Slashdot Mirror
CyberForensics
brothke writes "CyberForensics: Understanding Information Security Investigations is a new book written by a cast of industry all-stars. The book takes a broad look at cyberforensics with various case studies. Each of the book's 10 chapters takes a different approach to the topic. The book is meant to be a source guide to the core ideas on cyberforensics." Read on for the rest of Ben's review.
CyberForensics: Understanding Information Security
author
Jennifer Bayuk (Editor)
pages
167
publisher
Humana Press
rating
8/10
reviewer
Ben Rothke
ISBN
978-1607617716
summary
New book written by a cast of industry all-stars
The book notes that there is a cohesive set of concepts that binds cybersecurity investigators to a shared vision, of which is tries to be a source to. But at 150 pages, while all of the chapters are well-written and enlightening, the book does not have the breadth and depth needed to be a single source of all things cyberforensics.
Jennifer Bayuk is the books editor, who also wrote the introduction. I reviewed two of Bayuk's books on this site, Stepping Through the InfoSec Program and Enterprise Security For the Executive. Bayuk's introduction provides a historical background to the subject and puts things into context. The chapter uses a fantastic visual tool to explain the complete cyberforensic framework.
Chapter 2 is about the Complex World of Corporate CyberForencisc Investigations, and does a good job of detailing the various elements involved in getting various corporate departments integrated during an investigation. IT in an enterprise setting is fraught with challenges. Performing a forensic investigation in enterprise IT is even more challenging. Often these groups have different agendas and react quite different to a forensic event. The author uses the analogy of a puzzle, which can be complex to put together, but is challenging and necessary nonetheless.
Many of the chapters take a broader view of the topic, while others are quite detailed. Perhaps the best chapter in the book is chapter 6 – Analyzing Malicious Software from Lenny Zeltser. The chapter is an outgrowth of Zeltser's SANS Security 569 course on the topic. The chapter use of a case study to detail the behaviors analysis of malicious code provides an excellent synopsis of how to analyze and debug malicious code.
Chapter 7 on Network Packet Forensics from Eddie Schwartz is another exceptional chapter that provides the reader with a walk-through of using various digital forensic input to solve an incident.
Chapter 10 in Cybercrime and Law Enforcement Cooperation is about how to interface with law enforcement during a cyberforensic investigation. This may be the Achilles heel of forensics is that getting external cooperation is difficult at best, and often impossible. A recent example of this is when a friend of mine who had detailed information about the source of the Stuxnet worm. He attempted to share the information with law enforcement without much success. The various organizations were not receptive to it and didn't to take action on his well-researched claims.
The book is written for an experienced practitioner who wants an overview of current trends. This is not a for dummies type of book. Readers are expected to be comfortable with varied topics such as Wireshark packet capture, code analysis, investigations, and more. Those looking for an introduction to cyberforensics should definitely consider another title such as Computer Forensics for Dummies.
A problem with books of collaborations such as this is that they often lack a consistent stream of thought. This book is suffers from that, but to a limited degree. It is impossible for ten different authors wring about the same subject not to have different styles. An example of that is the use of the spelling of both CyberForensics and Cyberforensics in the book.
At 150 pages, the book is a relatively quick initial read, and covers numerous interesting areas.
The only downside to the book is that it has a prohibitive list price of $189.00 A month after its release, that price may be the reason why it has an Amazon Bestsellers Rank of #1,399,835.
While the book has excellent content, its exorbitant price will simply ensure that its sales will be eclipsed by the Pocket Oxford Latin Dictionary, coming in way ahead with an Amazon Bestsellers Rank of 182,392.
Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.
You can purchase CyberForensics: Understanding Information Security from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
Jennifer Bayuk is the books editor, who also wrote the introduction. I reviewed two of Bayuk's books on this site, Stepping Through the InfoSec Program and Enterprise Security For the Executive. Bayuk's introduction provides a historical background to the subject and puts things into context. The chapter uses a fantastic visual tool to explain the complete cyberforensic framework.
Chapter 2 is about the Complex World of Corporate CyberForencisc Investigations, and does a good job of detailing the various elements involved in getting various corporate departments integrated during an investigation. IT in an enterprise setting is fraught with challenges. Performing a forensic investigation in enterprise IT is even more challenging. Often these groups have different agendas and react quite different to a forensic event. The author uses the analogy of a puzzle, which can be complex to put together, but is challenging and necessary nonetheless.
Many of the chapters take a broader view of the topic, while others are quite detailed. Perhaps the best chapter in the book is chapter 6 – Analyzing Malicious Software from Lenny Zeltser. The chapter is an outgrowth of Zeltser's SANS Security 569 course on the topic. The chapter use of a case study to detail the behaviors analysis of malicious code provides an excellent synopsis of how to analyze and debug malicious code.
Chapter 7 on Network Packet Forensics from Eddie Schwartz is another exceptional chapter that provides the reader with a walk-through of using various digital forensic input to solve an incident.
Chapter 10 in Cybercrime and Law Enforcement Cooperation is about how to interface with law enforcement during a cyberforensic investigation. This may be the Achilles heel of forensics is that getting external cooperation is difficult at best, and often impossible. A recent example of this is when a friend of mine who had detailed information about the source of the Stuxnet worm. He attempted to share the information with law enforcement without much success. The various organizations were not receptive to it and didn't to take action on his well-researched claims.
