Technology in Computer Forensics  Alicia Castro  Thesis Defense  Master of Software Engineering  Department of Computer Science  University of Colorado,

Slides:



Advertisements
Similar presentations
Accel Computerized Maintenance Management System.
Advertisements

CLEARSPACE Digital Document Archiving system INTRODUCTION Digital Document Archiving is the process of capturing paper documents through scanning and.
DIGIDOC A web based tool to Manage Documents. System Overview DigiDoc is a web-based customizable, integrated solution for Business Process Management.
We have developed CV easy management (CVem) a fast and effective fully automated software solution for effective and rapid management of all personnel.
® Microsoft Office 2010 Browser and Basics.
Internet Browser History Presented by K. SURESH sureshsrikalahasti.weebly.com
I would like to thank Louis P. Wilder and Dr. Joseph Trien for the opportunity to work on this project and for their continued support. The Research Alliance.
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign Overview of Live Computer System Capture and Triage Tool (CCTT)
Internet Artifacts Dr. John Abraham Professor UTPA.
SOFTWARE PRESENTATION ODMS (OPEN SOURCE DOCUMENT MANAGEMENT SYSTEM)
BACS 371 Computer Forensics
GenSpace: Exploring Social Networking Metaphors for Knowledge Sharing and Scientific Collaborative Work Chris Murphy, Swapneel Sheth, Gail Kaiser, Lauren.
X-Ways Trace Prepared By: Leen F. Arikat Supervisor: Dr. Lo’ai Tawalbeh.
Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?
E-commerce Web Site: Sales and Inventory Management System Markku Marjoneva.
Technology for Computer Forensics by Alicia Castro.
(NHA) The Laboratory of Computer Communication and Networking Network Host Analyzer.
Interpret Application Specifications
COS/PSA 413 Day 17. Agenda Lab 8 write-up grades –3 B’s, 1 C and 1 F –Answer the Questions!!! Capstone progress report 2 overdue Today we will be discussing.
Introduction Web Development II 5 th February. Introduction to Web Development Search engines Discussion boards, bulletin boards, other online collaboration.
© InLoox ® InLoox PM Web App product presentation The Online Project Software.
Practical PC, 7 th Edition Chapter 9: Sending and Attachments.
Computers, The Internet & The Web Jacie Yang Texas State University.
For technical assistance, call 1-(800) Welcome to Cornerstone’s Updated VISION Software System Your MSDS & Chemical Inventory.
Technology ICT Option: . Electronic mail is the transmission of mainly text based messages across networks This can be within a particular.
Medical Application Giant Squid Michal Cohen Robet Esho Chris Hogan Kate Kuleva Nisha Makwana Alex Rodrigues Rafal Urbanczyk.
Computer Concepts 2014 Chapter 7 The Web and .
The Office Procedures and Technology
The internet is a worldwide public network of computers on which people can join and use multiple services such as sharing of information. OR The Internet,
Microsoft Windows LEARNING HOW USE AN OPERATING SYSTEM 1.
About Dynamic Sites (Front End / Back End Implementations) by Janssen & Associates Affordable Website Solutions for Individuals and Small Businesses.
SITools Enhanced Use of Laboratory Services and Data Romain Conseil
Microcomputer Fundamentals Computer Class This class is designed for first-time computer users. Over the next several weeks, we will discuss how computers.
Forensic and Investigative Accounting Chapter 14 Internet Forensics Analysis: Profiling the Cybercriminal © 2005, CCH INCORPORATED 4025 W. Peterson Ave.
1 and Internet Evidence Mark Pollitt Associate Professor, Engineering Technology.
Objective Understand concepts used to web-based digital media. Course Weight : 5%
Chapter 3: Computer Software. Stored Program Concept v The concept of preparing a precise list of exactly what the computer is to do (this list is called.
Department of Computer Science and Engineering, CUHK 1 Final Year Project 2003/2004 LYU0302 PVCAIS – Personal VideoConference Archives Indexing System.
CERN - IT Department CH-1211 Genève 23 Switzerland t DB Development Tools Benthic SQL Developer Application Express WLCG Service Reliability.
Unit 8: Abacus Law and Smart Draw. Specialty Software AbacusLaw is a legal specialty software program that can be used for case management, calendaring,
Intel SECSIMPro Script Editor Introductory Presentation E N S C R Y P T The E N S C R Y P T Team Brian Crampton, Eric Miles, & Yoshani Thiruvilangam.
MODULE 3 Internet Basics © Paradigm Publishing, Inc.1.
1 Computer Forensics Dr. Randy M. Kaplan. 2 Browser Forensics.
s Protected by Fourth Amendment Right of Privacy By: Xavier Mulligan.
Implementing and Using the SIRWEB Interface Setup of the CGI script and web procfile Connecting to your database using HTML Retrieving data using the CGI.
© 2010 Pearson Education, Inc. | Publishing as Prentice Hall. Computer Literacy for IC 3 Unit 3: Living Online Chapter 2: Searching for Information.
 Forensics  Application of scientific knowledge to a problem  Computer Forensics  Application of the scientific method in reconstructing a sequence.
2004/051 >> Supply Chain Solutions That Deliver Users.
Web Browsing *TAKE NOTES*. Millions of people browse the Web every day for research, shopping, job duties and entertainment. Installing a web browser.
ELECTRONIC DOCUMENT SHARING AND MANAGEMENT BY: EDWARD DISI JUSTIN HEIN BROM ESPY Senior Design 1.
Computers Are Your Future Eleventh Edition Chapter 6: The Internet and the World Wide Web Copyright © 2011 Pearson Education, Inc. Publishing as Prentice.
COM: 111 Introduction to Computer Applications Department of Information & Communication Technology Panayiotis Christodoulou.
Internet Searching the World Wide Web. The Internet and the World Wide Web The Internet is a worldwide collection of networks that allows people to communicate.
Internet Privacy Define PRIVACY? How important is internet privacy to you? What privacy settings do you utilize for your social media sites?
Computer Forensics By Chris Brown. Computer Forensics Defined Applying computer science to aid in the legal process Utilization of predefined set of procedures.
Microcomputer Fundamentals Computer Class This class is designed for first-time computer users. Over the next several weeks, we will discuss how computers.
18-1 PRENTICE HALL ©2008 Pearson Education, Inc. Upper Saddle River, NJ FORENSIC SCIENCE An Introduction By Richard Saferstein.
Investigations 2016 First semester [ 12 week ]-Forensic Analysis of the Windows 7 Registry.
Internet The internet is the largest computer network system in the world. It consists of many smaller networks connected together by a global public.
Internet Basics 10/23/2012. What is the Internet? It’s a world-wide network of computer networks. It grows hourly and involves national governments, communities,
Automated ad placement
Computer Basics Technology’s Impact.
By Janet Crawford and Dam Luong Submitted to the Faculty of
Extract and Correlate Evidences in Computer Forensics
Internet Basics.
Extract and Correlate Evidences in Computer Forensics
InLoox PM Web App product presentation
Extract and Correlate Evidences in Computer Forensics
Application Software EIT, © Author Gay Robertson, 2016.
Skills Development Program
Presentation transcript:

Technology in Computer Forensics  Alicia Castro  Thesis Defense  Master of Software Engineering  Department of Computer Science  University of Colorado, Colorado Springs

Technology in Computer Forensics  Author: Alicia Castro  Committee Members:  Dr. C. Edward Chow  Dr. Jugal K. Kalita  Dr. Xiaobo Zhou

Computer Forensics Facts  Computer forensics is about investigating digital evidence related to criminal or suspicious behavior where computers or computer and related equipment may or may not be the target.  Internet crime has increased 22.3% in 2009 over 2008.

Computer Forensic Background  Digital evidence includes computer generated records such as the output of computer programs and computer-stored records such as messages  It is difficult to attribute certain computer activities to an individual especially in a multi-access environment.

Computer Forensics Legal Issues  Understand fundamentals of:  Search and Seizure laws  Electronic Communication Privacy Act  Wiretap Statute  Pen/Trap Statute  Patriotic Act  State Laws about Search and Seizure

Forensic Investigation Accessories to a Crime

…Forensic Investigation Accomplices of a Crime Suspect

Utilities used with Nica Forensic Tool  IECacheView  MozillaCacheView  ChromeCacheView  IEHV  Outlook Redemption  Microsoft Log Parser Nica Forensic Tool uses external tools to help parse the cache files from IE, Mozilla Firefox and Google Chrome browsers and also to gain access and parse the Outlook.pst files

Nica Forensic tool functionality  Use the cache files parser information and determine what information is valuable.  Get cookies and history files of each web browser, Skype logs, Instant Messenger and Outlook logs.  Store information in a database  Display any necessary output.  Design of all GUI displays

Nica Forensic Tool  Unlike most the forensic tools, it finds all the users on the computer not just the logged on users.  Unlike similar forensic tools, it does not need the investigator to enter the path where the information would be found. Nica Forensic Tool does it for the investigator.

Nica Forensic Tool Design Enter Case Number Case Description Forensic Investigator Notes

Run the parser to find entries by activities. Note the time stamp for date that the investigation was done and also the times it takes to find all the activities

Timeline Viewer Report by user, date time and activities

Finding the Evidence

Selecting the Evidence

Displaying selected suspected activities

Evidence’s Classification  Inclusion Criteria  More than one activity  Time between activities is less than 15 minutes  Previous history of web sited visited  Exclusion Criteria  One isolated activity and no previously history  Two or more activities with time intervals of more than 15 minutes between each activity

Nica Forensic Tool Logic Flow Chart

Nica Forensic Tool Implementation  Number of End Users = 6 (it can be unlimited)  Effects on change of task and responsibilities of End Users: Tool is so portable, investigators can carry it with them. It works so fast, that it can be run when a suspect just moves away from his/her computer for a few minutes. It is still a forensic tool, all the legal steps should be followed before trying to run the tool.

Nica Forensic Tool Limitations  Forensic can be done only to computers that are using the windows platform.  Currently set to use the most popular browsers, instant messengers, and Outlook client but more can be added easily to the scalable architecture.

Conclusion  Only portable Forensic Tool that automatically looks for login paths and all user profiles  Capture relevant Evidence  Easy to use  Assist Investigators obtaining reliable evidence

References  Please refer to Thesis Document 

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.