Presentation is loading. Please wait.

Presentation is loading. Please wait.

Image Source: thecomputerforensics.info.  DAY ONE (Monday) › Lecture and TWO activities  Activity One : Who are you?  Activity Two : Digital Forensic.

Published byFlora Amy Robertson Modified over 9 years ago

Similar presentations

Presentation on theme: "Image Source: thecomputerforensics.info.  DAY ONE (Monday) › Lecture and TWO activities  Activity One : Who are you?  Activity Two : Digital Forensic."— Presentation transcript:

1 Image Source: thecomputerforensics.info

2  DAY ONE (Monday) › Lecture and TWO activities  Activity One : Who are you?  Activity Two : Digital Forensic Cases  DAY TWO (Tuesday) › Lecture and ONE activity  Activity Three : Acquiring an Image of Evidence Media and Recovering a Deleted File  DAY THREE (Wednesday) › Lecture and THREE activities  Activity Four : Cookies and Grabbing Passwords with Wireshark  Activity Five : Encryptor and Decryptor  Activity Six: Steganography  DAY FOUR (Thursday)  Activity Seven: Digital Photo Scavenger Hunt  Activity Eight: Writing a wrap-up report  Activity Nine : Preparing the Friday Presentation  DAY Five (Friday)  Presentation in the closing session Summer Bridge Program at Radford University 2

3 Activity Two By: Aqurra C., Autumn P., Que J., Tiyana M.

4 BTK Killer  In January 1975, he killed four family members: Joseph Otero, 38/ Julie (his wife), 34/ Joseph II and Josephine (his two kids), 9 and 11  Over 15 years killed 6 other females  He killed his 4 family members by strangling them and then took a radio and watch

5 More About BTK Killer  In 1974 he started to go under the name BTK Strangler and he sent teases to the police about his killings (BTK: bind, torture, strangle )  After sending the floppy disk to the police they were able to track him down and capture him.

6

7 Chat History Advantages  You can talk to anyone online about whatever you want and not be judged.  You can feel safe behind a computer screen.  You can remain anonymous.  You can go by a nickname.  Its fun, free, quick, and easy.  Good for shy people.  Good for people who wants to learn new things about people all around the world.  People can empty out their souls without being under pressure.

8 Chat History Disadvantages  People can lie about their identity.  Can lead to a plethora of scams.  Lack of emotion.  Can be dangerous if the personal details are passed on.  Can go offline without warning.  Young ones could easily be fooled by older people.  Could be a place for foul language and cyber sex.

9 Summary  In this activity we learned that many sources of digital evidence can be used in solving a crime.  Almost ever crime involves a type of digital evidence. Without forensic experts and scientist, we wouldn’t be able to identify the criminals.  This class has been a great experience for us all and gave us a lot of new information and insights in this field. Thank you!

10 MY TEAM!!!

11 Allejah, Anu, Sophie, Tamara

12 Activity Three allowed us to copy a drive and obtain deleted files that had not yet been overwritten by the computer When a file is “deleted” it is put away from user view, but it still exists in the computer’s memory It will cease to exist when the computer replaces it with other data when storage is needed

13 The purpose of Activity Three was to make a copy of the contents of a flash drive We had to do this to preserve the original data on the drive It is important to keep the information untouched so that it can be used as evidence if needed – this is an integral principle of forensic analysis

14 Make an image of the drive from which you want to recover a file (create physical drive) – We used AccessData FTK Imager

15 Go through the copy of the evidence Identify which documents you would like to recover or access

16 Right-click on the deleted files that still retain data and export them to your hard drive

17 We exported the data into the Raw Destination Form The unallocated, or ‘empty’, space is very important to Forensic Analysts – it may contain deleted files which have not been replaced The data can be separated into files of varying size The hashes can indicate if the data is modified

18 Digital Forensics requires analysis of evidence stored using technology – either the hard drive or external storage The analysts cannot modify the original data, but by making a copy, they can look through the files and recover deleted files to be used as evidence.

