Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #12 Computer Forensics Analysis/Validation and Recovering Graphic.

Slides:

Advertisements

Similar presentations

Chapter 10 Recovering Graphics Files

Advertisements

Steganograp hy By : Uday Deep Singh (IT-2 / 7 th Sem) “The Art Of Hiding Content In Images” 1.

Guide to Computer Forensics and Investigations, Second Edition

Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #26 Emerging Technologies.

An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.

Steganography Steganography is the art and science of writing hidden messages in such a way that no one apart from the sender and intended recipient even.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

Guide to Computer Forensics and Investigations Fourth Edition

Chapter 8 Recovering Graphics Files

Guide to Computer Forensics and Investigations Fourth Edition

COS/PSA 413 Day 18. Agenda Lab 9 write-up grades –2 A’s, 1 B, 1 D and 1 F –Answer the questions with a minimal amount of BS –I will start taking off points.

COS 413 Day 13. Agenda Questions? Assignment 4 Due Assignment 5 posted –Due Oct 21 Capstone proposal Due Oct 17 Lab 5 on Oct 15 in N105 –Hands-on Projects.

Overview of Digital Stenography

Chapter 10 Recovering Graphics Files Guide to Computer Forensics and Investigations Third Edition.

Steganography Part 2 – Detection and Research. Introduction to Steganalysis What is steganalysis?  The art of detecting messages hidden by steganography.

Guide to Computer Forensics and Investigations Third Edition

COS/PSA 413 Day 16. Agenda Lab 7 Corrected –2 A’s, 1 B and 2 F’s –Some of you need to start putting more effort into these labs –I also expect to be equal.

CSCI 530L Steganography and Steganalysis. Administrative issues If you have not yet signed up for a Lab Section, do so now. Most lab sections are full.

COS/PSA 413 Day 15. Agenda Assignment 3 corrected –5 A’s, 4 B’s and 1 C Lab 5 corrected –4 A’s and 1 B Lab 6 corrected –A, 2 B’s, 1 C and 1 D Lab 7 write-up.

COS 413 Day 15. Agenda Assignment 4 corrected –2 A’s, 5 B’s, 1 C and 1 non-submit Assignment 5 Due Assignment 6 will be assigned next week Lab 4 write-up.

SAK INTRODUCTION TO COMPUTER FORENSICS Chapter 7 Image Files Forensics

Capturing Computer Evidence Extracting Information.

Hands-on: Capturing an Image with AccessData FTK Imager

Exploring Steganography: Seeing the Unseen Neil F. Johnson Sushil Jajodia George Mason University.

Information Security Principles (ESGD4222)

Chapter 10 Recovering Graphics Files Guide to Computer Forensics and Investigations Third Edition.

Introduction to Multimedia Security Topics Covered in this Course Multimedia Security.

Chapter 9 Computer Forensics Analysis and Validation Guide to Computer Forensics and Investigations Fourth Edition.

Computer Forensics Iram Qureshi, Prajakta Lokhande.

S TEGANOGRAPHY The Art of Message Hiding. Cryptography: Securing Information in the Digital Age Part 1: Introduction to Steganography Part 2: Hands-on.

Key Words: File systems, Steganography, Encrypted Communications, RAID, Information Hiding, Intelligence, Instagram, flickr Original can be found at:

Chapter 9 Digital Forensics Analysis and Validation

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #8 Computer Forensics Data Recovery and Evidence Collection September.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #8 Guest Lecture September 21, 2009.

Chapter 2 Understanding Computer Investigations Guide to Computer Forensics and Investigations Fourth Edition.

Guide to Computer Forensics and Investigations Fourth Edition

Module 13: Computer Investigations Introduction Digital Evidence Preserving Evidence Analysis of Digital Evidence Writing Investigative Reports Proven.

Computer Forensics, Steganography and Cryptography and Related Ethical Issues. Edilasio Pereira Russell Braun Team 8.

Chapter 9 Computer Forensics Analysis and Validation Guide to Computer Forensics and Investigations Fourth Edition.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #9 Preserving Digital Evidence; Image Verifications and Authentication.

Guide to Computer Forensics and Investigations, Second Edition Chapter 11 Recovering Image Files.

1J. M. Kizza - Ethical And Social Issues Module 13: Computer Investigations Introduction Introduction Digital Evidence Digital Evidence Preserving Evidence.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #4 Data Acquisition September 8, 2008.

Unit 1: Task 1 By Abbie Llewellyn. Vector Graphic Software (Corel Draw) Computer graphics can be classified into two different categories: raster graphics.

