An Introduction to Computer Forensics Jim Lindsey Western Kentucky University September 28, 2007.

Slides:



Advertisements
Similar presentations
We’ve got what it takes to take what you got! NETWORK FORENSICS.
Advertisements

Guide to Computer Forensics and Investigations, Second Edition
Computer Forensics and Digital Investigation – a brief introduction Ulf Larson/Erland Jonsson.
Teaching Computer Forensics Using Student Developed Evidence Files Anna Carlin Cal Poly Pomona.
BACS 371 Computer Forensics
Computer Forensics Principles and Practices
COS/PSA 413 Day 3. Agenda Questions? Blackboard access? Assignment 1 due September 3:35PM –Hands-On Project 1-2 and 2-2 on page 26 of the text Finish.
Computer Forensics What is Computer Forensics? What is the importance of Computer Forensics? What do Computer Forensics specialists do? Applications of.
What is meant by computer forensics?  Principle, Function of computer forensics.  History about computer forensics.  Needs of computer forensics.
Forensic Accounting Presented by: Gary Pope. What Is Forensic Accounting? Forensic Accounting the practice of utilizing accounting, auditing, and investigative.
Computer Forensics Mr.PRAWEE PROMPONMUANG M.Sc(Forensic Science) NO
Career number 1. E- Discovery Professional  Electronic Discovery- Technology based Identifies, preserves and manages electronically stored information.
Private Detective & Investigator Quristain Hand. What Do They Do? (Duties)  Interview people to gather information  Do various types of searches, using.
Capturing Computer Evidence Extracting Information.
Introduction to Data Forensics CIS302 Harry R. Erwin, PhD School of Computing and Technology University of Sunderland.
An Event-based Digital Forensic Investigation Framework Brian D. Carrier Eugene H. Spafford DFRWS 2004.
What is FORENSICS? Why do we need Network Forensics?
Digital Forensics
Dr Richard Overill Department of Informatics King’s College London Cyber Sleuthing or the Art of the Digital Detective.
Forensic Science: Fundamentals & Investigations, Chapter 2 1 Chapter 2 Crime Scene Investigation and Evidence Collection By the end of this chapter you.
Professional Development: Group 1 Career Topic COMPUTER FORENSICS.
Computer Forensics Principles and Practices
An Introduction to Computer Forensics Jim Lindsey Western Kentucky University.
INTRODUCTION TO FORENSICS Let’s get started!. What is forensics? The application of science to law.
Module 13: Computer Investigations Introduction Digital Evidence Preserving Evidence Analysis of Digital Evidence Writing Investigative Reports Proven.
1J. M. Kizza - Ethical And Social Issues Module 13: Computer Investigations Introduction Introduction Digital Evidence Digital Evidence Preserving Evidence.
Forensic Science: Fundamentals & Investigations, Chapter 16 1 Chapter 16 Tool Marks By the end of this chapter you will be able to: o Describe the three.
 It is a branch of FORENSIC SCIENCE for legal evidence found in computer  It refers to detail investigation of the computers to carry out required tasks.
Chapter 5 Processing Crime and Incident Scenes Guide to Computer Forensics and Investigations Fourth Edition.
Packaging the evidence
 Forensics  Application of scientific knowledge to a problem  Computer Forensics  Application of the scientific method in reconstructing a sequence.
Computer Forensics Presented By:  Anam Sattar  Anum Ijaz  Tayyaba Shaffqat  Daniyal Qadeer Butt  Usman Rashid.
Forensic Science: Fundamentals & Investigations, Chapter 2 1 Chapter 2 Crime Scene Investigation and Evidence Collection By the end of this chapter you.
Forensic and Investigative Accounting Chapter 13 Computer Forensics: A Brief Introduction © 2007 CCH. All Rights Reserved W. Peterson Ave. Chicago,
ONLINE COURSES - SIFS FORENSIC SCIENCE PROGRAMME - 2 Our online course instructors are working professionals handling real-life cases related to various.
By: Jeremy Henry. Road Map  What is a cybercrime?  Statistics.  Tools used by an investigator.  Techniques and procedures used.  Specific case.
Digital Forensics Market Analysis: By Forensic Tools; By Application (Network Forensics, Mobile Forensics, Database Forensics, Computer Forensics) - Forecast.
Computer Forensics By Chris Brown. Computer Forensics Defined Applying computer science to aid in the legal process Utilization of predefined set of procedures.
Computer Forensics. OVERVIEW OF SEMINAR Introduction Introduction Defining Cyber Crime Defining Cyber Crime Cyber Crime Cyber Crime Cyber Crime As Global.
By Jason Swoyer.  Computer forensics is a branch of forensic science pertaining to legal evidence found in computers and digital storage mediums.  Computer.
CyberLaw. Assignment Review Cyber LawCyberLaw 6/23/2016 CyberLaw 3 Securing an Organization  This Chat: CyberLaw and Compliance –Forensics –Privacy.
18-1 PRENTICE HALL ©2008 Pearson Education, Inc. Upper Saddle River, NJ FORENSIC SCIENCE An Introduction By Richard Saferstein.
Chapter 2 Crime Scene Investigation and Evidence Collection By the end of this chapter you will be able to: Summarize Locard’s exchange principle.
CJS 215 RANK creative knowledge /cjs215rank.com
PhD Oral Exam Presentation
Forensic Computer Techniques
Criminal Evidence Chapter 3
Criminal Prosecutors with Computer Forensics
Chapter 16 Tool Marks By the end of this chapter you will be able to:
Science of Crime – Intro to Forensic Science
Guide to Computer Forensics and Investigations Fifth Edition
Chapter 16 Tool Marks By the end of this chapter you will be able to:
CJS 215 Competitive Success-- snaptutorial.com
CJS 215 RANK Lessons in Excellence-- cjs215rank.com.
CJS 215 Education for Service-- snaptutorial.com
CJS 215 Teaching Effectively-- snaptutorial.com
FILE CARVING: Reassembling files from fragments of bytes/hex data on a digital device.
FILE CARVING: Reassembling files from fragments of bytes/hex data on a digital device.
Chapter 2 Crime Scene Investigation and Evidence Collection By the end of this chapter you will be able to: Summarize Locard’s exchange principle.
Evidence & Investigation: An Introduction
Digital Forensics Chris Rozic.
Introduction to Digital Forensics
Ad Hoc Phase Structured Phase Enterprise Phase
Chapter 2 Crime Scene Investigation and Evidence Collection By the end of this chapter you will be able to: Summarize Locard’s exchange principle.
Chapter 16 Tool Marks By the end of this chapter you will be able to:
2-1 the Crime Scene Forensics.
Chapter 16 Tool Marks By the end of this chapter you will be able to:
Chapter 2 Crime Scene Investigation and Evidence Collection By the end of this chapter you will be able to: Summarize Locard’s exchange principle.
Introduction to Digital Forensics
Public Safety What is it?.
Presentation transcript:

An Introduction to Computer Forensics Jim Lindsey Western Kentucky University September 28, 2007

What are we talking about? Forensic … Forensic …

What are we talking about? Forensic Science is the use of science to investigate and establish facts in criminal and civil cases. Forensic Science is the use of science to investigate and establish facts in criminal and civil cases.

What are we talking about? Computer Forensics is the discovery, collection, and analysis of evidence found on computers and networks. Computer Forensics is the discovery, collection, and analysis of evidence found on computers and networks.

Interdisciplinary Field Investigator Legal Professional Computer Professional Computer Forensics Forensic Examiners have to know about computers, how to perform an investigation and about the law. Forensic Examiners have to know about computers, how to perform an investigation and about the law. Your job is to simply find the facts! Your job is to simply find the facts!

Why should I care? Computers and the Internet are the fastest growing technologies used in crime (criminal and civil). Computers and the Internet are the fastest growing technologies used in crime (criminal and civil). BTK and Scott Peterson Murder Cases BTK and Scott Peterson Murder Cases Enron and Worldcom Cases Enron and Worldcom Cases Human Resource Matters Human Resource Matters ID Theft and Divorce Matters ID Theft and Divorce Matters

Deleted Files

The Computer Forensic Process Gather the materials to be analyzed. Gather the materials to be analyzed. Must be done legally! Must be done legally! Establish the chain of custody. Establish the chain of custody. Get all needed devices. Get all needed devices. Preserve the media. Preserve the media. Write blockers Write blockers Bit for bit images Bit for bit images Extract the evidence. Extract the evidence. What is relevant to the case? What is relevant to the case? Again, must be done legally! Again, must be done legally!

The Computer Forensic Process Analyze computer media. Analyze computer media. Forensic HW Forensic HW Forensic SW Forensic SW Document the results. Document the results. Report your findings! Report your findings! Consider the audience that will read the report! Consider the audience that will read the report!

Computer Forensics At Work Deleted Files Deleted Files Tracking Packet Routes Tracking Packet Routes Analyzing Network Traffic Analyzing Network Traffic Analyzing Mobile Devices Analyzing Mobile Devices Analyzing ISP Logs Analyzing ISP Logs Analyzing Chat Logs Analyzing Chat Logs Analyzing a Packet Trace Analyzing a Packet Trace

Summary Defined computer forensics Defined computer forensics Established why it is important for you to know about the topic Established why it is important for you to know about the topic Described the computer forensic process Described the computer forensic process Looked at examples of tasks performed by computer forensic examiners Looked at examples of tasks performed by computer forensic examiners

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.