Forensic Recovery of Evidence Device (FRED)

Slides:

Advertisements

Similar presentations

P ROCESSING ELECTRONIC RECORDS Handling removable and fixed media in manuscript collections Meghan Bannon, Center for the History of Medicine, Harvard.

Advertisements

GETTING BITS OFF DISKS Using Open Source Tools to Prepare Born-Digital Materials for Long-Term Preservation and Access To connect to the audio portion.

Microsoft Confidential Solution Overview: Foxit Software Corporation’s PDF Security Suite.

Effective Discovery Techniques In Computer Crime Cases.

An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.

Guide to Computer Forensics and Investigations Fourth Edition

1 The Five Parts of an Information System

COS413 Capstone – EnCase Software Review Nathan Perkins.

COS/PSA 413 Day 3. Agenda Questions? Blackboard access? Assignment 1 due September 3:35PM –Hands-On Project 1-2 and 2-2 on page 26 of the text Finish.

Guide to Computer Forensics and Investigations Third Edition Chapter 7 Current Computer Forensics Tools.

COS/PSA 413 Day 5. Agenda Questions? Assignment 2 Redo –Due September 3:35 PM Assignment 3 posted –Due September 3:35 PM Quiz 1 on September.

Chapter 5 System Software.

Hardware and Multimedia Chapter 4. 4 Personal Computers (PCs) PCs are computers that can be: Used by individuals at home, work, or school Desktop models.

Chapter 8 Operating Systems and Utility Programs By: James Granahan.

OPERATING SYSTEMS AND SYSTEMS SOFTWARE. SYSTEMS SOFTWARE Systems software consists of the programs that control the operations of the computer and its.

Applying Digital Forensic techniques to AIM Gareth Knight, FIDO Project Manager Anatomy Theatre & Museum, King’s College London 15 th August 2011.

COEN 252 Computer Forensics Forensic Duplication of Hard Drives.

COEN 252 Computer Forensics

Capturing Computer Evidence Extracting Information.

Guide to Computer Forensics and Investigations, Second Edition

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 14: Problem Recovery.

Guide to Computer Forensics and Investigations, Second Edition Chapter 9 Data Acquisition.

Passwords, Encryption Forensic Tools

CYBER FORENSICS PRESENTER: JACO VENTER. CYBER FORENSICS - AGENDA Dealing with electronic evidence – Non or Cyber Experts Forensic Imaging / Forensic Application.

The Impact of Physical Security on Network Security

Issue: Unknown / Unrecognized Filesystems Initial Analysis Extract Metadata Identify Restricted Info Identify Duplicates Generate Reports.

TC2-Computer Literacy Mr. Sencer February 8, 2010.

Untitled (Hidden Track): Born Digital Content Preservation Service at UIUC Tracy Popp, MS LIS, CAS Digital Preservation Coordinator University Library.

BACS 371 Computer Forensics

Computing Fundamentals Module A Unit 2: Using Windows Vista LessonTopic 8Looking at Operating Systems 9Looking at the Windows Desktop 10Starting Application.

Guide to Computer Forensics and Investigations, Second Edition Chapter 2 Understanding Computer Investigation.

Computers Are Your Future Eleventh Edition Chapter 4: System Software Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall1.

1 AQA ICT AS Level © Nelson Thornes 2008 Operating Systems What are they and why do we need them?

Preserving Evidence ● Number one priority ● Must also find incriminating evidence ● Must search the contents of the hard drive ● Can not change the hard.

Recordkeeping for Good Governance Toolkit Digital Recordkeeping Guidance Funafuti, Tuvalu – June 2013.

Copyright 2013 © President & Fellows of Harvard College Digital Forensics at Harvard Business School NE NDSA Lightning Talk, 10 May 2013 Rachel Wise, Baker.

Section 2 Section 2.1 Identify hardware Describe processing components Compare and contrast input and output devices Compare and contrast storage devices.

Systems Software Operating Systems. What is software? Software is the term that we use for all the programs and data that we use with a computer system.