The book is written for an experienced practitioner who wants an overview of current trends. This is not a for dummies type of book. Readers are expected to be comfortable with varied topics such as Wireshark packet capture, code analysis, investigations, and more. Those looking for an introduction to cyberforensics should definitely consider another title such as Computer Forensics for Dummies.
A problem with books of collaborations such as this is that they often lack a consistent stream of thought. This book is suffers from that, but to a limited degree. It is impossible for ten different authors wring about the same subject not to have different styles. An example of that is the use of the spelling of both CyberForensics and Cyberforensics in the book.
At 150 pages, the book is a relatively quick initial read, and covers numerous interesting areas.
The only downside to the book is that it has a prohibitive list price of $189.00 A month after its release, that price may be the reason why it has an Amazon Bestsellers Rank of #1,399,835.
While the book has excellent content, its exorbitant price will simply ensure that its sales will be eclipsed by the Pocket Oxford Latin Dictionary, coming in way ahead with an Amazon Bestsellers Rank of 182,392.
Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.
You can purchase CyberForensics: Understanding Information Security from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
lol
Holy shit, $189! Seriously, WTF? Is it printed in gold leaf?
Any term or word tagged with the prefix "cyber" reeks of ignorance and opportunism. So thanks but no thanks, for this book.
At that price, this good is so excludable they will have to use econoforensics to find the tard that would MSRP this book at that price-point. Perhaps they are shooting for the scholastic world, for what does price matter if it is required reading for a class (says the book publishers, anyways).
Perhaps I will just download a cybercopy with LimeWire. Oh wait.
'We are trying to prove ourselves wrong as quickly as possible, because only in that way can we find progress.' RPF
How do you get fingerprints from someone with a robot hand? Is it ethical to use data from enhanced memory storage devices connected to the brain if the cyborg it belonged to did not explicitly and voluntarily express the data? These questions and many more are asked every day in the field of Cyber Forensics. I appreciate that this book looks into these controversial topics, it helps that we're trying to anticipate these dilemmas in the hopes that we can resolve them before they are commonplace.
Twinstiq, game news
"Each of the books 10 chapters..." should be "Each of the book's ten chapters..." .... just sayin'
Ah, the Internet... where men are men, women are men...
(puts on glasses)
... and children are FBI agents.
iDon't earn enough CyberMoney to e-waste it on this NetBook.
Given that the list of contributors includes 13 industry experts in this field, it is grossly unrealistic to expect this book to retail for the normal $34.95 (or whatever the normal price is). I don't know what the net profit is for a $34.95 book, but consider: would you be willing to invest YOUR time for just 1/13 of it? I wouldn't.
In terms of pricing and content, one should thus consider this more of a White Paper.
I for one am delighted at this collaboration -- each expert given an opportunity to write about their specialty.
Otherwise (individually) they could not (or more likely, would not) have written a book on their own.
What one fool can do, another can. (Ancient Simian Proverb)
Forward? Foreward? "the technology our industry"? That's just in the first few pages!!! No purchase for you!
Talk about bend over...
The 13 industry experts contributed a grand total of less 15 pages apiece.
And for that I should pay $189 bucks?!
There are several books out there than combine the input from several industry experts that cost less than half of this...Grey Hat Hacking comes to mind, as having several industry experts contributing, and it damn sure didn't cost 200 bucks!
Hell, most of the "Stealing the Network: How to own the..." books would fall under this multiple experts contributing type of work as well.
I have no problem forking over anywhere between 40 to 70 bucks for a well written book that contains good information, but at this price, and for this amount of information, I'll wait for an e-book version to show up on my favorite tracker.
This is just highway robbery, and they're guaranteed to make less money at this price point, than if they were just getting 1/13th of it at a much more reasonable cost.
And if it was one tenth of the price, I still wouldn't buy it. It's got "cyber" in the title. That means the authors or at least the editor is dangerously clueless or pandering to same, such as the n00bs in government. That's probably where the price comes from too.
Computer Forensic book for dummies is here and titled Enterprise Security for the Executive:... located at Amazon too. This book also has a coloring book on the opposite page as the text. That way when in a meeting the Executive looks like they are 'hip' to IT Security, but inside it is full of fun.
"The laws of science be a harsh mistress." --Bender
"A problem with books of collaborations such as this is that they often lack a consistent stream of thought." /., but I really have trouble taking a review seriously when the author can't string two sentences together without my having to reread due to a change in tense or subject. I'm certainly not going to buy a $180 book on the word of a review like this.
A problem with this reviews is it lacks a consistent stream of thought. I know that this is
The original review had the Amazon Bestsellers Rank at #1,399,835.
Earlier today when I looked at the rating it had gone down to #1,6xx,xxx
And just now when I looked at it, it's at #40,592 !
What changed? Well, a review by brothke's was posted at the site (four stars) and /. readers had simply looked at the page.
I call "BULLSHIT!" on Amazon!
What one fool can do, another can. (Ancient Simian Proverb)
I'm not sure where they got their page count info from. Google shows it is 450 pages long:
Google Shopping.