SlideShare a Scribd company logo

CSE4004_Module3_1.pptx

Download as PPTX, PDF
H
HARIKETSUKESHKUMARSH

Digital Forensics

Engineering
1 of 25
Digital Forensics Module 3 Processing Crime and Incident Scenes Dr. Nagaraj S V & Prof Seshu Babu Pulagara VIT Chennai
Digital Evidence  According to E.Casey “Digital evidence or electronic evidence is any probative information stored or transmitted in digital form that a party to a court case may use “ Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 2
Digital evidence sources E-mails  Digital images /photos Digital audio Digital Videos  ATM transaction logs  Word processor documents  Instant messages and their histories  Files saved from various programs Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 3
Databases  The contents of computer memory and memory storage devices such as hard disks, CDs, DVDs, USB drives, digital tapes, floppies Computer backups  Printouts Global Positioning System data  Logs from electronic door locks Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 4
 Spread sheets  Web browser logs  Mobile phone call logs  Computer programs/software  Data from handheld devices, peripheral devices (monitors, keyboards, mouse, memory sticks, thumb drives, zip disks), network devices  Answering machines Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 5
 Internet chat logs  CCTV / Digital/ Web cameras  Debit / credit /prepaid / smart cards  VOIP devices  Microphones  USB / Wi-fi / Bluetooth / NFC devices  Memory card readers  Fax machines  Scanners Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 6
 Network cards  Hubs  Modems  Network switches  Ethernet cables  Power supplies  Wireless access points  Wireless devices Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 7
 Photocopying machines  Routers  IP addresses  LAN / MAC / Network Interface Card addresses  Digital audio/video recorders  MP3 players  Video game consoles Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 8
 SIM Cards / SIM card readers  Smart watches  Satellite phones  Drones / UAVs  Sensors  Electronic pacemakers  IoT devices  Biometric identification devices: for fingerprint, hand geometry, iris, Voice Recognition, and facial recognition Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 9
 Servers  Magnetic stripe cards  Virtual machines  Cloud-based storage  Network-attached storage  Telecom equipment  Cell phone towers  Skimmers Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 10
 Social media  Wearables including activity trackers, body cams  Automated License Plate Readers  TASERs  Smart TVs  Baby monitors  Personal digital assistants  Keyloggers Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 11
 Electric power meters / Smart meters  Home / building automation systems  Home security systems  Video display devices, projectors, monitors  Tablets  SD cards / CF Cards  Computer chips  Pagers Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 12
 Hard drive duplicators  Videocassette recorders  Telephone caller ID units  Personal Computer Memory Card International Association (PCMCIA) cards  RAID devices  Mobile communication devices  External data storage devices Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 13
 Videotapes  Wireless network equipment  Web sites  Card readers  RFID tags Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 14
Digital evidence characteristics  Can be volatile (e.g. data in RAM)  Can be altered  Can be stored in digital form  May be transmitted in digital form  Can be erased / deleted/ destroyed Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 15
SWGDE  Scientific Working Group on Digital Evidence (SWGDE) sets standards for retrieving, maintaining, and analyzing digital evidence  https://www.swgde.org Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 16
Exercise  Identify tasks investigators must perform when working with digital evidence  Give examples of situations where original evidence can’t be used in courts.  Give examples of situations where additional technical expertise may be needed.  What is the initial-response field kit? What does it contain?  What is the extensive response field kit? What does it contain? Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 17
Exercise  Attorneys may challenge digital evidence. They may ask whether digital evidence was altered or damaged. How to prove that the evidence is authentic? Hint: The original creator of a Microsoft Word document can be identified by using file metadata  Discuss terminology such as Fourth Amendment, warrants, innocent information, limiting phrase, plain view doctrine Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 18
Exercise  Discuss the issues involved when collecting evidence from private sector incident scenes.  Discuss the issues involved when collecting evidence from public sector incident scenes.  Discuss the issues involved in seizing computers and digital devices.  Give guidelines for processing an incident scene. Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 19
 Discuss the steps involved in securing an incident scene.  Discuss the following questions to ask when acquiring evidence: (i) Is the computer switched on when you reach the scene? (ii) Is it necessary to take the whole computer and all computer peripherals and media devices in the vicinity? Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 20
 How to shield the computer and media devices from damage, danger, and destruction while carrying them to the lab?  Is the suspected perpetrator in the immediate vicinity of the computer or media device?  Is it probable that the suspect harmed or ruined the computer and media devices ?  Should the suspect be kept away from the computer? Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 21
Storing digital evidence  Often it becomes necessary to store digital evidence for a long time  Magnetic tapes can store for several years and are cheaper than other media such as CDs or DVDs, DVD-Rs, DVD+Rs, or DVD-RWs  The risk of technology becoming obsolete is high in the computer field. For e.g. floppy disks are no longer used widely Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 22
Safety tips  It is safer to have at least two copies of every image to avoid data loss  It is better to use different tools to produce the images  Limit access to lab and evidence storage area to prevent loss, damage, and alteration  Maintain the chain of custody for digital evidence  Document the evidence  Use evidence custody forms Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 23
 Validation of evidence can be done using checksums, hash functions, cyclic redundancy checks Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 24
References  Nelson, Amelia Philips, Christopher Steuart, “ Guide to Computer Forensics and Investigations”, Fifth Edition, 2015  Wikipedia Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 25

