Introduction to Computer Forensics

Slides:



Advertisements
Similar presentations
2 Language of Computer Crime Investigation
Advertisements

Computer Hacking Forensics Investigator
Chapter Extension 24 Computer Crime and Forensics © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Evidence Collection & Admissibility Computer Forensics BACS 371.
Forensic and Investigative Accounting Chapter 15 Cybercrime Management: Legal Issues © 2007 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL.
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.
Computer Forensics and Digital Investigation – a brief introduction Ulf Larson/Erland Jonsson.
Teaching Computer Forensics Using Student Developed Evidence Files Anna Carlin Cal Poly Pomona.
1 An Overview of Computer Security computer security.
Handling Security Incidents
Incidence Response & Computer Forensics, Second Edition
Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
Computer Forensics What is Computer Forensics? What is the importance of Computer Forensics? What do Computer Forensics specialists do? Applications of.
Computer Forensics BACS 371
Chapter 14: Computer and Network Forensics
Computer Forensics BACS 371
CYBER CRIME AND SECURITY TRENDS
Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (
By Drudeisha Madhub Data Protection Commissioner Date:
COEN 252 Computer Forensics Introduction to Computer Forensics  Thomas Schwarz, S.J w/ T. Scocca.
Guide to Computer Forensics and Investigations, Second Edition
Department of Mathematics Computer and Information Science1 Basics of Cyber Security and Computer Forensics Christopher I. G. Lanclos.
APA of Isfahan University of Technology In the name of God.
An Event-based Digital Forensic Investigation Framework Brian D. Carrier Eugene H. Spafford DFRWS 2004.
General Awareness Training
Guide to Computer Forensics and Investigations, Second Edition Chapter 2 Understanding Computer Investigation.
Cyber crime & Security Prepared by : Rughani Zarana.
Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.
Dr Richard Overill Department of Informatics King’s College London Cyber Sleuthing or the Art of the Digital Detective.
Data and Applications Security Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #21 April 6, 2009.
SEMINAR ON CYBER CRIME PRESENTED BY: SUCHISMITA RATH 1 st sem, MCA Roll no: ITER,BBSR.
8.1 © 2007 by Prentice Hall Minggu ke 6 Chapter 8 Securing Information Systems Chapter 8 Securing Information Systems.
Study of Comparison of Digital Forensic Investigation Models.
Computer Forensics Principles and Practices
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #8 Computer Forensics Data Recovery and Evidence Collection September.
Lecture 11: Law and Ethics
COEN 252 Computer Forensics Introduction to Computer Forensics  Thomas Schwarz, S.J
Guide to Computer Forensics and Investigations, Second Edition Chapter 1 Computer Forensics and Investigations as a Profession.
 It is a branch of FORENSIC SCIENCE for legal evidence found in computer  It refers to detail investigation of the computers to carry out required tasks.
Chapter 2 Understanding Computer Investigations Guide to Computer Forensics and Investigations Fourth Edition.
1 Policy Types l Program l Issue Specific l System l Overall l Most Generic User Policies should be publicized l Internal Operations Policies should be.
January 2001NETWORK ICE1 Forensics. January 2001NETWORK ICE2 What is Computer Forensics? Acquisition of Computer Evidence Preservation Analysis Court.
Chapter 5 Processing Crime and Incident Scenes Guide to Computer Forensics and Investigations Fourth Edition.
Cybercrime What is it, what does it cost, & how is it regulated?
Computer Forensics Presented By:  Anam Sattar  Anum Ijaz  Tayyaba Shaffqat  Daniyal Qadeer Butt  Usman Rashid.
WELCOME TO THE CYBER WORLD PRESENTATION ON CYBER CRIME Presented by Chandan kumar Regd no
© 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke Slide 1 Chapter Extension 24 Computer Crime and Forensics.
DATA PROTECTION 2003 THEORY AND PRACTICE OF HANDLING WITH THE COMPUTER CRIME IN THE REPUBLIC OF MACEDONIA Belgrad.
ONLINE COURSES - SIFS FORENSIC SCIENCE PROGRAMME - 2 Our online course instructors are working professionals handling real-life cases related to various.
CIT 180 Security Fundamentals Computer Forensics.
Computer Forensics By Chris Brown. Computer Forensics Defined Applying computer science to aid in the legal process Utilization of predefined set of procedures.
Computer Forensics. OVERVIEW OF SEMINAR Introduction Introduction Defining Cyber Crime Defining Cyber Crime Cyber Crime Cyber Crime Cyber Crime As Global.
By Jason Swoyer.  Computer forensics is a branch of forensic science pertaining to legal evidence found in computers and digital storage mediums.  Computer.
Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Law and Ethics INFORMATION SECURITY MANAGEMENT
PhD Oral Exam Presentation
Computer Forensics By: Chris Rozic.
Criminal Prosecutors with Computer Forensics
Systems Security Keywords Protecting Systems
Introduction to Computer Forensics
Operating system Security
COMPUTER CRIME.
Computer Forensics – An Introduction
INFORMATION SYSTEMS SECURITY and CONTROL
Faculty of Science IT Department By Raz Dara MA.
Dr. Bhavani Thuraisingham The University of Texas at Dallas
1 Advanced Cyber Security Forensics Training for Law Enforcement Building Advanced Forensics & Digital Evidence Human Resource in the Law Enforcement sector.
Dr. Bhavani Thuraisingham The University of Texas at Dallas
Introduction to Digital Forensics
Presentation transcript:

