CET4860 Mark Pollitt Associate Professor

Slides:

Advertisements

Similar presentations

Why to learn OSI reference Model? The answer is too simple that It tells us that how communication takes place between computers on internet but how??

Advertisements

An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.

Guide to Computer Forensics and Investigations, Second Edition

Computer Forensics and Digital Investigation – a brief introduction Ulf Larson/Erland Jonsson.

Unit 1: Getting Started. What is a network?? A group of two or more computers that are linked together. Network Interface Card (NIC), basic network software.

2.1 Chapter 2 Network Models Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

File Management Systems

Figure 3-8 WCB/McGraw-Hill  The McGraw-Hill Companies, Inc., 1998 Network Layer Example.

Senior Design Project 2004/2005 Web Enabled Calling Number Delivery Daniel St. Clair Barron Shurn Professor Soules 10/28/2004.

Chapter 5 - TRANSPORT and NETWORK LAYERS - Part 2 - Static and Dynamic Addressing Address Resolution Dr. V.T. Raja Oregon State University.

Overview of simple LANs. Networking basics: LAN TCP/IP is the protocol used in the Internet and dominates the internet and transport layers The subnet.

The Internet Protocol  Eliot Grove  Danny Friel  Stuart Anderson.

Advance evidence collection and analysis of web browser activity by Junhoon Oh David Rivera 11/7/2013 Digital Forensics.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—1-1 Building a Simple Network Understanding the Host-to-Host Communications Model.

Operating System & Application Files BACS 371 Computer Forensics.

MAC Address The Media Access Control (MAC) address is just as important as the IP address. The MAC address is a unique value associated with the network.

OS and Application Files BACS 371 Computer Forensics.

Capturing Computer Evidence Extracting Information.

1 Semester 2 Module 1 WANs and Routers Yuda college of business James Chen

Layer 4 of the TCP/IP protocol stack: Application level Services: TELNET, FTP, SMTP, HTTP, DNS, RIP, NFS Hierarchy of protocols and services.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—1-1  A network is a connected collection of devices (computers, interconnections, routers, and.

Building a Simple Serial Network © 2004 Cisco Systems, Inc. All rights reserved. Understanding the OSI Model INTRO v2.0—1-1.

Internet Addresses. Universal Identifiers Universal Communication Service - Communication system which allows any host to communicate with any other host.

Mr C Johnston ICT Teacher

Chapter 3 OSI Model The model Functions of the layers WCB/McGraw-Hill  The McGraw-Hill Companies, Inc., 1998.

Professional Development: Group 1 Career Topic COMPUTER FORENSICS.

Chapter 2 OSI Model and TCP/IP

Mixxer: Unified Storage and Access Control for Social Networks Tim Smith Adam Czajkowski.

1 and Internet Evidence Mark Pollitt Associate Professor, Engineering Technology.

Infrastructure in Teleradiology CONTENT 1. Introduction 2. Overview of Data Communication 3. Local Area Network 4. Wide Area Network 5. Emerging Technology.

LAN Devices  Purposes: Dividing the network into subnets Dividing the network into subnets Joining two networks together Joining two networks together.

An Introduction to Computer Forensics Jim Lindsey Western Kentucky University September 28, 2007.

The Windows Registry as a forensic resource Harlan Carvey /$ - see front matter a 2005 Elsevier Ltd. All rights reserved. doi: /j.diin

Networking Components 10/2/07. Parts of a Network Clients –Computers that request or order information from a server –Usually desktop computers with their.

CJ386-Unit 7 Review A questioned document is any material that contains marks, symbols or signs conveying a meaning or message and whose source or authenticity.

Chapter 5 Processing Crime and Incident Scenes Guide to Computer Forensics and Investigations Fourth Edition.

Page 1 Printing & Terminal Services Lecture 8 Hassan Shuja 11/16/2004.

Chapter 2 Network Models

Network Programming Chapter 1 Networking Concepts and Protocols.

Cisco Discovery Semester 1 Chapter 6 JEOPADY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.

TCP/IP. The idea behind TCP/IP is exactly the same we explained about the OSI reference model: when transmitting data, programs talk to the Application.

Digital Forensics. Hardware components Motherboard Motherboard System bus System bus CPU CPU ROM ROM RAM RAM HDD HDD Input devices Input devices Output.

Wednesday, August 7 th 2013 By the Improvisors.  An Internet Protocol (IP) address is a protocol rule which contains the address of a digital device.

The OSI Model An ISO (International standard Organization) that covers all aspects of network communications is the Open System Interconnection (OSI) model.

The OSI Model. Understanding the OSI Model In early 1980s, manufacturers began to standardize networking so that networks from different manufacturers.