Recommended

Evidence and data
Evidence and dataEvidence and data
Evidence and data
Atul Rai
 
Introduction To Forensic Methodologies
Introduction To Forensic MethodologiesIntroduction To Forensic Methodologies
Introduction To Forensic Methodologies
Ledjit
 
Lecture #32: Digital Forensics : Evidence Handling, Validation and Reporting
Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingLecture #32: Digital Forensics : Evidence Handling, Validation and Reporting
Lecture #32: Digital Forensics : Evidence Handling, Validation and Reporting
Dr. Ramchandra Mangrulkar
 
What is Digital Forensics.docx
What is Digital Forensics.docxWhat is Digital Forensics.docx
What is Digital Forensics.docx
AliAshraf68199
 
Fundamental digital forensik
Fundamental digital forensikFundamental digital forensik
Fundamental digital forensik
newbie2019
 
76 s201924
76 s20192476 s201924
76 s201924
IJRAT
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Biometrics Technology Seminar Report.
Biometrics Technology Seminar Report.Biometrics Technology Seminar Report.
Biometrics Technology Seminar Report.
Pavan Kumar MT
 

Recommended

Evidence and data
Evidence and dataEvidence and data
Evidence and data
Atul Rai
 
Introduction To Forensic Methodologies
Introduction To Forensic MethodologiesIntroduction To Forensic Methodologies
Introduction To Forensic Methodologies
Ledjit
 
Lecture #32: Digital Forensics : Evidence Handling, Validation and Reporting
Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingLecture #32: Digital Forensics : Evidence Handling, Validation and Reporting
Lecture #32: Digital Forensics : Evidence Handling, Validation and Reporting
Dr. Ramchandra Mangrulkar
 
What is Digital Forensics.docx
What is Digital Forensics.docxWhat is Digital Forensics.docx
What is Digital Forensics.docx
AliAshraf68199
 
Fundamental digital forensik
Fundamental digital forensikFundamental digital forensik
Fundamental digital forensik
newbie2019
 
76 s201924
76 s20192476 s201924
76 s201924
IJRAT
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Biometrics Technology Seminar Report.
Biometrics Technology Seminar Report.Biometrics Technology Seminar Report.
Biometrics Technology Seminar Report.
Pavan Kumar MT
 
3170725_Unit-1.pptx
3170725_Unit-1.pptx3170725_Unit-1.pptx
3170725_Unit-1.pptx
YashPatel132112
 
IT_IN_JUD (4).ppt
IT_IN_JUD (4).pptIT_IN_JUD (4).ppt
IT_IN_JUD (4).ppt
RajKumarRai26
 
Cyber evidence at crime scene
Cyber evidence at crime sceneCyber evidence at crime scene
Cyber evidence at crime scene
Applied Forensic Research Sciences
 
