Digital Battlefield Forensics

Slides:

Advertisements

Similar presentations

Digital Audio 1.

Advertisements

The next generation in digital forensics Mobile Phones A New Frontier in Digital Forensics BK Forensics.

Backup and Disaster Recovery (BDR) A LOGICAL Alternative to costly Hosted BDR ELLEGENT SYSTEMS, Inc.

An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.

Challenges facing law enforcement agencies in the fight against cybercrime.

MSc in Business Information Technology

Teaching Computer Forensics Using Student Developed Evidence Files Anna Carlin Cal Poly Pomona.

BACS 371 Computer Forensics

Information Assurance & Network Security Certificate Prof. Rafael M. Rivera Universidad del Turabo School of Engineering Institute of Telecommunications.

Digital Potential ICT Skills for Computer and Information Literacy.

By Drudeisha Madhub Data Protection Commissioner Date:

Department of Mathematics Computer and Information Science1 Basics of Cyber Security and Computer Forensics Christopher I. G. Lanclos.

Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.

Recordkeeping for Good Governance Toolkit Digital Recordkeeping Guidance Funafuti, Tuvalu – June 2013.

Overview of Windows and Microsoft Word. Operating System Performs 3 functions –Controls the hardware of the computer Screen, keyboard, disk drives, etc.

Objectives Overview Identify the qualities of valuable information Describe various information systems used in an enterprise Identify the components of.

Undergraduate Technology Programs John Baker Johns Hopkins University Carey Business School

Data Recovery Techniques Florida State University CIS 4360 – Computer Security Fall 2006 December 6, 2006 Matthew Alberti Horacesio Carmichael.

Computer Forensics Principles and Practices

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #8 Computer Forensics Data Recovery and Evidence Collection September.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. System Forensics, Investigation, and Response.

CLOUD COMPUTING Overview on cloud computing. Cloud vendors. Cloud computing is a type of internet based computing where we use a network of remote servers.

EDUCAUSE 2005 Annual Conference October 19, 2005.

Computers Computer & Internet Security How Computer Forensics Works What is the Year 2038 problem? Could hackers devastate the U.S. economy?

Ohio Technology Standards August 9, 2005 Why Standards in Technology? No Child Left Behind Technology Literacy requirement Computer and Multimedia Literacy.

Chapter 5 Processing Crime and Incident Scenes Guide to Computer Forensics and Investigations Fourth Edition.

 Forensics  Application of scientific knowledge to a problem  Computer Forensics  Application of the scientific method in reconstructing a sequence.

Computer Forensics Presented By:  Anam Sattar  Anum Ijaz  Tayyaba Shaffqat  Daniyal Qadeer Butt  Usman Rashid.

Cybercrime Courses 1.Child Protection Software 2.Forensic Scan 3.Internet For Investigators 1.Intelligence Gathering On The Internet (Open Source) 1.Covert.

ONLINE COURSES - SIFS FORENSIC SCIENCE PROGRAMME - 2 Our online course instructors are working professionals handling real-life cases related to various.

Cell Phone Forensics Investigator - ICFECI

CYBERCRIME & ADVANCED PERSISTENT THREATS TEMITAYO OLOYEDE ( ) ATHABASCA UNIVERSITY ETHICAL, LEGAL, AND SOCIAL ISSUES IN INFORMATION TECHNOLOGY (COMP607)

Computer Forensics. OVERVIEW OF SEMINAR Introduction Introduction Defining Cyber Crime Defining Cyber Crime Cyber Crime Cyber Crime Cyber Crime As Global.

Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (

Digital Forensics Anthony Lawrence. Overview Digital forensics is a branch of forensics focusing on investigating electronic devises. Important in for.

King William High School. Cyber Security Curriculum 4 year high school curriculum Up to 5 technology certifications upon successful completion of each.

Brand Intelligence “We liked the existing investigative services, but we prefer having our own (intelligence) capability.” Introduction Our clients.

Creighton Barrett Dalhousie University Archives

Lesson 22: Configuring System Recovery

Chapter 1: Introduction

INF 103 MART Successful Learning/inf103mart.com

Cybersecurity Education & Awareness Overview

Associate Degree in Cyber security

Presented by: Groups 6&7 Teri, Kate, Susan, Jen & Julie

WEB INFO COMPUTER INSTITUTE

Computer Forensics 1 1.

Lesson # 1 A Practical Guide to Computer Forensics Investigations

Introduction The Regional Computer Forensics Laboratory (RCFL) National Program Office created this toolkit to help law enforcement executives assess.

Introduction to Computer Forensics

Cloud Storage - an introduction

MANAGEMENT INFORMATION SYSTEMS

Securing Information Systems

Digital Audio 1.

In Order To Get Error Free Internet Browsing Contact Avira Online Support Number Avira provides the users with the best security protection to their computer.

Computer Forensics Discovery and recovery of digital evidence

U.S. Department of Justice

Computer Science I CSC 135.

Upgrading Your PC: Flash Memory and Gathering User Information

Microsoft Virtual Academy

Finding Great Resources on the Internet

Auburn University WOUNDED WARRIOR PROGRAM.

Ad Hoc Phase Structured Phase Enterprise Phase

Information Assurance & Network Security Certificate

1 Advanced Cyber Security Forensics Training for Law Enforcement Building Advanced Forensics & Digital Evidence Human Resource in the Law Enforcement sector.

