Ad Hoc Phase Structured Phase Enterprise Phase

Slides:



Advertisements
Similar presentations
TECHNO-TONOMY Privacy & Autonomy in a Networked World Learning Module 2: Legislating Privacy: Your Rights.
Advertisements

Computer Forensics.
Evidence Collection & Admissibility Computer Forensics BACS 371.
An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.
Guide to Computer Forensics and Investigations, Second Edition
BACS 371 Computer Forensics
What’s Next What We believe Who We Are Cloud Computing Big data Mobility Social Enterprise.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2011 Legal, Regulations, Compliance and Investigations.
Evidence Computer Forensics. Law Enforcement vs. Citizens  Search must have probable cause –4 th amendment search warrant  Private citizen not subject.
Chapter 18 Lesson Goal After completing this lesson, the student shall be able to identify indicators of an incendiary fire and protect and preserve evidence.
COS/PSA 413 Day 3. Agenda Questions? Blackboard access? Assignment 1 due September 3:35PM –Hands-On Project 1-2 and 2-2 on page 26 of the text Finish.
LESSONS AND BEST PRACTICES IN POLICE REDESIGN MEXICO CITY, MEXICO JULY 14, 2005.
By Drudeisha Madhub Data Protection Commissioner Date:
COEN 252 Computer Forensics Introduction to Computer Forensics  Thomas Schwarz, S.J w/ T. Scocca.
Learning Objective 1 Describe types of evidence used to indicate the area of origin or fire cause.
COEN 152 Computer Forensics Introduction to Computer Forensics.
Introduction to Data Forensics CIS302 Harry R. Erwin, PhD School of Computing and Technology University of Sunderland.
An Event-based Digital Forensic Investigation Framework Brian D. Carrier Eugene H. Spafford DFRWS 2004.
Guide to Computer Forensics and Investigations, Second Edition
Security in Practice Enterprise Security. Business Continuity Ability of an organization to maintain its operations and services in the face of a disruptive.
Internet and Computer Rules If you want to use the computers you need to follow the rules.
Computer Forensics Principles and Practices
An Introduction to Computer Forensics Jim Lindsey Western Kentucky University.
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. System Forensics, Investigation, and Response.
COEN 252 Computer Forensics Introduction to Computer Forensics  Thomas Schwarz, S.J
COEN 252 Computer Forensics Introduction to Computer Forensics  Thomas Schwarz, S.J
Pre-Trial Procedures Search and Seizure.  The law seeks to balance individual’s right to privacy and need for police to conduct a thorough investigation.
An Introduction to Computer Forensics Jim Lindsey Western Kentucky University September 28, 2007.
 It is a branch of FORENSIC SCIENCE for legal evidence found in computer  It refers to detail investigation of the computers to carry out required tasks.
Slides copyright 2010 by Paladin Group, LLC used with permission by UMBC Training Centers, LLC.
Crime Scene Investigator. About Crime scene investigators (CSIs) go by many names, including: –evidence technician, –crime scene technician, –forensic.
 Forensics  Application of scientific knowledge to a problem  Computer Forensics  Application of the scientific method in reconstructing a sequence.
Computer Forensics Presented By:  Anam Sattar  Anum Ijaz  Tayyaba Shaffqat  Daniyal Qadeer Butt  Usman Rashid.
Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.
Privacy Issues - Watch Out! John D.R. Craig ORIMS Professional Development Day March 19, 2013.
ONLINE COURSES - SIFS FORENSIC SCIENCE PROGRAMME - 2 Our online course instructors are working professionals handling real-life cases related to various.
By: Jeremy Henry. Road Map  What is a cybercrime?  Statistics.  Tools used by an investigator.  Techniques and procedures used.  Specific case.
Internet Privacy Define PRIVACY? How important is internet privacy to you? What privacy settings do you utilize for your social media sites?
Digital Forensics Market Analysis: By Forensic Tools; By Application (Network Forensics, Mobile Forensics, Database Forensics, Computer Forensics) - Forecast.
Cell Phone Forensics Investigator - ICFECI
Creating a Culture of Privacy Michael Kaiser Executive Director National Cyber Security
Computer Forensics. OVERVIEW OF SEMINAR Introduction Introduction Defining Cyber Crime Defining Cyber Crime Cyber Crime Cyber Crime Cyber Crime As Global.
By Jason Swoyer.  Computer forensics is a branch of forensic science pertaining to legal evidence found in computers and digital storage mediums.  Computer.
Prof. Dr. Lorena Bachmaier, Universidad Complutense Madrid, Spain Section III- Criminal Procedure Information Society and Penal Law Lorena Bachmaier Doha,
Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (
Digital Forensics Anthony Lawrence. Overview Digital forensics is a branch of forensics focusing on investigating electronic devises. Important in for.
CHAP 6 – COMPUTER FORENSIC ANALYSIS. 2 Objectives Of Analysis Process During Investigation: The purpose of this process is to discover and recover evidences.
Chapter 17 Computer Crime Hess Introduction Computer crimes are relatively easy to commit and difficult to detect Most computer crimes are not prosecuted.
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Creighton Barrett Dalhousie University Archives
Chapter 13: The IT Professional
Instructor Materials Chapter 13: The IT Professional
PowerPoint presentation
Legal, Regulations, Compliance and Investigations
Computer Forensics 1 1.
Guide to Computer Forensics and Investigations Fifth Edition
Introduction to Computer Forensics
Computer Forensics Discovery and recovery of digital evidence
Introduction to Computer Forensics
Digital Citizenship Background & Definitions
FILE CARVING: Reassembling files from fragments of bytes/hex data on a digital device.
FILE CARVING: Reassembling files from fragments of bytes/hex data on a digital device.
Health Care: Privacy in a Digital Age
Pre-Trial Procedures Search and Seizure.
Fourth Amendment: “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall.
1 Advanced Cyber Security Forensics Training for Law Enforcement Building Advanced Forensics & Digital Evidence Human Resource in the Law Enforcement sector.
Search laws CLU3ME: Unit #3 - Day Five.
Chapter 13: The IT Professional
Introduction to Digital Forensics
Presentation transcript:

Ad Hoc Phase Structured Phase Enterprise Phase “The ability to convert computer evidence into ‘physical’ evidence fueled the need for computer forensics” (p. 496) Ad Hoc Phase Structured Phase Enterprise Phase THE Ad Hoc Phase ‘Lack of formal structure, protocols, training, and adequate tools’ (p. 497)

THE Ad Hoc Phase “during the Ad Hoc phase, upper management lacked specific company policies defining ‘appropriate vs. inappropriate computer usage’ as well as procedures for due process” “when these inappropriate use cases did make it to trial, the courts raised questions about the chain-of-custody procedures and accuracy of forensic tools” (p. 497)

Chain of custody “the chronological documentation of evidence as it is processed during the investigation (i.e., seizure, custody, transfer, and analysis)” Accuracy “integrity of the data, such as whether or not the evidence remains unchanged”

Read pages 2,3,4 OR 4,5,6 Find someone sitting on the other side of the classroom. Summarize the three pages you read to them and listen to their summary of the three pages they read. https://www.oipc.bc.ca/guidance-documents/2098

THE Structured Phase and the Golden Age: Legislations and Professional Training Protecting Canadians from Online Crime Act: http://laws-lois.justice.gc.ca/eng/annualstatutes/2014_31/page-1.html#h-1 Digital Privacy Act: http://laws-lois.justice.gc.ca/eng/AnnualStatutes/2015_32/page-1.html Identify TWO cybercrimes that are recognized in the Protecting Canadians from Online Crime Act Identify ONE cybercrime that is unrecognized or partially recognized by the Protecting Canadians from Online Crime Act

THE Structured Phase and the Golden Age: Legislations and Professional Training--Canada Protecting Canadians from Online Crime Act: http://laws-lois.justice.gc.ca/eng/annualstatutes/2014_31/page-1.html#h-1 Digital Privacy Act: http://laws-lois.justice.gc.ca/eng/AnnualStatutes/2015_32/page-1.html Identify ONE requirement specified by the Protecting Canadians from Online Crime Act on how a digital investigation should be conducted. Identify ONE requirement specified by the Digital Privacy Act on how to seek consent from clients/employees to share their private data.

Open Source Forensic Tools Everyone can see the source code of the application. When they see the source code, users know exactly what files the open source forensic tool is accessing, modifying, and producing Open Source Tools are controversial because they can be seen by cyber criminals as well Closed Source Forensic Tools Users do not see the source code. Users cannot modify the source code and the behavior of the Forensic tool. Source code is unavailable to criminals

Ad Hoc Phase Structured Phase Enterprise Phase Ad Hoc: No laws, no defined regulations and protocols Structured: Clear legal definitions of cybercrime and what makes digital evidence admissible in courts. Golden Age: Proliferation of open source and black box tools Future ? Internet of Things

Internet of things: devices that generate timelines and data about our movements, our activities, our physical and mental state, etc. Devices send/receive data Your organization has asked you to purchase internet of things devices that could provide valuable security data in case corporate digital forensics investigation needs to be conducted in the future. What devices would you buy ? https://www.youtube.com/watch?v=9CemONO6vrY

Internet of things: devices that generate timelines and data about our movements, our activities, our physical and mental state, etc. Hypothetical Scenario: A school requires pupils to wear digital watches. These digital watches track the location of the pupils, the watches can also be used to purchase food from the cafeteria with money loaded by parents through an App Is this security or surveillance? When does security become surveillance (There is no definite answer, it is an ongoing dialogue)

“Law enforcement analyzed the smart water meter and learned that an abnormal amount of water was used during a two-hour window on the evening of the murder. Law enforcement believed that this data indicated that James Bates cleaned up the murder scene during this two-hour period” (p. 503) Two concepts from statistics help us assess whether an amount is normal and abnormal: The mean (average) and the standard deviation

THE DIGITAL FORENSICS PROCESS Identification social media, devices, IoT, hidden flash drives Collection Should respect privacy rights and the law of search and seizure Analysis Use digital data to uncover details about the crime Reporting Reporting the results of the investigation. Detailed, transparent, scientifically and forensically sound statements THE DIGITAL FORENSICS PROCESS

Evidence preservation Hashing Collection Should respect privacy rights and the law of search and seizure Evidence preservation Hashing Bit by bit copying of the data to another hard drive Process transparency Documenting the chain of custody Checking for evidence integrity

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.