Your SlideShare is downloading. ×
Computer forensics and ubiquitous computing
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Computer forensics and ubiquitous computing

614
views

Published on

My 2009 presentation on computer forensics and ubiquitous computing.

My 2009 presentation on computer forensics and ubiquitous computing.


0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
614
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
46
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Computer Forensics
  • 2. What is Computer Forensics? It is the act to determine legal evidence found in computers and digital storage mediums through the use of specialized computer investigation and analysis techniques.
  • 3. How is it useful? Collect evidence against suspects of crime. find terrorists Analyze after intrusions learn to defend against them next time  Recover data  Understand how some computer systems works
  • 4. Example of CF? Dennis Lynn Rader, an American serial killer who murdered 10 people between 1974 and 1991. Convicted through evidence found in a floppy disk.
  • 5. Types of CF? Static Live Permanent data Volatile data e.g.  e.g. Hard drive  RAM Flash memory  Live network CD
  • 6. How CF works?  
  • 7. CF Methodologies? No standard methodology for conducting CF. Mark Reith, Clint Carr & Gregg Gunsch 2002 model:   "Never touch, change, or alter anything until it has been documented, identified, measured, and photographed . . . when a body or article has been moved, it can never be restored to its original position."
  • 8. CF Tools? Software Hardware Utilities, editors,  Forensic Workstations, password recovery, Devices readers, cables, imagery, etc. etc. Alphabetical List of High Tech Crime Computer Forensics Institute, Inc Products Alphabetical list of links to manufacturers, suppliers, and products
  • 9. What is Ubiquitous Computing?  Ubiquitous being present everywhere at once; omnipresent;  universal  Computing use of computers
  • 10. Problems of CF with UC? Increased variety of platforms (dimensions) File systems, physical connections, encryption, time, place, etc Increased quantity of data (depth of dimensions) More tedious to find the specific data Increased number of data dimensions and the depth of the dimension itself led to more ways to hide data and more difficult to detect the data. (++|dn|)++|D| = n Exp(++|universe|)  The curse of dimensionality?
  • 11. How will CF evolve? "As the ways to store and transit data increases, the ways of CF also increases." Technological Social More variety and  Awareness towards sophistication of tools computer security More methodologies  Confidentiality of More laws observed information Faster computer  Laws for CF to obtain devices information
  • 12. Concerns for future of CF? More negative publicity Attracting other cyber-attackers Inviting the ridicule of enemies of CF Undermining the confidence of their customers, suppliers, and investors Growing sophistication and stealth of cyber criminal activities Much harder to detect than crimes in the physical world Often insiders and international involvement Indirectly through various hiding techniques Botnets Information hiding: steganography, covert channel, etc Anonymity proxies
  • 13. Current open problems in CF? Unavailability of Legal Framework  Lack of unified guidelines for the evidence collection and presentation  Evidence acceptable in one country may not be in another Gives way to international crimes  Lack of technical knowledge  Judge may not have relevant computer knowledge hence may not understand the evidences
  • 14. Possible solutions? Seek help from international organisations with high authorit, to establish unified legal framework E.g. ISO, UN Increase public awareness of computer security Find ways to get those information to the masses
  • 15. References Mark Reith, C. C., Gregg Gunsch (2002). "An Examination of Digital Forensic Models." International Journal of Digital Evidence 1(3). Dennis Rader. (2009, December 9). In Wikipedia, The Free Encyclopedia. Retrieved 03:28, December 11, 2009, from http://en.wikipedia.org/w/index.php? title=Dennis_Rader&oldid=330665164 Vacca, John R. Computer Forensics : Computer Crime Scene Investigation (2nd Edition).Boston, MA, USA: Course Technolgy, 2005. p xxv.    
  • 16. Questions or suggestions?