3170725_Unit-1.pptx
3170725_Unit-1.pptx3170725_Unit-1.pptx
3170725_Unit-1.pptx
BhagyasriPatel2
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 
Book-Trusted-Digital-Repositories-APA-CDAC-2014
Book-Trusted-Digital-Repositories-APA-CDAC-2014Book-Trusted-Digital-Repositories-APA-CDAC-2014
Book-Trusted-Digital-Repositories-APA-CDAC-2014S V National Institute of Technology (SVNIT), Surat (NIT, Surat)
 
Digital forensics and Cyber Crime: Yesterday, Today & Tomorrow
Digital forensics and Cyber Crime: Yesterday, Today & TomorrowDigital forensics and Cyber Crime: Yesterday, Today & Tomorrow
Digital forensics and Cyber Crime: Yesterday, Today & Tomorrow
Pankaj Choudhary
 
IRJET- Fingerprint based Folder Lock
IRJET- Fingerprint based Folder LockIRJET- Fingerprint based Folder Lock
IRJET- Fingerprint based Folder Lock
IRJET Journal
 
Biometric System and Recognition Authentication and Security Issues
Biometric System and Recognition Authentication and Security IssuesBiometric System and Recognition Authentication and Security Issues
Biometric System and Recognition Authentication and Security Issues
ijtsrd
 
Digital forensics Steps
Digital forensics StepsDigital forensics Steps
Digital forensics Steps
gamemaker762
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic tools
Parsons Corporation
 
Conceptual Study of Mobile Forensics
Conceptual Study of Mobile ForensicsConceptual Study of Mobile Forensics
Conceptual Study of Mobile Forensics
ijtsrd
 
Computer forensics Slides
Computer forensics SlidesComputer forensics Slides
Computer forensics Slides
Varun Sehgal
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
Somya Johri
 
Digital forensic science and its scope manesh t
Digital forensic science and its scope manesh tDigital forensic science and its scope manesh t
Digital forensic science and its scope manesh t
Manesh T
 
Articulation
Articulation Articulation
Articulation butest
 
IRJET - Securing Aadhaar Details using Blockchain
IRJET - Securing Aadhaar Details using BlockchainIRJET - Securing Aadhaar Details using Blockchain
IRJET - Securing Aadhaar Details using Blockchain
IRJET Journal
 
IEA Presentation - Electronic Records & Electronic Evidence: Section 65B
IEA Presentation - Electronic Records & Electronic Evidence: Section 65BIEA Presentation - Electronic Records & Electronic Evidence: Section 65B
IEA Presentation - Electronic Records & Electronic Evidence: Section 65B
banerjeerohit
 
Electronic evidence
Electronic evidenceElectronic evidence
Electronic evidence
Ronak Karanpuria
 
Ict project (1)
Ict project (1)Ict project (1)
Ict project (1)
spy007s
 
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
ydteq
 
Automobile Management System Project Report.pdf
Automobile Management System Project Report.pdfAutomobile Management System Project Report.pdf
Automobile Management System Project Report.pdf
Kamal Acharya
 

More Related Content

Similar to CSE4004_Module3_1.pptx

3170725_Unit-1.pptx
3170725_Unit-1.pptx3170725_Unit-1.pptx
3170725_Unit-1.pptx
YashPatel132112
 
IT_IN_JUD (4).ppt
IT_IN_JUD (4).pptIT_IN_JUD (4).ppt
IT_IN_JUD (4).ppt
RajKumarRai26
 
Cyber evidence at crime scene
Cyber evidence at crime sceneCyber evidence at crime scene
Cyber evidence at crime scene
Applied Forensic Research Sciences
 
3170725_Unit-1.pptx
3170725_Unit-1.pptx3170725_Unit-1.pptx
3170725_Unit-1.pptx
BhagyasriPatel2
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 
Digital forensics and Cyber Crime: Yesterday, Today & Tomorrow
Digital forensics and Cyber Crime: Yesterday, Today & TomorrowDigital forensics and Cyber Crime: Yesterday, Today & Tomorrow
Digital forensics and Cyber Crime: Yesterday, Today & Tomorrow
Pankaj Choudhary
 
