Brett Shavers - Placing the Suspect Behind the Keyboard: Using Digital Forensics and Investigative Techniques to Identify Cybercrime Suspects

Acquiring Editor:Chris Katsaropoulos

Development Editor:Heather Scherer

Project Manager:Malathi Samayan

Designer:Kristen Davis

Syngress is an imprint of Elsevier

225 Wyman Street, Waltham, MA 02451, USA

2013 Elsevier, Inc. All rights reserved.

No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publishers permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions

This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein).

Notices

Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods or professional practices, may become necessary. Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information or methods described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility.

To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein.

Library of Congress Cataloging-in-Publication Data

Application submitted.

British Library Cataloguing-in-Publication Data

A catalogue record for this book is available from the British Library.

For information on all Syngress publications visit our website at http://store.elsevier.com

ISBN: 978-1-59749-985-9

Printed in the United States of America

13 14 15 16 12 11 10 9 8 7 6 5 4 3 2 1

The forensic community has grown in size in the past years, so to give thanks to the many that have kept me focused, encouraged me, and shared their knowledge is a longer list than I could share in a few pages. There are some that cannot go without public acknowledgement, for without their support as friends and confidants, this book would not have been but a fleeting thought.

I cannot thank Harlan Carvey enough for agreeing to be the Tech Editor for this book. Harlan is the rare person that not only has legendary expertise in the field, but also has a great heart as a person and family man. Troy Larson, another digital forensics legend, for his foreword to my book. Dave Stenhouse, one of the best persons I know to bounce ideas on the tough cases. Going back a few years, I thank the finest partner a detective could have, Mark Klinke. Mark is one of those investigators that will dig and not stop until the case is finished, all the while doing an absolute great job. I tend to think his tenacity in purpose rubbed off a bit on me. Id also like to thank a dear friend, Brad Tofthagen, who constantly reminds me through his actions, that personal integrity and honor is something to keep strong, no matter the cost or effort. My constant calls, emails, and bothersome requests over the years, and in particular for this book, are appreciated.

As for my number one supporter, I thank my wife Chikae, as she has endured my endless discussions of computer jargon and excitement of finding forensic artifacts in my cases. Her limitless support was instrumental and probably the main reason I started and finished this book. I attribute my success and the success of our children to her tireless efforts and patience to encourage all of us to drive on.