Digital Forensics Chris Rozic.

Slides:



Advertisements
Similar presentations
Chapter 13: Advanced Security and Beyond Security+ Guide to Network Security Fundamentals Second Edition.
Advertisements

Chapter 13: Advanced Security and Beyond
Gathering digital evidence by the EU Commission in inspections
Effective Discovery Techniques In Computer Crime Cases.
Data Collection, Analysis and Preservation Computer Forensics: Data Collection, Analysis and Preservation Kikunda Eric Kajangu, Cher Vue, and John Mottola.
An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.
Guide to Computer Forensics and Investigations, Second Edition
Guide to Computer Forensics and Investigations Fourth Edition
Mgt 240 Lecture Exam Review February 1, Homework Three Due Friday 2/4 at 5pm Due Friday 2/4 at 5pm Any questions? Any questions? Posted on course.
COS/PSA 413 Day 3. Agenda Questions? Blackboard access? Assignment 1 due September 3:35PM –Hands-On Project 1-2 and 2-2 on page 26 of the text Finish.
COS/PSA 413 Day 5. Agenda Questions? Assignment 2 Redo –Due September 3:35 PM Assignment 3 posted –Due September 3:35 PM Quiz 1 on September.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
OPERATING SYSTEMS AND SYSTEMS SOFTWARE. SYSTEMS SOFTWARE Systems software consists of the programs that control the operations of the computer and its.
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
COEN 252 Computer Forensics Forensic Duplication of Hard Drives.
COEN 252 Computer Forensics
NIST CFTT: Testing Disk Imaging Tools James R. Lyle National Institute of Standards and Technology Gaithersburg Md.
Figure 1-2: Simple peer-to-peer network
Guide to Computer Forensics and Investigations Fourth Edition
Net Optics Confidential and Proprietary Net Optics appTap Intelligent Access and Monitoring Architecture Solutions.
By Donald Wood CSS 350. Overview Forensic tools are an important part of the computer forensic investigator’s ability to perform his/her job. Imaging.
Teaching Digital Forensics w/Virtuals By Amelia Phillips.
What is FORENSICS? Why do we need Network Forensics?
Objectives Overview Identify the qualities of valuable information Describe various information systems used in an enterprise Identify the components of.
Models of Models: Digital Forensics and Domain-Specific Languages Daniel A. Ray and Phillip G. Bradford The University of Alabama Tuscaloosa, AL
Computer Forensics Principles and Practices
1 IT Investigative Tools Tools and Services for the Forensic Auditor.
Guide to Computer Forensics and Investigations Fourth Edition
Document Management Systems for Legal Sector Infocrew Solutions Pvt.Ltd.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #4 Data Acquisition September 8, 2008.
Forensic Procedures 1. Assess the situation and understand what type of incident or crime is to be investigated. 2. Obtain senior management approval to.
.  Define risk and risk management  Describe the components of risk management  List and describe vulnerability scanning tools  Define penetration.
An Introduction to Computer Forensics Jim Lindsey Western Kentucky University September 28, 2007.
Remote Forensic Tools --- PDIR and EEE Tool review - remote forensic preservation and examination tools Editor : Eoghan Casey, Aaron Stanley Source : Digital.
Packet Capture and Analysis: An Introduction to Wireshark 1.
Chapter 5 Processing Crime and Incident Scenes Guide to Computer Forensics and Investigations Fourth Edition.
Selective and Intelligent Imaging Using Digital Evidence Bags.
CJ 317 – Computer Forensics
 Forensics  Application of scientific knowledge to a problem  Computer Forensics  Application of the scientific method in reconstructing a sequence.
Computer Forensics Presented By:  Anam Sattar  Anum Ijaz  Tayyaba Shaffqat  Daniyal Qadeer Butt  Usman Rashid.
Forensics Jeff Wang Code Mentor: John Zhu (IT Support)
Communications & Networks National 4 & 5 Computing Science.
Chao-Hsien Chu, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA Search.
03/08/1999UT Austin: GSLIS LIS Information Management LIS /8/99 Martha Richardson.
Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.
DATA PROTECTION 2003 THEORY AND PRACTICE OF HANDLING WITH THE COMPUTER CRIME IN THE REPUBLIC OF MACEDONIA Belgrad.
Where are my files? Discoveries in establishing a digital archive workflow Sally McDonald Archivist/Librarian Western History/Genealogy, Denver Public.
COEN 252 Computer Forensics Forensic Duplication of Hard Drives.
By: Jeremy Henry. Road Map  What is a cybercrime?  Statistics.  Tools used by an investigator.  Techniques and procedures used.  Specific case.
Computer Forensics By Chris Brown. Computer Forensics Defined Applying computer science to aid in the legal process Utilization of predefined set of procedures.
Chapter 8 Forensic Duplication Spring Incident Response & Computer Forensics.
By Jason Swoyer.  Computer forensics is a branch of forensic science pertaining to legal evidence found in computers and digital storage mediums.  Computer.
Models of Models: Digital Forensics and Domain-Specific Languages
Creighton Barrett Dalhousie University Archives
Organizations Are Embracing New Opportunities
Computer Forensics By: Chris Rozic.
Associate Degree in Cyber security
Computer Software Lecture 5.
Joseph JaJa, Mike Smorul, and Sangchul Song
Guide to Computer Forensics and Investigations Fifth Edition
An Introduction to Computer Networking
CHFI & Digital Forensics [Part.1] - Basics & FTK Imager
©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.
Tiers vs. Layers.
IT Audit Capacity Building
Digital Forensics CJ
Forensic Recovery of Evidence Device (FRED)
Digital Forensics Andrew Schierberg, Fort Mitchell Police, Schierberg LAw Jay Downs, Kenton County Police.
The Database Environment
STATEL an easy way to transfer data
Presentation transcript:

