Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Forensics Ms. Wade.

Published byNicholas Sullivan Modified over 6 years ago

Similar presentations

Presentation on theme: "Computer Forensics Ms. Wade."— Presentation transcript:

1 Computer Forensics Ms. Wade

2 Do Now When using any computing devices what are some of the risks that we are vulnerable to?

3 Aim Why is Computer Forensics necessary in this emerging world of technology?

4 Objective Define computer forensics and list its major uses. Identify the different ways that they are at risk when using computers. Explain how computer forensics may be used to investigate crimes Explain how computer forensics is used in the courtroom Identify ways in which different professions might use computer forensic evidence Identify responsibilities and ethics of computer forensic practitioners

5 Discussion on Security Checklist
How much do you know about Cyber Security?

6 Log onto my webpage and complete the cyber video assignment
Do Now Log onto my webpage and complete the cyber video assignment Use code jisodem

7 Aim Why is Computer Forensics necessary in this emerging world of technology?

8 Activity Choose from the following Activities: Who uses computer Forensics and why? What are the steps to Conducting a Computer Forensic Investigation? What are some of the rules and regulations one should follow when completing an investigation? (Ethics and Morals)

9 Do Now Can you differentiate between a computer related crime and a digital crime? Computer related crime- criminal activities in which a computer related equipment was involved. (book making and theft) Digital Crime – Any criminal activity which involves the unauthorized access, dissemination, manipulation, destruction, or corruption of electronically stored data.

10 Aim Who uses Computer Forensics and what does a Computer Forensics investigation entail?

11 Who uses Computer Forensics
Attorneys - Use evidence retrieved from a computer and other devices to prosecute or defend individuals in Court. Private Corporations -Use evidence retrieved from employee workstations and smartphones in cases that arise relating to the employee. Law Enforcement - Rely on computer forensics to support search warrants, to build cases, and apprehend perpetrators. Individuals - May use computer forensics in divorce, harassment, theft, or other personal litigation matters.

12 What are the different Types of Evidence that can be collected?
Some common examples of digital media include: o Computers and laptops O Servers O Mobile devices (cellphones, iPads, etc.) O Cameras O External hard drives O Flash drives O CDS and DVDs O Floppy discs

13 What Can be Recovered From Evidence?
Examples of what can be recovered: Other examples include: Documents Spreadsheets Cookies Internet Activity s Pictures Applications Databases Attachments Temporary Files Deleted Files Hidden Files File Frag

14 What are some Types of Forensic Cases
Homicide Fraud Extortion Domestic Harassment e Pornography Identity Theft Employee Misconduct Narcotics Prostitution Piracy Intellectual Property

15 Common Cases Finding an incriminating or chat message linking the user to harassment or another form of employee misconduct. Identifying bank accounts and credit card numbers used by a perpetrator to aid and abet a financial scheme. Establishing the computer activity of a user at a particular date and time in order substantiate an alibi on behalf their defense. Recovering deleted documents linking a former employee of embezzlement of company funds and misappropriation of assets. Finding "file fragments" of pornography on an individual's work computer. Recent news examples: o Analyzing the flight simulator computer of the Malaysian airline Tracking the perpetrators of the Target credit card and ID theft

16 Four Main steps to Computer Forensics Investigation
Collection- This is the onsite portion of the investigation where the evidence is collected using forensically sound techniques. Create a bit-for-bit forensic copy of the evidence hard drive, take photographs of the scene, and fill out the chain of custody documentation. The forensically duplicated drive is your working copy and is the exact same as the drive from the evidentiary computer. You don't want to make any changes to the evidence. Preservation- Properly secure and back-up the evidence Collected. Using the forensic copy of the hard drive, begin indexing (uploading) the evidence onto a forensic platform/software- make sure you are authorized to do so. Analysis - Using the forensic software, analyze and evaluate the information recovered. Report:- Accurately summarize your procedures and findings in a comprehensive report and be prepared to Serve as a Court witness

17 Why is documenting your work important?
Once you obtain evidence, it is imperative to maintain accurate documentation. There needs to be a clear record of who provided the evidence, who handled the evidence, where the evidence was stored, who was in control of the evidence, and every step taken by the investigators throughout the course of the investigation. You should document and describe details about the evidence such as the make, model, and serial number of the hard drive and the originating computer. The more details obtained, the better. You should also tag each evidence item with a unique evidence number. The is a chief part of any investigation; improper documentation could deem evidence inadmissible in court as well as leave the investigator open to evidence tampering allegations.