Technology and society

Digital Forensics Andrew Schierberg, Fort Mitchell Police, Schierberg LAw Jay Downs, Kenton County Police.

Computer Applications -Generic Elective

Bethesda Cybersecurity Club

Presentation transcript:

Digital Battlefield Forensics Eric S. Imsand John A. Hamilton, Jr. Department of Computer Science & Software Engineering

Introduction To most people, “information warfare” equals cyber-space, plasma screens, and high-tech command centers. This vision does not mirror reality.

Introduction In reality, digital devices are prevalent on modern battlefields Soldiers on both sides may be carrying any/all of the following: Cell phone PDA “Smart” phone Computer Etc.

Introduction Digital devices recovered on the battlefield could store highly valuable information Challenge: How do we train our combat forces to seize digital evidence without damaging it?

Summary of Auburn Solution Auburn has embarked on a two-prong solution to this challenge Training “wounded warriors” that are being discharged to function as digital forensic investigators Developing training for current soldiers to seize digital evidence on the battlefield in a forensically sound manner

“Wounded Warrior” Training Partnership with Mississippi State University and Tuskegee University Funding from the National Science Foundation

“Wounded Warrior” Training Overview: Modern medicine has made previously-fatal injuries survivable Result: Many more injured service members than in prior conflicts Many of these service-members are no longer able to serve in the armed forces and have to find new careers

“Wounded Warrior” Training Overview (cont): At the same time, severe shortage of digital forensic investigators across the country Goal: Train injured service members in digital forensics Allow these soldiers to continue to serve their country Fill a vital need faced by our nation

“Wounded Warrior” Training Class format: 40 total hours of instruction Two class formats: One week, 8 hours / day Two weeks, 4 hours / day Chosen class format depends on the needs of the base Some bases cannot support the one week format. Other installations prefer the one week format.

“Wounded Warrior” Training Class format (cont.): Auburn provides all of the necessary course equipment and software Ship a “portable lab” to the site Free of charge to the students, the base, and the service (i.e. Army, Navy, etc.)

“Wounded Warrior” Training Basic Curriculum: Basic Computer Usage For warriors who are not well versed on using a computer Overview of Computer Hardware Hard disks, CPUs, Motherboards, etc. Writing a Business Plan / Small Business Advertising How to advertise your services in the private sector; how to form an investigative firm (if desired) Introduction to Cybercrime What types of crime are being committed?

“Wounded Warrior” Training Basic Curriculum (cont.) Introduction to Forensic Tools Overview of Digital Forensic Search and Seizure Procedures How to properly seize digital evidence so that admissibility is preserved Introduction to Imaging & Hashing Overview of Digital Storage Magnetic vs. optical vs. flash storage

“Wounded Warrior” Training Basic Curriculum (cont.) Introduction to Digital Evidence When is evidence recoverable? When is it gone? Introduction to File Systems Overview of file system concepts

“Wounded Warrior” Training Results Thus far, Auburn has offered 8 classes at bases around the country.

“Wounded Warrior” Training Results Preliminary Findings: These courses have increased… The number of soldiers considering a career in digital forensics Technical skill and proficiency (self-reported by students) Awareness of digital information and its “permanence”

“Wounded Warrior” Training: What Next? Currently exploring ways to get the course to a larger number of students Ex: Online training?

Battlefield Forensics What is “Battlefield Forensics”? Our term for the use of forensicly sound recovery techniques on digital devices seized on the battlefield. i.e. seizing captured devices

Battlefield Forensics Why “Battlefield Forensics”? Increasing number of digital devices found on battlefield Anti-forensic technologies becoming more widespread, easier to use, and more effective Result: The initial window immediately after seizure may represent best case for recovering useable information

Battlefield Forensics and Anti-forensic Technologies In the future, it is likely that devices seized from terrorists or combatants will… … be “booby-trapped” such that improper handling may destroy the desired information. … be encrypted, making future recovery of information unlikely … be damaged by over-eager field commanders searching for intelligence they can leverage in the field. The answer to all of these problems is to increase awareness of the proper handling of digital evidence

Battlefield Forensics: Proposed Curriculum Auburn is developing course materials targeted for ground forces to solve this problem Course format is a small, two-three day course (8 hours of instruction per day). Course is targeted at laypeople. The following is a listing of the topics that are currently included in the curriculum

Battlefield Forensics: Proposed Curriculum Proposed topics: Computer organization (i.e. parts of a computer) System analysis (i.e. identifying OS, encryption software, etc.) Persistence of data Introduction to Cryptography Anti-forensic technologies System cracking

Battlefield Forensics: Ethical and Practical Concerns Many of the techniques in this curriculum can be considered offensive (i.e. “hacker” techniques) Our goal is not to train soldiers to “hack” Trainees must be selected judiciously. Not every soldier/sailor/airman/marine needs this training Ultimately this training is no different than other skills taught to service members: when abused they can cause harm Still, we will not teach “Internet” based attacks 

Summary Traditional combat is being impacted by digital devices These digital devices carry potentially valuable information Auburn University is helping to address this need through a two-prong approach: Training injured veterans in digital forensics Designing courses for current soldiers to help them seize digital information securely

Acknowledgements This work is supported by the National Science Foundation, grant number # NSF-OCI-0753305. Our Lab Manager, Mr. James R. Thompson has played a major role in this program. Mr. Thompson is an NSF Scholarship for Service scholar and will join the US Civil Service upon completion of his graduate studies at Auburn University.

Questions?