Presentation is loading. Please wait.

Presentation is loading. Please wait.

Image Source: thecomputerforensics.info.  DAY ONE (Monday) › Lecture and TWO activities  Activity One : Who are you?  Activity Two : Digital Forensic.

Similar presentations


Presentation on theme: "Image Source: thecomputerforensics.info.  DAY ONE (Monday) › Lecture and TWO activities  Activity One : Who are you?  Activity Two : Digital Forensic."— Presentation transcript:

1 Image Source: thecomputerforensics.info

2  DAY ONE (Monday) › Lecture and TWO activities  Activity One : Who are you?  Activity Two : Digital Forensic Cases  DAY TWO (Tuesday) › Lecture and ONE activity  Activity Three : Acquiring an Image of Evidence Media and Recovering a Deleted File  DAY THREE (Wednesday) › Lecture and THREE activities  Activity Four : Cookies and Grabbing Passwords with Wireshark  Activity Five : Encryptor and Decryptor  Activity Six: Steganography  DAY FOUR (Thursday)  Activity Seven: Digital Photo Scavenger Hunt  Activity Eight: Writing a wrap-up report  Activity Nine : Preparing the Friday Presentation  DAY Five (Friday)  Presentation in the closing session Summer Bridge Program at Radford University 2

3 Activity Two By: Aqurra C., Autumn P., Que J., Tiyana M.

4 BTK Killer  In January 1975, he killed four family members: Joseph Otero, 38/ Julie (his wife), 34/ Joseph II and Josephine (his two kids), 9 and 11  Over 15 years killed 6 other females  He killed his 4 family members by strangling them and then took a radio and watch

5 More About BTK Killer  In 1974 he started to go under the name BTK Strangler and he sent teases to the police about his killings (BTK: bind, torture, strangle )  After sending the floppy disk to the police they were able to track him down and capture him.

6

7 Chat History Advantages  You can talk to anyone online about whatever you want and not be judged.  You can feel safe behind a computer screen.  You can remain anonymous.  You can go by a nickname.  Its fun, free, quick, and easy.  Good for shy people.  Good for people who wants to learn new things about people all around the world.  People can empty out their souls without being under pressure.

8 Chat History Disadvantages  People can lie about their identity.  Can lead to a plethora of scams.  Lack of emotion.  Can be dangerous if the personal details are passed on.  Can go offline without warning.  Young ones could easily be fooled by older people.  Could be a place for foul language and cyber sex.

9 Summary  In this activity we learned that many sources of digital evidence can be used in solving a crime.  Almost ever crime involves a type of digital evidence. Without forensic experts and scientist, we wouldn’t be able to identify the criminals.  This class has been a great experience for us all and gave us a lot of new information and insights in this field. Thank you!

10 MY TEAM!!!

11 Allejah, Anu, Sophie, Tamara

12 Activity Three allowed us to copy a drive and obtain deleted files that had not yet been overwritten by the computer When a file is “deleted” it is put away from user view, but it still exists in the computer’s memory It will cease to exist when the computer replaces it with other data when storage is needed

13 The purpose of Activity Three was to make a copy of the contents of a flash drive We had to do this to preserve the original data on the drive It is important to keep the information untouched so that it can be used as evidence if needed – this is an integral principle of forensic analysis

14 Make an image of the drive from which you want to recover a file (create physical drive) – We used AccessData FTK Imager

15 Go through the copy of the evidence Identify which documents you would like to recover or access

16 Right-click on the deleted files that still retain data and export them to your hard drive

17 We exported the data into the Raw Destination Form The unallocated, or ‘empty’, space is very important to Forensic Analysts – it may contain deleted files which have not been replaced The data can be separated into files of varying size The hashes can indicate if the data is modified

18 Digital Forensics requires analysis of evidence stored using technology – either the hard drive or external storage The analysts cannot modify the original data, but by making a copy, they can look through the files and recover deleted files to be used as evidence.

19 Briana, Simone, Nikki, Nadia Activity Four

20

21

22 Activity Five Encryptor and Decryptor

23 Terminology  Encryption the process of encoding messages in such a way that hackers can not read it.  Decryption the process of converting ciphertext (encrypted data) into plaintext.  Algorithm mathematical steps to convert the plaintext into ciphertext.

24 Process

25 PKI Demo Applet

26 Encryption Decryption

27 Usages ●Make sensitive information harder to find and understand o For example, passwords on a database might be encrypted in case it get hacked o Encrypting the passwords also make it more complicated for hackers to know what the passwords are even if they find the database if they do not have the key ●Criminals can also use encryption to conceal incriminating evidence

28 Activity 6: Steganography Ann Tay Elizabeth Background from- http://www.gfi.com/blog/threats-steganography/

29 Steganography is hiding a secret message within a picture

30 Encryption can also be used when hiding messages in pictures. Encryption is the use of a variety of symbols and numbers to hide a message that can later be translated into plain English

31 Decryption is the process that is used to reverse encryption or translate the encrypted message back into plain text

32 Which picture has the hidden message?

33

34

35

36

37

38

39

40


Download ppt "Image Source: thecomputerforensics.info.  DAY ONE (Monday) › Lecture and TWO activities  Activity One : Who are you?  Activity Two : Digital Forensic."

Similar presentations


Ads by Google