Presentation is loading. Please wait.

Presentation is loading. Please wait.

2005 Digital Forensic Research Workshop (DFRWS) New Orleans, LA Automatically Creating Realistic Targets for Digital Forensics Investigation  Frank Adelstein.

Published byMariah Curtis Modified over 9 years ago

Similar presentations

Presentation on theme: "2005 Digital Forensic Research Workshop (DFRWS) New Orleans, LA Automatically Creating Realistic Targets for Digital Forensics Investigation  Frank Adelstein."— Presentation transcript:

1 2005 Digital Forensic Research Workshop (DFRWS) New Orleans, LA Automatically Creating Realistic Targets for Digital Forensics Investigation  Frank Adelstein  ATC-NY  33 Thornwood Drive, Suite 500  Ithaca, NY 14850  Contact: frank@atc- nycorp.com frank@atc- nycorp.comfrank@atc- nycorp.com  Yun Gao  Golden G. Richard III Department of Computer Science University of New Orleans  New Orleans, LA 70148  Contact: golden@cs.uno.edu golden@cs.uno.edu August 17, 2005

2 2005 Digital Forensic Research Workshop (DFRWS) New Orleans, LA Abstract  The need for computer forensics education continues to grow.  An essential component of training is hands-on, realistic assignments.  Creating detailed, realistic lab is a difficult task.  FALCON (Framework for Laboratory exercises Conducted Over Networks)

3 2005 Digital Forensic Research Workshop (DFRWS) New Orleans, LA 1. Introduction  Keywords: computer forensics, computer security, education  Computer forensic training schools.  The weakness of the computer forensics education  FALCON cycle.

4 2005 Digital Forensic Research Workshop (DFRWS) New Orleans, LA Figure 1: FALCON and the lab development process

5 2005 Digital Forensic Research Workshop (DFRWS) New Orleans, LA 2. FALCON Architecture  2.1 Lab Creation Tool(LCT)  To automatically configure a set of target machines  Allow an instructor to carefully specify the types of activity.

6 2005 Digital Forensic Research Workshop (DFRWS) New Orleans, LA  2.2 Lab Execution Environment  To provide an interactive environment.  Set up scenarios on virtual target machines for the students to investigate.  Support the forensic investigation itself.  Logging the activities of the students.  OnLine DFS

7 2005 Digital Forensic Research Workshop (DFRWS) New Orleans, LA  2.3 Lab Evaluation Tool  Use to evaluate a laboratory exercise.  Help evaluate performance.  Provide details on what actions students took.  Use to gather information to gauge the level of difficulty of the lab. (e.g. time spent)

8 2005 Digital Forensic Research Workshop (DFRWS) New Orleans, LA 3. Preliminary Results  All students complete the assignments.

9 2005 Digital Forensic Research Workshop (DFRWS) New Orleans, LA Figure 2: Network configuration in proof-of-concept experiment.

10 2005 Digital Forensic Research Workshop (DFRWS) New Orleans, LA 4. Conclusions and Future Work  To provide adequate training to students of digital forensics.  An architecture for the creation, deployment, and evaluation of laboratory exercises to support education.  Future -To improve the education in digital forensics. -To improve the education in digital forensics. -To get feedback from the students. -To get feedback from the students.

11 2005 Digital Forensic Research Workshop (DFRWS) New Orleans, LA 5. References  [1]Sleuthkit and Autopsy, http://www.sleuthkit.org. http://www.sleuthkit.org. http://www.sleuthkit.org.  [2]Encase forensics software, http://www.encase.com. http://www.encase.com http://www.encase.com  [3]ForensicsToolkit(FTK), http://www.accessdata.com. http://www.accessdata.com http://www.accessdata.com  [4]iLook Investigator forensic software, http://www.ilook-forensics.org/. http://www.ilook-forensics.org/.  [5]SMART forensics software, http://www.asrdata.com/SMART/. http://www.asrdata.com/SMART/. http://www.asrdata.com/SMART/.  [6]F. Adelstein, “MFP: The Mobile Forensics Platform,” Proceedings of the 2002 Digital Forensics Research Workshop, http://www.dfrws.org. http://www.dfrws.org. http://www.dfrws.org.  [7]F. Adelstein, “MFP: The Mobile Forensic Platform,” International Journal of Digital Evidence, 2(1), 2003.  [8]E. Casey,Digital Evidence and Computer Crime, Academic Press, 2nd Edition, March 2004.  [9]E. Casey, Handbook of Computer Crime Investigation: Forensic Tools & Technology, Academic Press, October 2001, pp. 2-3.  [10]E. Casey, “Network traffic as a source of evidence: tool strengths, weak- nesses, and future needs,” Digital Investiga- tion, 1(1), Elsevier, 2004, pp. 28-43.  [11]P. Sealey, “Remote forensics,” Digi- tal Investigation, 1(4), Elsevier, 2004, pp. 261-265.

