs Role Within the EOD Team (p. 25)
• Premission Preparations (p. 26)
• Scene Safety (p. 28)
• On Scene IED Analysis (p. 30)
• Photograph! Photograph! Photograph! (p. 36)
• Preblast Investigative Steps (p. 40)
• Postblast Investigative Steps (p. 48)
• Detainee Operations as it Pertains to WIT (p. 53)
• Summary (p. 56)
• Chapter 4 Using the DTF Model to Process Digital Media (p. 57)
• The changing location of Digital Evidence containers (p. 57)
• What hardware do I need to conduct a Cradle-to-Grave Battlefield investigation? (p. 58)
• Characteristics of Digital Media (p. 64)
• Stephen's Quick and Dirty Guide to Understanding Digital Forensics (p. 65)
• Brief Overview of Digital Storage Concepts (p. 72)
• Processing Digital Media using the Digital Triage Forensic Model (p. 92)
• Summary (p. 142)
• Chapter 5 Using the DTF Model to Collect and Process Cell Phones and SIM Cards (p. 145)
• Cellular Devices Are Replacing the Laptop (p. 145)
• Proprietary Cell Phone Tools versus Nonproprietary Cell Phone Tools (p. 148)
• Freeware and Shareware as Cell Phone Forensic/Analysis Tools (p. 152)
• Using Cross Validation with your Tools (p. 154)
• Triage Processing of Cellular Devices (p. 155)
• Using the MFC to identify the Cellular Device (p. 157)
• Collection Concerns with Cellular Devices (p. 163)
• Don't Push That Button (p. 166)
• Isolating the Cellular Device (p. 167)
• Using the HTCI Isolation Chamber (p. 168)
• Processing the Cell Phone (p. 180)
• Summary (p. 249)
• Chapter 6 The Changing Role of a Digital Forensic Investigator (p. 251)
• The Solution (p. 251)
• Implementation (p. 254)
• Glossary (p. 257)
• Index (p. 259)

Author notes provided by Syndetics

Stephen Pearson combines more than 29 years of law enforcement experience with in-depth expertise in today's most pervasive Internet and Computer technologies. He began developing tools and training for the investigation of computer crime investigation in 1994 when assigned to the United States Army Military Police School at Ft. McClellan, Alabama. Most recently, Stephen has been directly involved in the development and implementation of computer crime and forensics training for the U.S. armed forces in Iraq and Afghanistan.
Richard Watson is the Vice President of Actionable Intelligence Operations Training with the High Tech Crime Institute, Inc. (HTCI). He conducts business development throughout the United States, focusing on actionable intelligence solutions through digital media exploitation and digital forensics triage. Prior to working for HTCI and after completing eight years of active military duty, Richard worked for the U.S. Department of Energy Protective Forces and was a Colorado Law Enforcement Officer.