Chapter 11 Analysis Methodology Spring Incident Response & Computer Forensics.

Also known as hardware/physi cal address Customer Computer (Client) Internet Service Provider (ISP) MAC Address Each Computer has: Given by NIC card.

Computer Forensics. OVERVIEW OF SEMINAR Introduction Introduction Defining Cyber Crime Defining Cyber Crime Cyber Crime Cyber Crime Cyber Crime As Global.

18-1 PRENTICE HALL ©2008 Pearson Education, Inc. Upper Saddle River, NJ FORENSIC SCIENCE An Introduction By Richard Saferstein.

WHAT IS A NETWORK TYPES OF NETWORK NETWORK HARDWARE

Backdoor Attacks.

Cisco Dumps - Reduce Your Chance To Failure

Chap. 2 Network Models.

© 2003, Cisco Systems, Inc. All rights reserved.

Pertemuan 19 Introduction to TCP/IP

Digital Classroom Initiative

Networking devices.

Computer Network.

Layer 1 of the TCP/IP protocol stack: Network Access Layer (NAL)

Introduction to Computer Forensics

Telecommunications and Networking

(Discussion and WS – Analysis of Electronic Data)

Computer Network.

الاثبات الجنائي عبر الانترنت

Introduction to Operating Systems

Hardware Organization

Understanding Forensic Images

INFORMATION FLOW ACROSS THE INTERNET

WJEC GCSE Computer Science

Digital Forensics Dr. Bhavani Thuraisingham

Presentation transcript:

CET4860 Mark Pollitt Associate Professor Hierarchy of Access CET4860 Mark Pollitt Associate Professor ©2005 DEPS, Inc.

How many objects do you see? ©2005 DEPS, Inc.

Computers are a mystery Wrapped in an enigma ©2005 DEPS, Inc.

Digital Forensics is like Peeling an Onion! Operating System File System File Physical Media Content Analysis ©2005 DEPS, Inc.

Hierarchy of Access User Computer Application Operating System File System File Storage Media Network (inc. NAS) Physical Media ©2005 DEPS, Inc.

Users If it weren’t for users… Our best friends and worst enemies If it weren’t for stupid criminals, I wouldn’t have a job! ©2005 DEPS, Inc.

Computer User Computer Application Operating System File System File Storage Media Network (inc. NAS) Physical Media ©2005 DEPS, Inc.

Hierarchy of Access User Computer Application Operating System File System File Storage Media Network (inc. NAS) Physical Media ©2005 DEPS, Inc.

Application Layer ©2005 DEPS, Inc.

Application Layer, cont. ©2005 DEPS, Inc.

Meta data ©2005 DEPS, Inc.

Operating Systems User Computer Application Operating System File System File Storage Media Network (inc. NAS) Physical Media ©2005 DEPS, Inc.

OS Debris Recently used files Temporary Internet Files Logs Cookies Cache files Spooler files Registry entries ©2005 DEPS, Inc.

Temporary Internet Files ©2005 DEPS, Inc.

Registry Entries ©2005 DEPS, Inc.

Hierarchy of Access User Application Network (inc. NAS) Operating System File System File Media Physical ©2005 DEPS, Inc.

©2005 DEPS, Inc.

Deleted Files ©2005 DEPS, Inc.

Hierarchy of Access User Computer Application Operating System File System File Storage Media Network (inc. NAS) Physical Media ©2005 DEPS, Inc.

From these ©2005 DEPS, Inc.

To this! ©2005 DEPS, Inc.

Hierarchy of Access User Computer Application Operating System File System File Storage Media Network (inc. NAS) Physical Media ©2005 DEPS, Inc.

Network Issues User Computer Application Operating System File System Storage Media Network (inc. NAS) Physical Media ©2005 DEPS, Inc.

Network Logs ©2005 DEPS, Inc.

Hierarchy of Access User Network (inc. NAS) Computer Application Operating System File System File Storage Media Physical Media ©2005 DEPS, Inc.

As we have seen… Digital crime scenes often have three loci: The victim system(s) The perpetrator's system(s) Network devices which connect the first two We need to take the same layered approach to both the static (stored information) and the dynamic (information in transit) ©2005 DEPS, Inc.

OSI stack / model Application OS Presentation Session NOS Transport Cables NIC / Drivers NOS OS Presentation Each layer May provide potential evidence! Session Transport Network Data - link Physical ©2005 DEPS, Inc.

Network Forensics T H H U U T H T T H U Data T H U T H U ©2005 DEPS, Inc.

Thank You for your Attention! ©2005 DEPS, Inc.