Digital Forensics Chris Rozic

Direction Definition of digital forensics Areas of required expertise Collection of digital evidence Actual investigation Examples of forensic software Digital Forensics example

Definition A scientific, systematic inspection of a computer system and its contents for evidence or supportive evidence of a crime or other illegitimate computer use. Must be techno-legal in nature

General Process

Must knows of Forensics Investigator Must be highly knowledgeable in many areas Computer forensics protocols Network infrastructures Evidence control E-discovery tools

Collection of evidence Done in three parts Workstation of the offender Server accessed by offender The connecting network Must take extreme caution while handling the captured information Consider the organization

Actual Investigation Analyze the surrounding Photograph Power down machine and inspect Documentation

Duplicate Hard Drive Duplicate entire hard drive at sector level Use hardware to write block Create image Completeness Accuracy Create MD5 hash

Forensics tools Encase nGenius Flow Recorder Guidance software Allows for a digital snapshot of the storage medium under investigation nGenius Flow Recorder Security-hardened, Linux-based appliance that continuously captures, stores, and analyzes large volumes of network traffic

Encase Most popular Specifically designed for law enforcement Creates mirrored images User friendly interface

Creation of MD5 with Encase File Integrity: Completely Verified, 0 Errors. Acquisition Hash: 340C8B5EF96DCCEE4B552CE084CCF941 Verification Hash: 340C8B5EF96DCCEE4B552CE084CCF941

nGenius Flow Recorder Available in two appliances Enterprise appliance platform Workgroup appliance platform Allows for 24x7 recording and diagnosis

Advantages of nGenius Deep traffic stream capture Provide packet-level visibility Application reconstruction/playback Complete post-event analysis Automatic notification Network forensics analysis

Digital Forensics Example Chandra Levy Missing April 30, 2001 Used e-mail and the internet prior to disappearance Ultimately led to her whereabouts a year later

Conclusion There are many areas where digital forensics is applicable One of the largest growing fields requiring knowledge across different spectrums Allows for numerous job opportunities in specialized areas

Questions ?

References www.protiviti.com www.nGeniusflowrecorder.com www.computerforensics-wikpedia.com Personal notes

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.