IRJET- Fingerprint based Folder Lock
IRJET- Fingerprint based Folder LockIRJET- Fingerprint based Folder Lock
IRJET- Fingerprint based Folder Lock
IRJET Journal
 
Biometric System and Recognition Authentication and Security Issues
Biometric System and Recognition Authentication and Security IssuesBiometric System and Recognition Authentication and Security Issues
Biometric System and Recognition Authentication and Security Issues
ijtsrd
 
Digital forensics Steps
Digital forensics StepsDigital forensics Steps
Digital forensics Steps
gamemaker762
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic tools
Parsons Corporation
 
Conceptual Study of Mobile Forensics
Conceptual Study of Mobile ForensicsConceptual Study of Mobile Forensics
Conceptual Study of Mobile Forensics
ijtsrd
 
Computer forensics Slides
Computer forensics SlidesComputer forensics Slides
Computer forensics Slides
Varun Sehgal
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
Somya Johri
 
Digital forensic science and its scope manesh t
Digital forensic science and its scope manesh tDigital forensic science and its scope manesh t
Digital forensic science and its scope manesh t
Manesh T
 
Articulation
Articulation Articulation
Articulation butest
 
IRJET - Securing Aadhaar Details using Blockchain
IRJET - Securing Aadhaar Details using BlockchainIRJET - Securing Aadhaar Details using Blockchain
IRJET - Securing Aadhaar Details using Blockchain
IRJET Journal
 
IEA Presentation - Electronic Records & Electronic Evidence: Section 65B
IEA Presentation - Electronic Records & Electronic Evidence: Section 65BIEA Presentation - Electronic Records & Electronic Evidence: Section 65B
IEA Presentation - Electronic Records & Electronic Evidence: Section 65B
banerjeerohit
 
Electronic evidence
Electronic evidenceElectronic evidence
Electronic evidence
Ronak Karanpuria
 
Ict project (1)
Ict project (1)Ict project (1)
Ict project (1)
spy007s
 

Similar to CSE4004_Module3_1.pptx (20)

3170725_Unit-1.pptx
3170725_Unit-1.pptx3170725_Unit-1.pptx
3170725_Unit-1.pptx
 
IT_IN_JUD (4).ppt
IT_IN_JUD (4).pptIT_IN_JUD (4).ppt
IT_IN_JUD (4).ppt
 
Cyber evidence at crime scene
Cyber evidence at crime sceneCyber evidence at crime scene
Cyber evidence at crime scene
 
3170725_Unit-1.pptx
3170725_Unit-1.pptx3170725_Unit-1.pptx
3170725_Unit-1.pptx
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensics
 
Book-Trusted-Digital-Repositories-APA-CDAC-2014
Book-Trusted-Digital-Repositories-APA-CDAC-2014Book-Trusted-Digital-Repositories-APA-CDAC-2014
Book-Trusted-Digital-Repositories-APA-CDAC-2014
 
Digital forensics and Cyber Crime: Yesterday, Today & Tomorrow
Digital forensics and Cyber Crime: Yesterday, Today & TomorrowDigital forensics and Cyber Crime: Yesterday, Today & Tomorrow
Digital forensics and Cyber Crime: Yesterday, Today & Tomorrow
 
IRJET- Fingerprint based Folder Lock
IRJET- Fingerprint based Folder LockIRJET- Fingerprint based Folder Lock
IRJET- Fingerprint based Folder Lock
 
Biometric System and Recognition Authentication and Security Issues
Biometric System and Recognition Authentication and Security IssuesBiometric System and Recognition Authentication and Security Issues
Biometric System and Recognition Authentication and Security Issues
 
Digital forensics Steps
Digital forensics StepsDigital forensics Steps
Digital forensics Steps
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic tools
 
Conceptual Study of Mobile Forensics
Conceptual Study of Mobile ForensicsConceptual Study of Mobile Forensics
Conceptual Study of Mobile Forensics
 
Computer forensics Slides
Computer forensics SlidesComputer forensics Slides
Computer forensics Slides
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
 
Digital forensic science and its scope manesh t
Digital forensic science and its scope manesh tDigital forensic science and its scope manesh t
Digital forensic science and its scope manesh t
 
