A Brief Introduction to Digital Forensics

Slides:



Advertisements
Similar presentations
GETTING BITS OFF DISKS Using Open Source Tools to Prepare Born-Digital Materials for Long-Term Preservation and Access To connect to the audio portion.
Advertisements

Digital Preservation - Its all about the metadata right? “Metadata and Digital Preservation: How Much Do We Really Need?” SAA 2014 Panel Saturday, August.
A centre of expertise in data curation and preservation MIS Seminar :: University of Edinburgh :: 2 October 2006 Funded by: This work is licensed under.
An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.
BACS 371 Computer Forensics
1 Extending the Implementation of PREMIS to Geospatial Resources in the Stanford Digital Repository: An Exploration By Nancy J. Hoebelheinrich Metadata.
Z39.87 at DCAPS Oya Rieger & Danielle Mericle Digital Media Group, DCAPS May 2005 CUL Metadata Forum.
Brief Overview of Major Enhancements to PAWN. Producer – Archive Workflow Network (PAWN) Distributed and secure ingestion of digital objects into the.
PAWN: A Novel Ingestion Workflow Technology for Digital Preservation
AIP Archival Information Package – Defines how digital objects and its associated metadata are packaged using XML based files. METS (binding file) MODS.
COS/PSA 413 Day 3. Agenda Questions? Blackboard access? Assignment 1 due September 3:35PM –Hands-On Project 1-2 and 2-2 on page 26 of the text Finish.
PAWN: A Novel Ingestion Workflow Technology for Digital Preservation Mike Smorul, Joseph JaJa, Yang Wang, and Fritz McCall.
COEN 252 Computer Forensics Forensic Duplication of Hard Drives.
COEN 252 Computer Forensics
Metadata standards, tools and processes for audio preservation at the British Library: An overview of new systems for audio description, preservation and.
Issue: Unknown / Unrecognized Filesystems Initial Analysis Extract Metadata Identify Restricted Info Identify Duplicates Generate Reports.
Software CSI -- Effects of Computer-Resident Evidence September 12, 2008 Southern California Software Process Improvement Network (SCSPIN) John Cosgrove,
Untitled (Hidden Track): Born Digital Content Preservation Service at UIUC Tracy Popp, MS LIS, CAS Digital Preservation Coordinator University Library.
How to make your investigation more complete in less time.
Automated Archiving of DVD Content Esteva, Vega, Nieto, Scott, Gunnels, Kumar, Lamphear, Henriksen, Lee, Martin TCDL 2013.
Jenn Riley Metadata Librarian Indiana University Digital Library Program.
Copyright 2013 © President & Fellows of Harvard College Digital Forensics at Harvard Business School NE NDSA Lightning Talk, 10 May 2013 Rachel Wise, Baker.
How to build your own Dark Archive (in your spare time) Priscilla Caplan FCLA.
Digital Preservation 101, or, How to Keep Bits for Centuries Julie C. Swierczek Digital Asset Manager and Digital Archivist Harvard Art Museums.
Introduction to Digital Forensics Florian Buchholz.
DIGITAL FORENSICS Forensic Toolkit: a tool to process born digital records Emma Jolley Curator of Digital Archives.
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. System Forensics, Investigation, and Response.
DAITSS: Dark Archive in the Sunshine State Priscilla Caplan, Florida Center for Library Automation DCC Workshop on Long-term Curation within Digital Repositories.
Libraries, Archives, and Digital Preservation: The Reality of What We Must Do Leslie Johnston Acting Director, National Digital Information Infrastructure.
Module 13: Computer Investigations Introduction Digital Evidence Preserving Evidence Analysis of Digital Evidence Writing Investigative Reports Proven.
PREMIS Rathachai Chawuthai Information Management CSIM / AIT.
Digital Preservation: Current Thinking Anne Gilliland-Swetland Department of Information Studies.
Digital preservation activities at the NLW Sally McInnes 18 September 2009.
1J. M. Kizza - Ethical And Social Issues Module 13: Computer Investigations Introduction Introduction Digital Evidence Digital Evidence Preserving Evidence.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #4 Data Acquisition September 8, 2008.
Habing1 Integrating PREMIS and METS PREMIS Tutorial Implementers’ Panel June 21, 2007, 9:00-5:30 Library of Congress, Jefferson Building, Whittall.
What to do with the Bits? Triage, First Aid, Clean Room Patricia Galloway School of Information University of Texas at Austin.
Chapter 2 Understanding Computer Investigations Guide to Computer Forensics and Investigations Fourth Edition.
Chapter 5 Processing Crime and Incident Scenes Guide to Computer Forensics and Investigations Fourth Edition.
 Forensics  Application of scientific knowledge to a problem  Computer Forensics  Application of the scientific method in reconstructing a sequence.
PREMIS Data Dictionary and the Future of Preservation Metadata Brian Lavoie Research Scientist OCLC Research Society of American Archivists.
HDF and HDF-EOS: Implications for Long-Term Archiving and Data Access.
Lifecycle Metadata for Digital Objects November 15, 2004 Preservation Metadata.
U.S. Department of the Interior U.S. Geological Survey Records Management Practices: Doing Right by the Records John Faundeen ASPRS May 1, 2008 Portland,
@ulccwww.ulcc.ac.uk IRMS Cymru October 2015 From EDRMS to digital archive: a wish-list for ways to preserve digital records.
Digital Archives You Can Do It! The Collective - March 2016 Paul Kelly - Digital Archivist - The Catholic University of America.
Data Wrangling: Developing Local Best Practice for Born Digital Metadata Tracy Popp, Digital Preservation Coordinator Ayla Stein, Metadata Librarian University.
COEN 252 Computer Forensics Forensic Duplication of Hard Drives.
Computer Forensics Tim Foley COSC 480 Nov. 17, 2006.
Chapter 8 Forensic Duplication Spring Incident Response & Computer Forensics.
Digital Preservation What, Why, and How? Dan Albertson’s Digital Libraries Class April 13, 2016 Jody DeRidder Head, Metadata & Digital Services University.
Archivists' Toolkit - All Hands Meeting Scope Both multilevel and single-level description Accommodates description of collections, series, sub-series,
13 July 2005 Archives Hub day conference The Paradigm Project: The University of Oxford & The University of Manchester
Data Management and Archival Storage Bojana Tasić FORS SEEDS Workshop I Belgrade, October.
bitcurator-access-webtools Quick Start Guide
Creighton Barrett Dalhousie University Archives
APTrust and Georgetown University Library
Tools for identifying duplicate files and known software files
Topics in Born Digital Archiving
Wikidata as a digital preservation knowledgebase
DAITSS: Dark Archive in the Sunshine State
Exercise: understanding authenticity evidence
Exercise: understanding authenticity evidence
Value in a digital environment
Integrating PREMIS and METS
CHFI & Digital Forensics [Part.1] - Basics & FTK Imager
Automation and Scalability in Digital Preservation
bitcurator-access-webtools Quick Start Guide
Forensic Recovery of Evidence Device (FRED)
Radical Collaboration between Computer Science and Archival Science to Educate Next Generation Archivists Jane Zhang Catholic University of America 2019.
Presentation transcript:

A Brief Introduction to Digital Forensics Based in large part on the July 29, 2014 BitCurator workshop at METRO, as well as the SAA DAS curriculum *** Kevin Schlottmann November 23, 2015

What is digital forensics? "…identifying, preserving, analyzing, and presenting digital evidence…" http://aic.gov.au/documents/9/C/A/%7B9CA41AE8-EADB-4BBF-9894-64E0DF87BDF7%7Dti118.pdf

Briefest history of digital media Trends – more density; cheaper; more and more transactions done and stored digitally

Why apply digital forensics? *To ensure data integrity and ease automation and processing

Why apply digital forensics? *In other words: preserve significant properties such as authenticity and reliability Edmund Locard

Why apply digital forensics? *In other words: to ensure provenance, original order, chain of custody, and context of digital objects Disk image; layers; MAC times; deleted items; temp files; file system and OS information; one checksum to manage; an image is das Ding an sich; SIP/AIP

Just one part of the plan

BC, FTK, USB, JHOVE, E01, METS, PREMIS Many, many tools BC, FTK, USB, JHOVE, E01, METS, PREMIS

What is BitCurator? *Customized Linux OS running in virtual machine with a tightly integrated, well-documented suite of open-source digital forensics tools

What is BitCurator? *Customized Linux OS running in virtual machine…

What is BitCurator? *Customized Linux OS running in virtual machine…

What is BitCurator? *…a tightly integrated, well-documented suite of open-source digital forensics tools

1. Creating a disk image

2. Analyzing the disk image

3. Create access copy

Just one part of the plan

Who is doing this work? http://www.trevorowens.org/2014/06/digital-archivists-doing-or-leading-the-digital/

What skills might digital archivists have? Firm understanding of archival principles: provenance, original order, creation context Firm understanding of archival standards: levels of description, DACS, the EAC suite Outlines of METS, MARC/MODS/DC, PREMIS, and how they might fit together Metadata wrangling tools: Excel, csv, OpenRefine A “power tool” : XSLT, xQuery, command-line tools (grep, sed), or Python Actionable curiosity http://gavialib.com/2013/09/the-one-skill/

What am I doing right now? Using METS files to manage disk images ePADD for email processing

Just one part of the plan

Additional Reading Thank you! *BitCurator wiki [http://wiki.bitcurator.net/index.php?title=Main_Page] *From Bitstreams to Heritage report [http://www.bitcurator.net/docs/bitstreams-to-heritage.pdf] *You’ve Got to Walk Before You Can Run: First Steps for Managing Born-Digital Content Received on Physical Media [http://www.oclc.org/content/dam/research/publications/library/2012/2012-06.pdf?urlm=168601] Thank you!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.