Download presentation
Presentation is loading. Please wait.
Published byVerity Gilbert Modified over 9 years ago
1
Cyber Forensics From Data To Digital Evidence Book by - A. Marcella, F. Guillossou
2
The Role and Responsibility of a Cyber Forensic Investigator 1.Accurately report upon actions taken (warrants etc…) 2.To expertly identify, extract, and analyze data 3.Keep a detail log of procedures
3
As an Expert A Cyber Forensic Investigator who relies upon automated, generated results of a forensic software tool, without an in-depth knowledge of how the results have been achieved, is risky to your professional reputation but also to a successful outcome to the investigation.
4
Chapter Goals Take you from the very beginning of data being an electrical impulse to it becoming data to storage to potential evidence. As a Cyber Forensic Investigator, it is extremely important you understand this process.
5
Evolution of Bits and Bytes The evolution of bits and bytes into data and finally into human understanding text might be somewhat technical but not that hard.
6
The How, Where and Why We will be discussing the following: – How data become digital forensic evidence – Where to look for this evidence, buried beneath hundreds of million of bytes of data. – Why specific data may lead the investigator to the smoking gun.
7
In Court to Testify So when the lawyer questions you, and ask you “How did you identify the specific data you examined to reach your conclusion,” knowing the How’s, Where’s and Why’s and the theory and logic behind your answer will help you get favorable results.
8
Data Flow Intro. We will start small, in fact very small “bits & bytes” small. We will explain the following: – Bits & Bytes – Origin of Data – Data Storage – Boot Records – Partitions – Volumes – File Systems
9
Data Flow Intro. We will discuss how each of the topics are interrelated and essential in a cyber forensic investigation. The role each plays in an investigation and what type of evidential data may be identified within each of the areas. We will look at Cases involving forensics.
10
The Fundamentals of Data To be a professional in cyber forensics one must have a foundation rooted in: 1. Basics of information technology 2. Data Storage 3. Handling 4. Processing 5. How data is moved 6. How data is manipulated
11
Data is Evidence Understanding how evidence emerges from data is pivotal. One must articulate how evidence data was: 1.Identify 2.Collected 3.Processed
12
Cyber Forensic Investigator As a cyber forensic investigator, simply pressing buttons and checking options in a forensic software suite can create a potential liability. Understanding the “Life Cycle” of data is very important from its beginning as electronic bits, evolving into bytes characters, then words, finally emerging as a language, as information and eventually as evidence.
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.