Oft Repeated Theme: If it is encrypted, you are probably not going to crack it. Look instead at the “end points” and low-hanging fruit (social engineering.

Slides:

Advertisements

Similar presentations

Computer Technology Timpview High School. A collection of local, regional, national, and international computer networks that are linked together to exchange.

Advertisements

Computer Forensic Analysis By Aaron Cheeseman Excerpt from Investigating Computer-Related Crime By Peter Stephenson (2000) CRC Press LLC - Computer Crimes.

Collaboration Model for Law Enforcement X-Ways Investigator (investigator version of X-Ways Forensics)

Information Hiding: Watermarking and Steganography

2 Language of Computer Crime Investigation

Chapter Extension 24 Computer Crime and Forensics © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.

Computer Forensics, The Investigators Persepective Paul T. Mobley Sr. Computer Forensics Consultant Jawz Inc.

Secure Shell – SSH Tam Ngo Steve Licking cs265. Overview Introduction Brief History and Background of SSH Differences between SSH-1 and SSH- 2 Brief Overview.

Evidence Computer Forensics. Law Enforcement vs. Citizens  Search must have probable cause –4 th amendment search warrant  Private citizen not subject.

Steganography Part 2 – Detection and Research. Introduction to Steganalysis What is steganalysis?  The art of detecting messages hidden by steganography.

Technology for Computer Forensics by Alicia Castro.

CSCI 530L Steganography and Steganalysis. Administrative issues If you have not yet signed up for a Lab Section, do so now. Most lab sections are full.

Internet Relay Chat Chandrea Dungy Derek Garrett #29.

Security+ All-In-One Edition Chapter 20 – Forensics Brian E. Brzezicki.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #12 Computer Forensics Analysis/Validation and Recovering Graphic.

Capturing Computer Evidence Extracting Information.

Hands-on: Capturing an Image with AccessData FTK Imager

Passwords, Encryption Forensic Tools

Protecting Your Computer & Your Information

Encryption Presentation Jamie Roberts. Encryption Defined: n The process of converting messages, information, or data into a form unreadable by anyone.

APT29 HAMMERTOSS Jayakrishnan M.

What Is A Network A network is a group of computers interconnected with communication lines which allows users to share information and resources.

Computer Forensics Iram Qureshi, Prajakta Lokhande.

S TEGANOGRAPHY The Art of Message Hiding. Cryptography: Securing Information in the Digital Age Part 1: Introduction to Steganography Part 2: Hands-on.

University of Palestine University of Palestine Eng. Wisam Zaqoot Eng. Wisam Zaqoot May 2011 May 2011 Steganalysis ITSS 4201 Internet Insurance and Information.

CIS 450 – Network Security Chapter 16 – Covering the Tracks.

Forensic and Investigative Accounting Chapter 14 Digital Forensics Analysis © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL

TECHNOLOGY GUIDE THREE Protecting Your Information Assets.

Computer Forensics Principles and Practices

Introduction to Digital Forensics Florian Buchholz.

Data Capture in Encrypted Environments with Sebek.

Hiding Data in “Plain Sight” Computer Forensics BACS 371.

Lecture 17 Page 1 CS 236 Online Network Privacy Mostly issues of preserving privacy of data flowing through network Start with encryption –With good encryption,

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. System Forensics, Investigation, and Response.

Module 13: Computer Investigations Introduction Digital Evidence Preserving Evidence Analysis of Digital Evidence Writing Investigative Reports Proven.

Lecture 17 Page 1 CS 236 Online Privacy CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

First Look at Security and Privacy Jeremiah Burleson.

Steganography Kati Reiland CS 419 April 7, What is Steganography? Technically meaning “covered writing” Anything that hides information in another.

1J. M. Kizza - Ethical And Social Issues Module 13: Computer Investigations Introduction Introduction Digital Evidence Digital Evidence Preserving Evidence.

