Preface
[ viii ]
In this book, the processes, tools, and techniques for performing a forensic
investigation of Hadoop are described and explored in detail. Many of the concepts
covered in this book can be applied to other Big Data systems—not just Hadoop.
The processes for identifying and collecting forensic evidence are covered, and the
processes for analyzing the data as part of an investigation and presenting the ndings
are detailed. Practical examples are given by using LightHadoop and Amazon Web
Services to develop test Hadoop environments and perform forensics against them.
By the end of the book, you will be able to work with the Hadoop command line
and forensic software packages and understand the forensic process.
What this book covers
Chapter 1, Starting Out with Forensic Investigations and Big Data, is an overview of
both forensics and Big Data. This chapter covers why Big Data is important, how it
is being used, and how forensics of Big Data is different from traditional forensics.
Chapter 2, Understanding Hadoop Internals and Architecture, is a detailed explanation
of Hadoop's internals and how data is stored within a Hadoop environment.
Chapter 3, Identifying Big Data Evidence, covers the process for identifying relevant
data within Hadoop using techniques such as interviews, data sampling, and
system reviews.
Chapter 4, Collecting Hadoop Distributed File System Data, details how to collect
forensic evidence from the Hadoop Distributed File System (HDFS) using
physical and logical collection methods.
Chapter 5, Collecting Hadoop Application Data, examines the processes for collecting
evidence from Hadoop applications using logical- and query-based methods.
HBase, Hive, and Pig are covered in this chapter.
Chapter 6, Performing Hadoop Distributed File System Analysis, details how to conduct
a forensic analysis of HDFS evidence, utilizing techniques such as le carving and
keyword analysis.
Chapter 7, Analyzing Hadoop Application Data, covers how to conduct a forensic analysis
of Hadoop application data using databases and statistical analysis techniques. Topics
such as Benford's law and clustering are discussed in this chapter.
Chapter 8, Presenting Forensic Findings, shows to how to present forensic ndings
for internal investigations or legal proceedings.
www.it-ebooks.info
我的内容管理
展开
