Computer Forensics in Fighting Crimes

on

  • 487 views

 

Statistics

Views

Total Views
487
Slideshare-icon Views on SlideShare
487
Embed Views
0

Actions

Likes
0
Downloads
47
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Computer Forensics in Fighting Crimes Computer Forensics in Fighting Crimes Presentation Transcript

    • Computer Forensics In Fighting Crimes Paul Umoren
    • OUTLINES DEFINITION OF COMPUTER FORENSICS COOMPUTER FORENSICS TECHNIGUES SCOPE OF COMPUTER FORENSIC COMPUTER FORENSICS PROCESS IMPORTANCE OF COMPUTER FORENSICS
    • ITEMS USE FOR EXAMINATION COMPUTER FORENSICS CASES COMMON MISTAKES MADE DURING A COMPUTER FORENSIC ANALYSIS CONCLUSION QUESTIONS REFERENCES
    • DEFINITION: This is the discovery, collection, and analysis of evidence found on computers and networks to investigate and establish faces in
    • COMPUTER FORENSICS TECHNIQUES: Cross-drive analysis: A forensic technique that correlates information found on multiple HDD Live analysis: The practice is useful when dealing with Encrypting File System and recovery of RAM data when the system was shutdown Deleted files: This is a common technique
    • TECHNIQUES CONTNUE: Analysis of chat logs: This involves the Analysis of log files Reviewing of trace nodes
    • SCOPE OF COMPUTER FORENSIC: It focuses on computers and networks for finding crimes evidence for government, private business and other sectors of organization. Computers: (examination of computer media, program, data & log files, Internet messaging conversation, internet chat, email, etc)
    • SCOPE CONTINUES: Networks: (analysis of server contents, server and router log files, packet traffic and information obtain from Internet access providers.) It is critical for Law enforcement as an evidence gathering and criminal investigation tool
    • COMPUTER FORENSICS PROCESS: Acquisition/Preserve the media (The original drives need be imaged, make copies of original) Extract evidence (this depends on the type of investigation,the specialist needs to determine what kind of information on the computer is pertinent to the case)
    • PROCESS CONTUNUES: Analysis: (The most tasking part, the information retrieve can be incriminating or exculpatory.) Reporting/Documentation: (Configuration of the computer and BIOS settings to every step taken and pertinent evidence that is found should be reported and
    • WHY COMPUTER FORENSICS? Computer forensics allows for the general integrity of your network infrastructure and ensures that your organization’s private information remains private. Protection From employee abuse, as well as protects your company from violating government regulations such as those rules regarding customer data privacy.
    • WHY COMPUTER FORENSICS? CONTS. CUT DOWN COST: (Working with professionals who have both technological and practical understandings of computer forensics and electronic discovery can also cut costs for your company) ANTITERRORISM :It is important as an antiterrorism tool for both criminal persecution and intelligent gathering.
    • COMPUTER FORENSICS TOOLS: The Forensics Recovery of Digital Evidence Guidance Software’s EnCase Ultimate Toolkit The FireChief hardware A portable Tableau write blocker attached to a Hard Drive
    • SOME ITEMS USE FOR EXAMINATION:
    • COMPUTER FORENSICS CASES : Soham murders The alibi of the killer was disproved when mobile phone records of the person he claimed to be with showed she was out of town at the time. BTK Killer(Dennis Rader was convicted of a string of serial killings that occurred over a period of sixteen years)
    • COMPUTER FORENSICS CASES CONTS. : Joseph E. Duncan III (Forensic investigators found a spreadsheet in which Duncan was planning his murders; this helped prove he was planning the crimes.) Sharon Lopatka (After going through hundreds of emails, investigators were able to find her killer, Robert Glass.)
    • COMPUTER FORENSICS CASES CONTS. : Dr. Conrad Murray (Michael Jackson’s doctor was convicted partially by digital evidence on his computer. This evidence included medical documentation showing lethal amounts of propofol.)
    • COMMON MISTAKES MADE DURING A COMPUTER FORENSIC ANALYSIS: Using the internal IT staff to conduct a computer forensics investigation Waiting until the last minute to perform a computer forensics exam Too narrowly limiting the scope of computer forensics
    • COMMON MISTAKES CONTINUES: Not being prepared to preserve electronic evidence Not selecting a qualified computer forensics team
    • COMPUTER FORENSIC CERTIFICATIONS: ISFCE Certified Computer Examine IACRB Certified Computer Forensics Examine IACIS offers the Certified Computer Forensic Examiner (CFCE) program. Asian School of Cyber Laws offers international level certifications in Digital Evidence Analysis and in Digital Forensic Investigation
    • CONCLUSION: Though this area is a bit new to some people in computing, but it is very important to battle cybercrimes in the society which is difficult to handle in the real world scenarios. Large companies should be able to train some of their IT staff in computer forensics which could become asset to the company.
    • QUESTIONS:
    • REFERENCES: Michael G. Noblett; Mark M. Pollitt, Lawrence A. Presley (October 2000). "Recovering and examining computer forensic evidence” Leigland, R (September 2004). "A Formalization of Digital Forensics". A Yasinsac; RF Erbacher, DG Marks, MM Pollitt (2003). "Computer forensics education". IEEE Security & Privacy. CiteSeerX: 10.1.1.1.9510. www.google.com Wikipedia, the free encyclopedia.htm Shelly, Cashman Vermaat (2006);Discovery Computers A