Introduction to Computer Forensics

Computer Crime Computer Incident Response. Computer crime is any criminal offense, activity or issue that involves computers (http://www.forensics.nl). Computer misuse tends to fall into two categories [1]: Computer is used to commit a crime Computer itself is a target of a crime. Computer is the victim. Computer Security Incident. Computer Incident Response.

Computer is Used to Commit a Crime Computer is used in illegal activities: child pornography, threatening letters, e-mail spam or harassment, extortion, fraud and theft of intellectual property, embezzlement – all these crimes leave digital tracks [1, 2]. Investigation into these types of crimes include searching computers that are suspected of being involved in illegal activities Analysis of gigabytes of data looking for specific keywords, examining log files to see what happened at certain times

Computer Security Incident [2] Unauthorized or unlawful intrusions into computing systems Scanning a system - the systematic probing of ports to see which ones are open [3] Denial–of–Service (DoS) attack - any attack designed to disrupt the ability of authorized users to access data [2, 3]. Malicious Code – any program or procedure that makes unauthorized modifications or triggers unauthorized actions (virus, worm, Trojan horse) [3]

Definitions Computer Forensics involves the preservation, identification, extraction, documentation and interpretation of computer data [1] Computer Forensics is the application of science and engineering to the legal problem of digital evidence. It is a synthesis of science and law. [Mark Pollitt, 5, 6] Computer forensics, still a rather new discipline in computer security, focuses on finding digital evidence after a computer security incident has occurred (http://www.forensics.nl)

Definitions Computer Forensics is the process of methodologically examining computer media (hard discs, diskettes, tapes, etc.) for evidence. [4] Computer Evidence is often transparently created by the operating system (OS) without the knowledge of the computer user. The information may be hidden from view. To find it, special forensic software tools and techniques are required. [4] Computer forensics is about evidence from computers that is sufficiently reliable to stand up in court and be convincing [4]

Methodology Treat every case as if it will end up in the court [1] Forensics Methodology [1]: Acquire the evidence without altering or damaging the origin Authenticate that your recovered evidence is the same as the originally seized data Analyze the data without modifying it There are essentially three phases for recovering evidence from a computer system or storage medium. Those phases are: (1) acquire, (2) analyze, and (3) report (http://www.forensics.nl).

The Goal The goal of computer forensics is to do a structured investigation and find out exactly what happened on a digital system, and who was responsible for it. (http://www.forensics.nl)

The Goals of Incident Response [2] Accumulation of accurate information Establishment of control for proper retrieval and handling of evidence Protection of privacy rights established by law and policy Minimization of disruption to business and network operations Preparation of accurate reports and useful recommendations Minimization of exposure and compromise of proprietary data Protection of organization reputation and assets Education of senior management Promotion of rapid detection/or prevention of such incidents in the future (via lessons learned, policy changes, etc)

References [1] Computer Forensics, Incident Response Essentials, Warren G. Kruse II, Jay G. Heiser, Addison-Wesley [2] Incident Responce and Computer Forensics, Kevin Mandia, Chris Prosise, Matt Pepe, McGraw-Hill [3] Information Security Illuminated, Michael G. Solomon, Mike Chapple, Jones and Bartlett Publishers, Inc [4] Computer Forensics, Computer Crime Scene Investigation, John R. Vacca, Charles River Media Inc [5] Forensic Computing, A Practitioner's Guide, Tony Sammes and Brian Jenkinson, Springer. [6] Mark Pollitt, Computer Forensics: An Approach to Evidence in Cyberspace, http://www.digitalevidencepro.com/Resources/Approach.pdf

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.