Swap Space and Other Memory Management Issues Operating Systems: Internals and Design Principles.

 Forensics  Application of scientific knowledge to a problem  Computer Forensics  Application of the scientific method in reconstructing a sequence.

Computer Forensics Presented By:  Anam Sattar  Anum Ijaz  Tayyaba Shaffqat  Daniyal Qadeer Butt  Usman Rashid.

Web Forensics Matthew M. Kimball.

What Is A Network A network is a group of computers interconnected with communication lines which allows users to share information and resources.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #8 File Systems September 22, 2008.

Digital Forensics. Hardware components Motherboard Motherboard System bus System bus CPU CPU ROM ROM RAM RAM HDD HDD Input devices Input devices Output.

Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 6 - Essentials of Design an the Design Activities.

Lisa Fujii Cole, E. (2003). Hiding in Plain Sight: Steganography and the Art of Covert Communication. Indianapolis, Indiana: Wiley Publishing, Inc.

CIT 180 Security Fundamentals Computer Forensics.

Chapter 11 Analysis Methodology Spring Incident Response & Computer Forensics.

Computer Security Keeping you and your computer safe in the digital world.

Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (

Digital Forensics Anthony Lawrence. Overview Digital forensics is a branch of forensics focusing on investigating electronic devises. Important in for.

Virtual Memory (Section 9.3). The Need For Virtual Memory Many computers don’t have enough memory in RAM to accommodate all the programs a user wants.

Internet Vulnerabilities & Criminal Activity Internet Forensics 12.1 April 26, 2010 Internet Forensics 12.1 April 26, 2010.

Chapter 2: The Linux System Part 4

TECHNOLOGY GUIDE THREE

Lesson Objectives Aims You should be able to:

Digital Forensics 2 Lecture 2: Understanding steganography in graphic files Presented by : J.Silaa Lecture: FCI Based on Guide to Computer Forensics and.

Computer Security Elaine Munn Introduction to Computer Security.

Mumtaz Ali Rajput +92 – INFORMATION SECURITY – WEEK 5 Mumtaz Ali Rajput +92 – 301-

Visit for more Learning Resources

Page Replacement.

Forensic Concept of Data

Steganography with Digital Images

FILE CARVING: Reassembling files from fragments of bytes/hex data on a digital device.

Exam Information CSI5107 Network Security.

Unit 32 Every class minute counts! 2 assignments 3 tasks/assignment

Image Based Steganography Using LSB Insertion Technique

Presentation transcript:

Oft Repeated Theme: If it is encrypted, you are probably not going to crack it. Look instead at the “end points” and low-hanging fruit (social engineering or external sources – look for human sloppiness, string search in cached locations, slack space, network traffic, page swap file…) Database on data hiding locations needed Encryption Workshop Session 1

Identify Key Legal and Technical Issues We can compel people to turn over something physical, but cannot compel to release information (5 th amendment) What is the admissibility of “same file name, same file size” as evidence – generally, it probably isn’t, but combined with other evidence (browser history, child abuse) can be supportive See Slide #1

Has there been an increase in use of encryption in the past few years? Computer intruders: SSH daemon, bluefish on log files Probably will see it rise as wireless increases – policy tension: CI protection vs forensics More runtime encryption/decryption being used on malware. Teso has a program (“burn-eye”) that encrypts binaries, and it can be used with machine fingerprinting (virtual memory, routing table, partitioning, hostname) so it cannot be run on another machine. Think virus detection!!

Has anyone in law enforcement found steganography in use in a case? No, not in the sense of embedding secrets in a carrier. But, use of misdirection, renaming, semaphores, data hiding seems to be quite common. Crooks are dumb – most people use defaults of what they are given – people committing crimes of passion aren’t usually thinking how to cover their tracks How reliable are most of the stego detection methods? Difficult problem – lots of image formats, broad spectrum of algorithms – requires many highly specialized steganalysis routines Don’t know about reliability Steganography and Steganalysis