MSc in Business Information Technology

Slides:

Advertisements

Similar presentations

1 Computer Forensics Michael Watson Director of Security Incident Management NSAA Conference 10/2/

Advertisements

Practical Application of Computer Forensics Lisa Outlaw, CISA, CISSP, ITIL Certified.

PGCE Secondary ICT SS Session 1. Sessions Overview of course and assignment Overview of course and assignment Using ICT to facilitate learning in Literacy.

Computer Forensics.

Digital Preservation - Its all about the metadata right? “Metadata and Digital Preservation: How Much Do We Really Need?” SAA 2014 Panel Saturday, August.

2 Language of Computer Crime Investigation

E-Discovery for System Administrators Russell M. Shumway.

We’ve got what it takes to take what you got! NETWORK FORENSICS.

Computer Forensics and Digital Investigation – a brief introduction Ulf Larson/Erland Jonsson.

Teaching Computer Forensics Using Student Developed Evidence Files Anna Carlin Cal Poly Pomona.

Forensic and Investigative Accounting

Guide to Computer Forensics and Investigations Fourth Edition

Pertemuan 7-8 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

AUDITING INFORMATION TECHNOLOGY USING COMPUTER ASSISTED AUDIT TOOLS AND TECHNIQUES.

What is meant by computer forensics?  Principle, Function of computer forensics.  History about computer forensics.  Needs of computer forensics.

Evolution of Data Analysis

Computer Forensics Mr.PRAWEE PROMPONMUANG M.Sc(Forensic Science) NO

By Drudeisha Madhub Data Protection Commissioner Date:

COEN 252 Computer Forensics

COEN 252 Computer Forensics Introduction to Computer Forensics  Thomas Schwarz, S.J w/ T. Scocca.

T OWARDS S TANDARDS IN D IGITAL F ORENSICS E DUCATION.

CYBER FORENSICS PRESENTER: JACO VENTER. CYBER FORENSICS - AGENDA Dealing with electronic evidence – Non or Cyber Experts Forensic Imaging / Forensic Application.

An Event-based Digital Forensic Investigation Framework Brian D. Carrier Eugene H. Spafford DFRWS 2004.

Guide to Computer Forensics and Investigations Fourth Edition

Phases of Computer Forensics 1 Computer Forensics BACS Management Information Systems for the Information Age 5e, Haag, Cummings, McCubbrey, 2005,

CS101: Introduction to Computing Instructors: Badre Munir, Usman Adeel, Zahid Irfan & Maria Riaz Faculty of Computer Science and Engineering GIK Institute.

Use of IT Resources for Evidence Gathering & Analysis Use of IT Resources for Evidence Gathering & Analysis Raymond SO Wing-keung Assistant Director Independent.

Security in Practice Enterprise Security. Business Continuity Ability of an organization to maintain its operations and services in the face of a disruptive.

Defining Digital Forensic Examination & Analysis Tools Brian Carrier.

7 Handling a Digital Crime Scene Dr. John P. Abraham Professor UTPA.

Nuclear Forensic Technology Lecture 1 Terry A. Ring.

1 and Internet Evidence Mark Pollitt Associate Professor, Engineering Technology.

Computer Forensics Principles and Practices

Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2011 Lecture 11 09/27/2011 Security and Privacy in Cloud Computing.

Training and Certification. Who needs digital forensic training and professional certification? Forensic examiners Investigators Crime scene specialists.

Computer Forensics Peter Caggiano. Outline My Background What is it? What Can it do and not do? Goals Evidence Types of forensics Future problems How.

CLOUD COMPUTING Overview on cloud computing. Cloud vendors. Cloud computing is a type of internet based computing where we use a network of remote servers.

Module 13: Computer Investigations Introduction Digital Evidence Preserving Evidence Analysis of Digital Evidence Writing Investigative Reports Proven.

1J. M. Kizza - Ethical And Social Issues Module 13: Computer Investigations Introduction Introduction Digital Evidence Digital Evidence Preserving Evidence.

Document Clustering for Forensic Analysis: An Approach for Improving Computer Inspection.

Computer Forensics An introduction Jessie Dunbar, Jr. Lynn Johnston Andrew Preece Kathy Spaulding September 18, 2007.

Chapter 5 Processing Crime and Incident Scenes Guide to Computer Forensics and Investigations Fourth Edition.

Digital forensic as tool for fighting cyber crime in Nigeria

CJ 317 – Computer Forensics

Computer Forensics Presented By:  Anam Sattar  Anum Ijaz  Tayyaba Shaffqat  Daniyal Qadeer Butt  Usman Rashid.

Forensics Jeff Wang Code Mentor: John Zhu (IT Support)

Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.

Unit 19 Computer Music Systems 1 Examine the hardware options available for the composition and production of music using computer technology assess the.

Digital Preservation: The State of the Art November 1999 Update Marc Fresko CONSOLIDATING THE EUROPEAN LIBRARY SPACE - 18 NOVEMBER 1999 © Copyright Applerace.