1 The Five Parts of an Information System

Computers Computer & Internet Security How Computer Forensics Works What is the Year 2038 problem? Could hackers devastate the U.S. economy?

System Software Chapter Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved.

What to do with the Bits? Triage, First Aid, Clean Room Patricia Galloway School of Information University of Texas at Austin.

Chapter 2 Understanding Computer Investigations Guide to Computer Forensics and Investigations Fourth Edition.

Chapter 5 Processing Crime and Incident Scenes Guide to Computer Forensics and Investigations Fourth Edition.

Computer Forensics Presented By:  Anam Sattar  Anum Ijaz  Tayyaba Shaffqat  Daniyal Qadeer Butt  Usman Rashid.

Forensics Jeff Wang Code Mentor: John Zhu (IT Support)

Describe the potential of IT to improve internal and external communications By Jim Green.

COMPUTER SYSTEM TOOLS. SCANDISK MICROSOFT UTILITY PURCHASED FROM NORTON, WHICH IS NOW SYMANTEC; INCLUDED WITH MS-DOS 6.2 AND ON AS WELL AS ALL VERSIONS.

Digital Archives You Can Do It! The Collective - March 2016 Paul Kelly - Digital Archivist - The Catholic University of America.

COEN 252 Computer Forensics Forensic Duplication of Hard Drives.

Computer Forensics Tim Foley COSC 480 Nov. 17, 2006.

Computer Forensics By Chris Brown. Computer Forensics Defined Applying computer science to aid in the legal process Utilization of predefined set of procedures.

Chapter 8 Forensic Duplication Spring Incident Response & Computer Forensics.

By: Tom Maloney. Overview What is ProDiscover What it can be used for A few quick tools A real example ProDiscover vs. ENCASE ProDiscover IR Applications.

CHAPTER 2 COMPUTER SOFTWARE. LEARNING OUTCOMES At the end of this class, students should be able to:  Explain the significance of software  Define and.

By: Tom Maloney. Overview What is ProDiscover What it can be used for A few quick tools A real example ProDiscover vs. ENCASE ProDiscover IR Applications.

Creighton Barrett Dalhousie University Archives

AS ICT Module 2 Objectives: Security of Data

Chapter 4: Application Software

HOW TO RECOVER DELETED PHOTOS FROM HP LAPTOP?. Every user faces this terrifying moment where users pressed the button labeled “Delete All” unwillingly.

Part 1 - "Vintage Tech" - Intro to legacy media

Operating Systems What are they and why do we need them?

CHFI & Digital Forensics [Part.1] - Basics & FTK Imager

©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.

The Operating system Gives life to the hardware

Operating Systems Tasks 04/04/2019.

A Brief Introduction to Digital Forensics

A very basic introduction

Operating Systems Tasks 05/08/2019.

Overview of Computer system

Presentation transcript:

Forensic Recovery of Evidence Device (FRED) Allen Kwan

The Problem…

The Problem…

The Problem…

The Problem…

The Solution: FRED Purpose-built computer for digital forensics. Specifically a tool to copy files from a carrier of digital information securely and with no risk of modifying business (or archival) records.

Write Blockers FRED comes installed with Forensic Bridges or Write Blockers that allow for a wide variety of interfaces and prevent the user or operating system from modifying files on the carrier.

Floppy Disks Other specialized hardware allows for access to 3.5”, 5.25” and even 8” floppy disks. This hardware also serves as a write blocker, ensuring the safe handling of any files that exist on the disk. Able to process Mac or Windows disks.

Software Software allows you to make a copy of a disk/hard drive and analyze its content. FTK Imager creates a 1-to-1 copy of the original disk called a forensic image. BitCurator and Autopsy analyzes forensic images to produce reports on the types of files and potential personally identifiable information.

Putting it together into a Workflow Archives of Ontario workflow developed by Blanche Joslin

Further Information Allen Kwan pmo.student@ontario.ca, allen.kwan@mail.utoronto.ca recordkeeping@ontario.ca