18 Explain what is meant by spoilage of evidence and how may this occur?
Evidence is damaged or spoiled. Spoliation can result from conscious and intentional destruction, by being sloppy and negligent, by accident, or by mistake. An example of intentional spoliation is an investigator purposely withholding an incriminating document retrieved from the evidentiary hard drive. An example of negligence is turning on a Computer in a situation where you are not supposed to, altering system files and other data, thus spoiling the evidence.

19 Explain what is meant by ethics?
Investigators are expected to conduct investigations while maintaining a high level of professional and ethical standards at all times. It is a legal obligation for every forensic professional to behave ethically Conducting an unethical and/or sloppy investigation will lead to spoliation of the evidence; the investigator may also be held liable for his/her improper actions.

20 Wrap up Video On Cyber Security

21 Do Now Give some examples of the type of media that can be recovered from a computing device.

22 Aim What are the challenges associated with the enforcement and prosecution of computer crime?

23 Objectives Explore the changes in society associated with the advent of technological changes and the introduction of the Internet. Identify the challenges associated with the enforcement and prosecution of computer crime. Examine the extent of computer crime in society. Gain familiarity with categories of computer-related crime.

24 Problems associated with computer crimes
Problems associated with computer crime include: Difficulty in law enforcement Difficulty courts face when addressing extra-jurisdictional crime Belief that computer crime is not as dangerous as violent crime

25 Problems associated with computer crimes
Prosecutors may prefer to limit resources on violent crime instead. Lack of reporting arises from a belief that these are not worth pursuing. Law enforcement agencies may lack financial and/or technical resources to investigate computer crimes.

26 Extent of the problem

27 Example of a New Cybercrime: The Emergence of e-Cash
Prepaid cards: like debit cards, not geographically limited Stored value cards: sometimes called electronic purses. Data is on a computer chip. Mobile payments may be transmitted via smartphones.

28 Example of a New Cybercrime: The Emergence of e-Cash
Internet payment services, like PayPal Digital precious metals: value of electronic payments linked to a precious metal

29 Wrap Up Greater reliance on computer-based technology presents benefits as well as problems. Law enforcement may find it difficult to respond to new types of crimes because of

30 Difficulty responding to rapid technological change
Wrap up Law enforcement may find it difficult to respond to new types of crimes because of: Lack of resources Difficulty responding to rapid technological change Public perception that computer crime is less serious than violent crime

31 Task Look up a famous court case where Computer Forensics was an imperative part of the investigation and write a short summary of how that evidence was used to help solve the case.

32 Do Now What are some problems that law enforcement can encounter when it comes to prosecuting cyber crimes?

33 Aim What are some of the guidelines that govern how we should use the computer?

34 Ten Commandments of Computer Ethics
Ten Commandments of Computer Ethics Created by the Computer Ethics Institute lf Duplicated, Please Cite the Computer Ethics Institute 1. Thou Shalt Not Use A Computer To Harm Other People. 2. Thou Shalt Not Interfere With Other People's Computer Work. 3. Thou Shalt Not Snoop Around in Other People's Computer Files. 4. Thou Shalt Not Use A Computer To Steal. 5. Thou Shalt Not Use A Computer To Bear False Witness. 6. Thou Shalt Not Copy Or Use Proprietary Software For Which You have Not Paid. 7. Thou Shalt Not Use Other People's Computer ResourcesWithout Authorization Or Proper Compensation. 8. Thou Shalt Not Appropriate Other People's Intellectual Output. 9. Thou Shalt Think About The Social Consequences Of The Program You Are Writing Or The System You Are Designing. 10. Thou Shalt Always Use A Computer in Ways That Insure Consideration And Respect For Your Fellow Humans.

35 How could computer forensic tools be misused?
Do Now How could computer forensic tools be misused? Why are ethics important?

36 Task (Written Assignments)
1. Using one of the Ten commandments of ethical behavior given to you, write a explanation of what that commandment entails. 2. Read Case Study 1 and 2 and answer the related questions below. Use your computer for research: Case Study 1: The school secretary accidentally crashed the School computer and all the data was lost. Questions: Who might get hurt by this? What kinds of actions might be taken to prevent it from happening again? What might be done to recover the data? Case Study 2: A student has hacked into the school computer system and improved her grades. Questions: Is this action: criminal, unethical, immoral or nothing to be concerned about? Are there laws that might be passed or improved to prevent this? How difficult is it to catch and prosecute the person doing it? Does it matter if she did it in order to steal and fabricate information or just to prove her skill? Should there be a punishment if no harm was intended?