Forensic and Investigative Accounting Chapter 13 Computer Forensics: A Brief Introduction © 2007 CCH. All Rights Reserved W. Peterson Ave. Chicago,

ONLINE COURSES - SIFS FORENSIC SCIENCE PROGRAMME - 2 Our online course instructors are working professionals handling real-life cases related to various.

By: Jeremy Henry. Road Map  What is a cybercrime?  Statistics.  Tools used by an investigator.  Techniques and procedures used.  Specific case.

Digital Forensics Market Analysis: By Forensic Tools; By Application (Network Forensics, Mobile Forensics, Database Forensics, Computer Forensics) - Forecast.

Computer Forensics By Chris Brown. Computer Forensics Defined Applying computer science to aid in the legal process Utilization of predefined set of procedures.

The Digital Forensics Landscape Michael Jones. Digital Forensics To establish: – What was done, by whom, when, and how – Limited consideration of why.

Triage and Analysing Large Numbers of Files Michael Jones.

Digital Evidence Acquisition Using Cyberforensics Tools Oral Paper Presentation Graduate Student Research Development Day Virtual Conference October 25,

Computer Forensics. OVERVIEW OF SEMINAR Introduction Introduction Defining Cyber Crime Defining Cyber Crime Cyber Crime Cyber Crime Cyber Crime As Global.

Digital Forensics and Hand Held Devices Robert Trimble COSC

MANAGEMENT of INFORMATION SECURITY, Fifth Edition

Creighton Barrett Dalhousie University Archives

PhD Oral Exam Presentation

Digital Battlefield Forensics

©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.

Digital Forensics Chris Rozic.

Introduction to Digital Forensics

Exam Information CSI5107 Network Security.

Ad Hoc Phase Structured Phase Enterprise Phase

1 Advanced Cyber Security Forensics Training for Law Enforcement Building Advanced Forensics & Digital Evidence Human Resource in the Law Enforcement sector.

Forensic science By Benny Barrigan.

Presentation transcript:

MSc in Business Information Technology An Introduction to Digital Forensics Madli Kaju, 104992IABM MSc in Business Information Technology

Agenda Introduction Approach and process of Digital Forensics Digital Forensics tools State of play of Digital Forensics Conclusion

Digital Forensics is processes of analysing and evaluating digital data as evidence The science of locating, extracting and analysing different types of data from different devices, which specialists then interpret to server as legal evidence (Marcella, Menendez 2008) The practice of scientifically derived and proven technical methods and tools toward the preservation, collection, validation, identification, analysis, interpretation, documentation and presentation of after-the-fact digital information derived from digital sources for the purpose of facilitating or furthering the reconstruction of events as forensic evidence (Willassen, Mjolsnes 2005)

After 40 years of history, Digital Forensics is heading towards a crisis Early years (1970s-1990s) Hardware, software, and application diversity A proliferation of data file formats Heavy reliance on time-sharing and centralized computing facilities Absence of formal process, tools, and training „Golden years“ (1990s-2000s) The widespread use of Microsoft Windows, and specifically Windows XP Relatively few file formats of forensic interest Examinations largely confined to a single computer system belonging to the subject of the investigation Storage devices equipped with standard interfaces (IDE/ ATA) Era of crisis (2010s-...) Growing size of storage devices Increasing prevalence of embedded flash storage Proliferation of hardware interfaces Proliferation of operating systems and file formats Pervasive encryption Use of the “cloud” for remote processing and storage, splitting a single data structure into elements Source: Garfinkel, SimsonL., „Digital Forensics Research: The Next 10 years“, 2010

Agenda Introduction Approach and process of Digital Forensics Digital Forensics tools State of play of Digital Forensics Conclusion

Digital Forensics consists of various steps and techniques The process of digital forensics is typically as follows: Preservation of the state of the device Survey and analysis of the data for evidence Event reconstruction

Forensic investigation Live incident response Main techniques used are forensic duplication and live incident response Forensic investigation Forensic duplication Live incident response

Agenda Introduction Approach and process of Digital Forensics Digital Forensics tools State of play of Digital Forensics Conclusion

Several commercial and open source tools for digital forensics are available EnCase FTK Helix ... Commerical DFF LiveView The Sleuth Kit Open source

Agenda Introduction Approach and process of Digital Forensics Digital Forensics tools State of play of Digital Forensics Conclusion

Digital Forensics tools have not kept up with technology and cyber crime Current digital forensics tools were designed to help examiners find specific evidence, not to assist in investigations for solving crimes committed against people where the evidence is located on a computer, not to assist in solving typical crimes committed with computers or against computers Today's tools cannot deal with increasing complexity arising due to the cloud era Source: Garfinkel, SimsonL., „Digital Forensics Research: The Next 10 years“, 2010

Agenda Introduction Approach and process of Digital Forensics Digital Forensics tools State of play of Digital Forensics Conclusion

Conclusion Digital forensics is important for solving crimes with digital devices against digitial devices against people where evidence may reside in a device Several sound tools and techniques exist to search and analyse digital data Regardless of existing tools, evolving digital age and development of technology requires heavier research in digital forensics

Thank you for your attention!