Download ppt "2005 Digital Forensic Research Workshop (DFRWS) New Orleans, LA Automatically Creating Realistic Targets for Digital Forensics Investigation  Frank Adelstein."

Similar presentations

INDIANAUNIVERSITYINDIANAUNIVERSITY GENI Global Environment for Network Innovation James Williams Director – International Networking Director – Operational.

INDIANAUNIVERSITYINDIANAUNIVERSITY GENI Global Environment for Network Innovation James Williams Director – International Networking Director – Operational.
5 th Annual Workshop on the Teaching Computer Forensics Virtualising Computer Forensics Dr. Jianming Cai Mr. Ayoola Afonja

5 th Annual Workshop on the Teaching Computer Forensics Virtualising Computer Forensics Dr. Jianming Cai Mr. Ayoola Afonja
Jillian Brown. Develop realistic, high quality case material for computer forensic investigations Suitably complex primary data Apply theoretical aspects.

Jillian Brown. Develop realistic, high quality case material for computer forensic investigations Suitably complex primary data Apply theoretical aspects.
Barry Spencer An introduction to the Moodle VLE Glossaries Assignments Editing Tracking Forums Resources Managing.

Barry Spencer An introduction to the Moodle VLE Glossaries Assignments Editing Tracking Forums Resources Managing.
Virtualisation and Visualisation – Improving Teaching and Learning in Computer Science Seán Duignan School of Science GMIT Tony Hall Education Department.

Virtualisation and Visualisation – Improving Teaching and Learning in Computer Science Seán Duignan School of Science GMIT Tony Hall Education Department.
Online Computer Based Tutorial

Online Computer Based Tutorial
COS/PSA 413 Day 3. Agenda Questions? Blackboard access? Assignment 1 due September 3:35PM –Hands-On Project 1-2 and 2-2 on page 26 of the text Finish.

COS/PSA 413 Day 3. Agenda Questions? Blackboard access? Assignment 1 due September 3:35PM –Hands-On Project 1-2 and 2-2 on page 26 of the text Finish.
Homeland Security Exercise and Evaluation Program HSEEP.

Homeland Security Exercise and Evaluation Program HSEEP.
Guide to Computer Forensics and Investigations, Second Edition

Guide to Computer Forensics and Investigations, Second Edition
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Review for Final Exam November 19, 2010.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Review for Final Exam November 19, 2010.
Transforming Delivery E-Learning for RTO’s What’s in it for you.

Transforming Delivery E-Learning for RTO’s What’s in it for you.
Breaking the Performance Wall: The Case for Distributed Digital Forensics Golden G. Richard III Associate Professor, Dept. of Computer Science, University.

Breaking the Performance Wall: The Case for Distributed Digital Forensics Golden G. Richard III Associate Professor, Dept. of Computer Science, University.
1.1 1 Introduction Foundations of Computer Science  Cengage Learning.

1.1 1 Introduction Foundations of Computer Science  Cengage Learning.
Kaseya Fundamentals Workshop Developed by Kaseya University Powered by IT Scholars Kaseya Version 6.5 Last updated March, 2014 DAY FOUR.

Kaseya Fundamentals Workshop Developed by Kaseya University Powered by IT Scholars Kaseya Version 6.5 Last updated March, 2014 DAY FOUR.
Introduction to the Atlas Platform Mobile & Pervasive Computing Laboratory Department of Computer and Information Sciences and Engineering University of.

Introduction to the Atlas Platform Mobile & Pervasive Computing Laboratory Department of Computer and Information Sciences and Engineering University of.
11 SECURITY TEMPLATES AND PLANNING Chapter 7. Chapter 7: SECURITY TEMPLATES AND PLANNING2 OVERVIEW  Understand the uses of security templates  Explain.

11 SECURITY TEMPLATES AND PLANNING Chapter 7. Chapter 7: SECURITY TEMPLATES AND PLANNING2 OVERVIEW  Understand the uses of security templates  Explain.
“Knowing Revisited” And that’s how we can move toward really knowing something: Richard Feynman on the Scientific Method.

“Knowing Revisited” And that’s how we can move toward really knowing something: Richard Feynman on the Scientific Method.
Chapter 22 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Applying Forensic Science to Networks.

Chapter 22 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Applying Forensic Science to Networks.
SOS EGEE ‘06 GGF Security Auditing Service: Draft Architecture Brian Tierney Dan Gunter Lawrence Berkeley National Laboratory Marty Humphrey University.

SOS EGEE ‘06 GGF Security Auditing Service: Draft Architecture Brian Tierney Dan Gunter Lawrence Berkeley National Laboratory Marty Humphrey University.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course August 24, 2011.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course August 24, 2011.

Similar presentations

Ads by Google