37 Vocabulary Allegation- a statement asserting something without proof
Fraud-intentional deception made for personal gain or to damage another individual Analysis-the separate of an intellectual or material whole into parts for individual study Inadmissible-evidence which may not be introduced in a court of law Binary-characterized by or consisting of two part or components Intellectual Property-a legal concept which refers to creations of the mind for which exclusive rights are recognized. Chain of custody-the chronological documentation or paper trail, showing the seizure, custody, control transfer, analysis and disposition of physical or electronic evidence. Litigation-the conduct of a civil action brought in a court of law in which a plaintiff (party claiming loss) demands a legal or equitable remedy

38 Do Now Your favorite aunt ask you to restore her vacation pictures which she accidentally deleted from her digital camera. Based on the Ten commandments of Computer ethics you __________________. ________ includes any criminal activity which involves the unauthorized access, dissemination, manipulation, destruction, or corruption of electronically stored data. a. Cybercrime b. Computer related crime c. Computer crime d. Digital crime 3. Which is one of the earliest computer crimes to have been committed? a. software piracy b. DDoS attack c. phishing d. hacking

39 Aim How can we analyze famous case to determine how computer forensics was critical is determining innocence or guilt?

40 Task Review the cases posted, choose one and write a 1-2 page essay (typed, 12 point font- times, double-spaced) on how computer forensics was used, the result of the case and your overall opinion of the events. Check mswadespage.weebly.com for assignment and rubric

Download ppt "Computer Forensics Ms. Wade."

Similar presentations

Northside I.S.D. Acceptable Use Policy 2009-2010.

Northside I.S.D. Acceptable Use Policy
Computer and Mobile Device Equipment Security Brief May 29, 2008 Presented by: Kevin G. Sutton, Chief, Information Technology Unit.

Computer and Mobile Device Equipment Security Brief May 29, 2008 Presented by: Kevin G. Sutton, Chief, Information Technology Unit.
Class Name, Instructor Name Date, Semester Criminal Justice 2011 Chapter 14: SPECIAL INVESTIGATIONS: Vice, White-Collar, Computer, and Hit-and-Run Crimes.

Class Name, Instructor Name Date, Semester Criminal Justice 2011 Chapter 14: SPECIAL INVESTIGATIONS: Vice, White-Collar, Computer, and Hit-and-Run Crimes.
COMPUTER ETHICS What does it mean to be “ethical” on the computer?

COMPUTER ETHICS What does it mean to be “ethical” on the computer?
MD5 Summary and Computer Examination Process Introduction to Computer Forensics.

MD5 Summary and Computer Examination Process Introduction to Computer Forensics.
BACS 371 Computer Forensics

BACS 371 Computer Forensics
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Understanding Business Ethics

Understanding Business Ethics
Computers Are Your Future Twelfth Edition Spotlight 1: Ethics Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 1.

Computers Are Your Future Twelfth Edition Spotlight 1: Ethics Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 1.
Computer Ethics – The Ten Commandments

Computer Ethics – The Ten Commandments
Introduction to Computer Forensics Fall 2007. Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (http://www.forensics.nl).http://www.forensics.nl.

Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (
By Drudeisha Madhub Data Protection Commissioner Date: 12.08.14.

By Drudeisha Madhub Data Protection Commissioner Date:
CJ © 2011 Cengage Learning Chapter 17 Cyber Crime and The Future of Criminal Justice.

CJ © 2011 Cengage Learning Chapter 17 Cyber Crime and The Future of Criminal Justice.
Computer ethics.

Computer ethics.
Introduction to Data Forensics CIS302 Harry R. Erwin, PhD School of Computing and Technology University of Sunderland.

Introduction to Data Forensics CIS302 Harry R. Erwin, PhD School of Computing and Technology University of Sunderland.
Possible WebQuest type links  

Possible WebQuest type links  
Describe ethical considerations resulting from technological advances.

Describe ethical considerations resulting from technological advances.
Information Systems Today, 2/C/e ©2008 Pearson Education Canada 9-1 ACS 1803 Lecture Outline 15 ETHICS AND COMPUTER CRIME.

Information Systems Today, 2/C/e ©2008 Pearson Education Canada 9-1 ACS 1803 Lecture Outline 15 ETHICS AND COMPUTER CRIME.
Computer Ethics for Computer Users

Computer Ethics for Computer Users
 An orderly analysis, investigation, inquiry, test, inspection, or examination along a “paper trail” in the search for fraud, embezzlement, or hidden.

 An orderly analysis, investigation, inquiry, test, inspection, or examination along a “paper trail” in the search for fraud, embezzlement, or hidden.

Similar presentations

Ads by Google