Lesson # 1 A Practical Guide to Computer Forensics Investigations

Slides:



Advertisements
Similar presentations
A Gift of Fire, 2edChapter 7: Computer Crime1 Computer Crime.
Advertisements

BUS VIDEO RECORDINGS COLLECTION – PROCESSING - REDACTION - SHARING WHAT IS RIGHT FOR YOUR DISTRICT?
Forensic and Investigative Accounting Chapter 15 Cybercrime Management: Legal Issues © 2007 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL.
Mohd Taufik Abdullah Department of Computer Science
Guide to Computer Forensics and Investigations, Second Edition
BACS 371 Computer Forensics
Technology for Computer Forensics by Alicia Castro.
COS/PSA 413 Day 3. Agenda Questions? Blackboard access? Assignment 1 due September 3:35PM –Hands-On Project 1-2 and 2-2 on page 26 of the text Finish.
GROUP 7 RAHUL JIMMY RONEY GEORGE SHABNAM EKKA SHEETHAL JOSEPH Cyber Laws in India- IT Act, 2000; 2004.
Computer Forensics Mr.PRAWEE PROMPONMUANG M.Sc(Forensic Science) NO
Technology Skills and New Career Opportunities in Policing Professor Byrne Lecture Professor Byrne Lecture September 20 th, 2012 September 20 th, 2012.
Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (
By Drudeisha Madhub Data Protection Commissioner Date:
Private Detective & Investigator Quristain Hand. What Do They Do? (Duties)  Interview people to gather information  Do various types of searches, using.
CJ © 2011 Cengage Learning Chapter 17 Cyber Crime and The Future of Criminal Justice.
Guide to Computer Forensics and Investigations, Second Edition
Bratislava October 2007 PAR - AC CoP Meeting Anti Corruption Regional Programme Regional Programme.
What distinguishes cyber crime from “traditional” crime? What distinguishes cyber crime from “traditional” crime? How has the Internet expanded opportunities.
© 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license.
Use of IT Resources for Evidence Gathering & Analysis Use of IT Resources for Evidence Gathering & Analysis Raymond SO Wing-keung Assistant Director Independent.
Cybersecurity and the Department of Justice Vincent A. Citro, Assistant United States Attorney July 9-10, 2014 Unclassified – For Public Use.
Digital Forensics
Dr Richard Overill Department of Informatics King’s College London Cyber Sleuthing or the Art of the Digital Detective.
A cceptable U se P olicy A student’s guide to using technological tools safely and responsibly. Please see BOE Policy #7314 and Regulation #7314R * This.
Objectives Overview Identify the qualities of valuable information Describe various information systems used in an enterprise Identify the components of.
Ben Livelsberger NIST Information Technology Laboratory, CFTT Program
Security Training & Awareness on a Budget Presented by: Calvin Weeks, (CISSP), CISM, EnCE.
Risk Assessment. InfoSec and Legal Aspects Risk assessment Laws governing InfoSec Privacy.
Privacy, Confidentiality, Security, and Integrity of Electronic Data
Computer Forensics Principles and Practices
An Introduction to Computer Forensics Jim Lindsey Western Kentucky University.
Guide to Computer Forensics and Investigations Fourth Edition Chapter 1 Computer Forensics and Investigations as a Profession.
Internet Fraud Complaint. Internet fraud refers to any type of frauds that take place due to the use of internet.
Lecture 11: Law and Ethics
Computer Security Fundamentals by Chuck Easttom Chapter 13 Cyber Detective.
Disclaimer Certain trade names and company products are mentioned in the text or identified. In no case does such identification imply recommendation or.
Computer Forensics specialist By Andrew Shore Davis Sanders.
Module 13: Computer Investigations Introduction Digital Evidence Preserving Evidence Analysis of Digital Evidence Writing Investigative Reports Proven.
Deloitte Forensic Forensic Technology Conference of Regulatory Officers - CORO November 2012.
1J. M. Kizza - Ethical And Social Issues Module 13: Computer Investigations Introduction Introduction Digital Evidence Digital Evidence Preserving Evidence.
An Introduction to Computer Forensics Jim Lindsey Western Kentucky University September 28, 2007.
INTERNET. Objectives Explain the origin of the Internet and describe how the Internet works. Explain the difference between the World Wide Web and the.
By: Amanda Breazeale Mrs.Moravits Period 6 9/23/14.
 It is a branch of FORENSIC SCIENCE for legal evidence found in computer  It refers to detail investigation of the computers to carry out required tasks.
National Information Exchange Model (NIEM) Executive Introduction November 29, 2006 Thomas O’Reilly NIEM Program Management Office.
Chapter 5 Processing Crime and Incident Scenes Guide to Computer Forensics and Investigations Fourth Edition.
Information Security Legislation Moving ahead Information Security 2001 Professional Information Security Association Sin Chung Kai Legislative Councillor.
Computers and Security by Calder Jones. What is Computer Security Computer Security is the protection of computing systems and the data that they store.
By : Syed Shabi Ul Hassan. What is Cyber Crime?  Crimes that have been made possible by computers.  Such as Identity Theft, Bullying, Hacking, Internet.
By: Matthew Newsome.  The Internet was created so the US Department of Defense can share information between each other, which took place in the 1960’s.
COURSE DESCRIPTION: This course is designed to introduce the students to new and emerging technologies that are impacting the way we input information.
Cell Phone Forensics Investigator - ICFECI
Computer Forensics. OVERVIEW OF SEMINAR Introduction Introduction Defining Cyber Crime Defining Cyber Crime Cyber Crime Cyber Crime Cyber Crime As Global.
18-1 PRENTICE HALL ©2008 Pearson Education, Inc. Upper Saddle River, NJ FORENSIC SCIENCE An Introduction By Richard Saferstein.
Investigations 2016 First semester [ 12 week ]-Forensic Analysis of the Windows 7 Registry.
Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (
PhD Oral Exam Presentation
Security, Social and Legal Issues Regarding Software and Internet
Technology Skills and New Career Opportunities in Policing
Chapter 2 Organizing Public Security in the United States
Lesson # 7 A Practical Guide to Computer Forensics Investigations
Criminal Justice Careers
Year 10 ICT ECDL/ICDL IT Security.
INTERPOL Washington Forty years of connecting police worldwide
U.S. Department of Justice
A Gift of Fire Third edition Sara Baase
CompTIA Security+ Study Guide (SY0-401)
Forensic and Investigative Accounting
1 Advanced Cyber Security Forensics Training for Law Enforcement Building Advanced Forensics & Digital Evidence Human Resource in the Law Enforcement sector.
Presentation transcript:

Lesson # 1 A Practical Guide to Computer Forensics Investigations Chapter 1 The Scope of Computer Forensics

Lesson #: 1 Objectives Understand the definition and importance of computer forensics Understand different types of digital evidence and how they are used Understand the skills, training, and education required to become a computer forensics investigator Know job opportunities in the field of computer forensics Know the history of computer forensics Name agencies in the United States and internationally involved in computer forensics investigations

The Definition and Importance of Computer Forensics Computer forensics is the retrieval, analysis, and use of digital evidence in a civil or criminal investigation. Any medium that can store digital files is a potential source of evidence for a computer forensics investigator. Computer forensics is a science because of the accepted practices used for acquiring and examining the evidence and its admissibility in court. Forensically sound means that during the acquisition of digital evidence and throughout the investigative process the evidence must remain in its original state. Moreover, everyone who has been in contact with the evidence must be accounted for and documented in the Chain of Custody form.

Different Types of Forensic Evidence and How It Is Used Practically every type of file can be recovered using computer forensics. Email is arguably the most important type of digital evidence Images Video Websites visited and Internet searches Cell phones

Different Types of Forensic Evidence and How It Is Used (cont.) File Metadata

Different Types of Forensic Evidence and How It Is Used (cont.) Skimming Devices Used to Capture Data Stored on the Magnetic Stripe of an ATM Card

Different Types of Forensic Evidence and How It Is Used (cont.) Communication Between a Client and a Web Server

What Skills Must a Computer Forensics Investigator Possess? Computer Science Knowledge Legal Expertise Communication Skills Linguistic Abilities Continuous Learning Appreciation for Confidentiality

The Importance of Computer Forensics The Bureau of Labor Statistics has recognized the importance of computer forensics and security. It estimates that between 2008 and 2018 job opportunities will increase by 22 percent. The increase in employment opportunities will result from an increase in criminal activity on the Internet, such as identity theft, spamming, email harassment, and illegal downloading of copyrighted materials. Skilled computer forensics examiners also have job opportunities within private investigation firms. Jobs for computer forensics investigators are available in many sectors of the economy, propelled by the digitization of our personal information.

