© 2018

Introductory Computer Forensics

A Hands-on Practical Approach


  • Ties theory with hands-on lab exercises, helping students gain a better understanding of digital forensics, gaining hands-on experience in collecting and preserving digital evidence

  • Covers more than 20 topics in digital forensics, all of which stand on their own and not dependent on previous parts. This independence gives instructors flexibility in determining what parts from the text they want to cover and in what order

  • Each forensic topic is composed of two parts: background knowledge and practical exercises. Each theoretical or background section concludes with a series of quiz questions to test students’ understanding of the material, while the practical exercises are intended to afford students the opportunity to apply the concepts introduced in the section of background knowledge and for self-assessment


Table of contents

  1. Mobile Device Forensics

    1. Xiaodong Lin
      Pages 373-397
    2. Xiaodong Lin
      Pages 399-422
  2. Malware Analysis

    1. Front Matter
      Pages 423-423
    2. Xiaodong Lin
      Pages 425-454
    3. Xiaodong Lin
      Pages 455-504
  3. Multimedia Forensics

    1. Front Matter
      Pages 505-505
    2. Xiaodong Lin
      Pages 507-555
    3. Xiaodong Lin
      Pages 557-577

About this book


This textbook provides an introduction to digital forensics, a rapidly evolving field for solving crimes. Beginning with the basic concepts of computer forensics, each of the book’s 21 chapters focuses on a particular forensic topic composed of two parts: background knowledge and hands-on experience through practice exercises. Each theoretical or background section concludes with a series of review questions, which are prepared to test students’ understanding of the materials, while the practice exercises are intended to afford students the opportunity to apply the concepts introduced in the section on background knowledge.

 This experience-oriented textbook is meant to assist students in gaining a better understanding of digital forensics through hands-on practice in collecting and preserving digital evidence by completing various exercises. With 20 student-directed, inquiry-based practice exercises, students will better understand digital forensic concepts and learn digital forensic investigation techniques.

 This textbook is intended for upper undergraduate and graduate-level students who are taking digital-forensic related courses or working in digital forensics research. It can also be used by digital forensics practitioners, IT security analysts, and security engineers working in the IT security industry, particular IT professionals responsible for digital investigation and incident handling or researchers working in these related fields as a reference book.



Digital forensics Computer forensics Computer security File system analysis File carving Memory forensic analysis Malware analysis Mobile device analysis Log forensic analysis Multimedia forensics Security logging Image steganography Hands on

Authors and affiliations

  1. 1.Department of Physics and Computer Science, Faculty of ScienceWilfrid Laurier UniversityWaterlooCanada

About the authors

Xiaodong Lin received the PhD degree in Information Engineering from Beijing University of Posts and Telecommunications, China, and the PhD degree (with Outstanding Achievement in Graduate Studies Award) in Electrical and Computer Engineering from the University of Waterloo, Canada. He is currently working as an Associate Professor in the School of Computer Science at the University of Guelph, Canada. His research interests include wireless communications and network security, computer forensics, software security, and applied cryptography. With the increasing advance of wireless technology and the worldwide wireless network deployment, wireless networks have been on an upswing to enable ubiquitous Internet access. Making these wireless networks secure has become a major priority to keep our cyber world safe. In the past years, his research has focused on securing vehicular ad-hoc networks (VANETs), which is an emerging wireless network paradigm. He is elevated to IEEE Fellow for his contributions in secure and privacy-preserving vehicular communications. Also, He has been researching digital forensics extensively. For example, his work on automated forensic analysis of Android applications appears at DFRWS USA 2018, a top research conference in the field of digital forensics.

Dr. Lin serves as an Associate Editor for many international journals. He has served or is serving as a guest editor for many special issues of IEEE, Elsevier and Springer journals and as a symposium chair or track chair for IEEE/ACM conferences. He also served on many program committees. He was Chair of Communications and Information Security Technical Committee (CISTC) (2016-2017), IEEE Communications Society (ComSoc). He is a Fellow of the IEEE. He is also a CISSP (Certified Information Systems Security Professional).

Bibliographic information