An overview of computer forensics
What is Big Data?
Big Data forensics
Summary
Chapter 2: Understanding Hadoop Internals and Architecture
The Hadoop architecture
Hadoop data analysis tools
Managing files in Hadoop
The Hadoop forensic evidence ecosystem
Running Hadoop
Summary
Chapter 3: Identifying Big Data Evidence
Identifying evidence
Locating sources of data
The chain of custody documentation
Summary
Chapter 4: Collecting Hadoop Distributed File System Data
Forensically collecting a cluster system
Physical versus remote collections
Hadoop data analysis tools
Managing files in Hadoop
The Hadoop forensic evidence ecosystem
Running Hadoop
Summary
Chapter 3: Identifying Big Data Evidence
Identifying evidence
Locating sources of data
The chain of custody documentation
Summary
Chapter 4: Collecting Hadoop Distributed File System Data
Forensically collecting a cluster system
Physical versus remote collections
HDFS collections through the host operating system
The Hadoop shell command collection
Other HDFS collection approaches
Summary
Chapter 5: Collecting Hadoop Application Data
Application collection approaches
Validating application collections
Collecting Hive evidence
Collecting HBase evidence
Collecting other Hadoop application data and non-Hadoop data
Summary
Chapter 6: Performing Hadoop Distributed File
System Analysis
The forensic analysis process
Analysis preparation
Analysis
Summary
Chapter 7: Analyzing Hadoop Application Data
Preparing the analysis environment
Pre-analysis steps
Analyzing data
Summary
Chapter 8: Presenting Forensic Findings
Types of reports
Developing the report
Testimony and other presentations
Summary
Index