The History of Computer Forensics 1981: IBM introduced the 5150 PC. 1984: The FBI established the Magnetic Media Program, later known as CART. 1984: The National Center for Missing and Exploited Children (NCMEC) was founded. 1985 HTCIA was founded in CA. 1986: The USSS established the Electronic Crimes Task Force (ECTF). 1986: Congress passed the Computer Fraud and Abuse Act. 1993: The first International Conference on Computer Evidence took place. 1994: Congress passed the Crime Bill, and the USSS began working on crimes against children.

The History of Computer Forensics (cont.) 1994: Mosaic Netscape, the first graphical web browser, was released. 1995: The International Organization on Computer Evidence (IOCE) was formed. 1996: USSS founded the New York Electronic Crimes Task Force (ECTF). 1999: The First Regional Computer Forensics Laboratory (RCFL) was established in San Diego. 2000: The IRS Criminal Investigation Division (IRS-CID) began using ILook. 2001: The USA PATRIOT Act and USSS were directed to establish ECTFs nationwide. 2001: INTERPOL developed a database of exploited children (ICAID).

The History of Computer Forensics (cont.) 2002: The Department of Homeland Security (DHS) was formed. 2003: The PROTECT Act was passed to fight against child exploitation. 2003: Fusion centers were established. 2007: The National Computer Forensics Institute (NCFI) was established. 2008: The formation of an INTERPOL Computer Forensics Analysis Unit was approved. 2009: The first European ECTF was formed (Italy). 2010: The second European ECTF was formed (United Kingdom).

The History of Computer Forensics (cont.) 1980s: The Advent of the Personal computer The first electronic bulletin boards emerged and facilitated communication between hackers. Subsequently, hacking groups, such as the Legion of Doom in the United States, emerged. The 1983 film War Games introduced the public to the concept of hacking with a personal computer to gain access to government computers. In 1984, Eric Corley (with the handle Emmanuel Goldstein) published 2600: The Hacker Quarterly , which facilitated the exchange of hacking ideas. In 1984, the FBI established the Magnetic Media Program, which subsequently became known as the Computer Analysis and Response Team (CART), and was responsible for computer forensics examinations. In 1984, the U.S. Congress established the National Center for Missing and Exploited Children (NCMEC).

The History of Computer Forensics (cont.) 1990s: The Impact of the Internet Web browsers prompted a massive migration of computers to the Internet. In 1998, the Defense Reform Initiative Directive #27 directed the U.S. Air Force to establish the joint Department of Defense Computer Forensics Laboratory, which would be responsible for counterintelligence, and criminal and fraud computer evidence investigations. The IRS Criminal Investigation Division Electronic Crimes Program funded Elliott Spencer to develop a computer forensics tool known as ILook. In 1994, Congress mandated that the USSS apply its forensic and technical knowledge to criminal investigations connected to missing and exploited children. In 2001, the USA PATRIOT Act mandated that the United States Secret Service expand its successful New York Electronic Crimes Task Force and establish ECTFs nationwide.

Agencies Involved in Computer Forensics Investigations Department of Defense Federal Bureau of Investigation U.S. Internal Revenue Service United States Secret Service Federal Law Enforcement Training Center National White Collar Crime Center INTERPOL High Tech Crime Investigation Association Computer Technology Investigators Network InfraGard

Chapter 1: Summary Reviewed the definition and importance of computer forensics Reviewed different types of digital evidence and how they are used Reviewed the skills, training, and education required to become a computer forensics investigator Reviewed job opportunities in the field of computer forensics Reviewed the history of computer forensics Reviewed agencies in the United States and internationally involved in computer forensics investigations Next Lesson: Chapter 2, “Windows Operating and File Systems”

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.