Chapter 2 Understanding Computer Investigations Guide to Computer Forensics and Investigations Fourth Edition.

Introduction to Biometrics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #1 Biometrics and Other Emerging Technologies in Applications.

 Forensics  Application of scientific knowledge to a problem  Computer Forensics  Application of the scientific method in reconstructing a sequence.

Chapter 8 Recovering Graphics Files

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Network Forensics - III November 3, 2008.

Chao-Hsien Chu, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA Search.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #8 File Systems September 22, 2008.

MANAGEMENT OF STEGANOGRAPHY OLALEKAN A. ALABI COSC 454.

Digital Steganography Jared Schmidt. In This Presentation… Digital Steganography Common Methods in Images Network Steganography Uses Steganalysis o Detecting.

Analysing Image Files Michael Jones. Overview Images and images Binary, octal, hexadecimal File headers and footers Example (image) files Looking for.

Digital Steganography

Chapter 9 Digital Forensics Analysis and Validation

Digital Forensics Dr. Bhavani Thuraisingham

Digital Forensics 2 Lecture 2: Understanding steganography in graphic files Presented by : J.Silaa Lecture: FCI Based on Guide to Computer Forensics and.

Digital Forensics 2 (DFC721S)

CHFI & Digital Forensics [Part.1] - Basics & FTK Imager

Visit for more Learning Resources

Chapter 10 Recovering Graphics Files

Digital Forensics Dr. Bhavani Thuraisingham

Steganography Techniques and their use in Anonymity

Exam Information CSI5107 Network Security.

STEGANOGRAPHY IN IMAGES

Introduction to Multimedia Security Topics Covered in this Course

1 Guide to Computer Forensics and Investigations Sixth Edition Chapter 8 Recovering Graphics Files.

Presentation transcript:

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #12 Computer Forensics Analysis/Validation and Recovering Graphic Files October 1, 2008

Outline l Topics fir Lecture #12 - What data to collect and analyze - Validating forensics data - Data hiding techniques - Remote acquisitions - Recovering Graphic files - Data compression - Locating and recovering graphic files - Stgenaography and Steganalysis - Reference: Chapter 9 am 10 of Textbook l Topics for Lecture Number #13

What data to collect and analyze l Depends on the type of investigation l investigation will involve network logs, server backups l Industrial espionage may include collecting information from cameras, keystrokes l Scope creep: Investigation extends beyond the original description due to unexpected evidence

Validating forensic data l Validating with hexadecimal editors - Provides support such as hashing files and sectors l Discriminating functions - Selecting suspicious data from normal data l Validating with forensics programs - Use message digests, hash values

Data Hiding l Data hiding is about changing or manipulating a file to conceal information l Hiding partitions: Create partitions and use disk editor to delete reference to it, then recreate links to find the partition l Marking bad clusters: Placing sensitive or incriminating data in free space; use disk editors to mark good clusters as bad clusters l But shifting: Change bit patterns or alter byte values l Using Stereography to hide data (Lecture 13) l Encrypt files to prevent access l Recover passwords using passwords recovery tools

Remote Acquisitions l Tools are available for acquiring data remotely - E.g., Diskexplorer for FAT - Diskexporer for NTFS l Steps to follow - Prepare the tool for remote acquisition - Make remote connection - Acquire the data

Recovering Graphic Files l What are graphic files - Bitmaps and Raster images - Vector graphics - Metafile graphics l Graphics file formats - Standards and Specialized l Digital camera file formats - Raw and Inage file format

Data Compression l Lossless compression - Reduce file size without removing data l Lossy compression - Reduces file size but some bits are removed - JPEG l Techniques are taught in Image processing courses

Locating and Recovering Graphic Files l Identify the graphic file fragments - If the file is fragmented, need to recover all the fragments carving or salvaging) l Repair damage headers - If header data is partially overwritten need to figure out what the missing pieces are l Procedures also exist form recovering digital photograph evidence l Steps to follow - Identify file - Recover damage headers - Reconstruct file fragments - Conduct exam

Steganography l Steganography is the art of covered or hidden writing. l The purpose of steganography is covert communication to hide a message from a third party. l This differs from cryptography, the art of secret writing, which is intended to make a message unreadable by a third party but does not hide the existence of the secret communication.

Topics for Lecture #13 l Steganography l Null Ciphers l Digital Image and Audio l Digital Carrier Methods l Detecting Steganography l Tools l Reference: _03_research01.htm 004_03_research01.htm