19 Briana, Simone, Nikki, Nadia Activity Four

20

21

22 Activity Five Encryptor and Decryptor

23 Terminology  Encryption the process of encoding messages in such a way that hackers can not read it.  Decryption the process of converting ciphertext (encrypted data) into plaintext.  Algorithm mathematical steps to convert the plaintext into ciphertext.

24 Process

25 PKI Demo Applet

26 Encryption Decryption

27 Usages ●Make sensitive information harder to find and understand o For example, passwords on a database might be encrypted in case it get hacked o Encrypting the passwords also make it more complicated for hackers to know what the passwords are even if they find the database if they do not have the key ●Criminals can also use encryption to conceal incriminating evidence

28 Activity 6: Steganography Ann Tay Elizabeth Background from- http://www.gfi.com/blog/threats-steganography/

29 Steganography is hiding a secret message within a picture

30 Encryption can also be used when hiding messages in pictures. Encryption is the use of a variety of symbols and numbers to hide a message that can later be translated into plain English

31 Decryption is the process that is used to reverse encryption or translate the encrypted message back into plain text

32 Which picture has the hidden message?

33

34

35

36

37

38

39

40

Download ppt "Image Source: thecomputerforensics.info.  DAY ONE (Monday) › Lecture and TWO activities  Activity One : Who are you?  Activity Two : Digital Forensic."

Similar presentations

Cyber Safety By Georgia & Emily. The Internet Dos Remember to share guidelines with your students. If you are going to put names on the web make up nicknames.

Cyber Safety By Georgia & Emily. The Internet Dos Remember to share guidelines with your students. If you are going to put names on the web make up nicknames.
Computer Forensic Analysis By Aaron Cheeseman Excerpt from Investigating Computer-Related Crime By Peter Stephenson (2000) CRC Press LLC - Computer Crimes.

Computer Forensic Analysis By Aaron Cheeseman Excerpt from Investigating Computer-Related Crime By Peter Stephenson (2000) CRC Press LLC - Computer Crimes.
 Caesar used to encrypt his messages using a very simple algorithm, which could be easily decrypted if you know the key.  He would take each letter.

 Caesar used to encrypt his messages using a very simple algorithm, which could be easily decrypted if you know the key.  He would take each letter.
Effective Discovery Techniques In Computer Crime Cases.

Effective Discovery Techniques In Computer Crime Cases.
Computer Forensics By: Stephanie DeRoche Benjamin K. Ertley.

Computer Forensics By: Stephanie DeRoche Benjamin K. Ertley.
An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.

An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.
MD5 Summary and Computer Examination Process Introduction to Computer Forensics.

MD5 Summary and Computer Examination Process Introduction to Computer Forensics.
Guide to Computer Forensics and Investigations Fourth Edition

Guide to Computer Forensics and Investigations Fourth Edition
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
Chapter 3 Software Two major types of software

Chapter 3 Software Two major types of software
TrustPort Public Key Infrastructure. WWW.TRUSTPORT.COM Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Encryption Methods By: Michael A. Scott 20140508.

Encryption Methods By: Michael A. Scott
Operating System & Application Files BACS 371 Computer Forensics.

Operating System & Application Files BACS 371 Computer Forensics.
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
Applying Digital Forensic techniques to AIM Gareth Knight, FIDO Project Manager Anatomy Theatre & Museum, King’s College London 15 th August 2011.

Applying Digital Forensic techniques to AIM Gareth Knight, FIDO Project Manager Anatomy Theatre & Museum, King’s College London 15 th August 2011.
OS and Application Files BACS 371 Computer Forensics.

OS and Application Files BACS 371 Computer Forensics.
Capturing Computer Evidence Extracting Information.

Capturing Computer Evidence Extracting Information.
Microsoft Office 2010 - Illustrated Fundamentals Unit B: Understanding File Management.

Microsoft Office Illustrated Fundamentals Unit B: Understanding File Management.
Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.

Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.
Passwords, Encryption Forensic Tools

Passwords, Encryption Forensic Tools

Similar presentations

Ads by Google