Articulation
Articulation Articulation
Articulation
 
IRJET - Securing Aadhaar Details using Blockchain
IRJET - Securing Aadhaar Details using BlockchainIRJET - Securing Aadhaar Details using Blockchain
IRJET - Securing Aadhaar Details using Blockchain
 
IEA Presentation - Electronic Records & Electronic Evidence: Section 65B
IEA Presentation - Electronic Records & Electronic Evidence: Section 65BIEA Presentation - Electronic Records & Electronic Evidence: Section 65B
IEA Presentation - Electronic Records & Electronic Evidence: Section 65B
 
Electronic evidence
Electronic evidenceElectronic evidence
Electronic evidence
 
Ict project (1)
Ict project (1)Ict project (1)
Ict project (1)
 

Recently uploaded

一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
ydteq
 
Automobile Management System Project Report.pdf
Automobile Management System Project Report.pdfAutomobile Management System Project Report.pdf
Automobile Management System Project Report.pdf
Kamal Acharya
 
WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234
AafreenAbuthahir2
 
Vaccine management system project report documentation..pdf
Vaccine management system project report documentation..pdfVaccine management system project report documentation..pdf
Vaccine management system project report documentation..pdf
Kamal Acharya
 
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
MdTanvirMahtab2
 
TECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSE
TECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSETECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSE
TECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSE
DuvanRamosGarzon1
 
Forklift Classes Overview by Intella Parts
Forklift Classes Overview by Intella PartsForklift Classes Overview by Intella Parts
Forklift Classes Overview by Intella Parts
Intella Parts
 
shape functions of 1D and 2 D rectangular elements.pptx
shape functions of 1D and 2 D rectangular elements.pptxshape functions of 1D and 2 D rectangular elements.pptx
shape functions of 1D and 2 D rectangular elements.pptx
VishalDeshpande27
 
Standard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - NeometrixStandard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - Neometrix
Neometrix_Engineering_Pvt_Ltd
 
LIGA(E)11111111111111111111111111111111111111111.ppt
LIGA(E)11111111111111111111111111111111111111111.pptLIGA(E)11111111111111111111111111111111111111111.ppt
LIGA(E)11111111111111111111111111111111111111111.ppt
ssuser9bd3ba
 
calpeda Water Efficient and Effective Pump.pptx
calpeda Water Efficient and Effective Pump.pptxcalpeda Water Efficient and Effective Pump.pptx
calpeda Water Efficient and Effective Pump.pptx
calpedapumpindia
 
Gen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdfGen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdf
gdsczhcet
 
Online blood donation management system project.pdf
Online blood donation management system project.pdfOnline blood donation management system project.pdf
Online blood donation management system project.pdf
Kamal Acharya
 
road safety engineering r s e unit 3.pdf
road safety engineering r s e unit 3.pdfroad safety engineering r s e unit 3.pdf
road safety engineering r s e unit 3.pdf
VENKATESHvenky89705
 
İTÜ CAD and Reverse Engineering Workshop
İTÜ CAD and Reverse Engineering WorkshopİTÜ CAD and Reverse Engineering Workshop
İTÜ CAD and Reverse Engineering Workshop
Emre Günaydın
 
Event Management System Vb Net Project Report.pdf
Event Management System Vb Net Project Report.pdfEvent Management System Vb Net Project Report.pdf
Event Management System Vb Net Project Report.pdf
Kamal Acharya
 
Cosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdfCosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdf
Kamal Acharya
 
Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptx
Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptxCloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptx
Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptx
Md. Shahidul Islam Prodhan
 
Chat application through client server management system project.pdf
Chat application through client server management system project.pdfChat application through client server management system project.pdf
Chat application through client server management system project.pdf
Kamal Acharya
 
Scaling in conventional MOSFET for constant electric field and constant voltage
Scaling in conventional MOSFET for constant electric field and constant voltageScaling in conventional MOSFET for constant electric field and constant voltage
Scaling in conventional MOSFET for constant electric field and constant voltage
RCC Institute of Information Technology
 

Recently uploaded (20)

一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
 
Automobile Management System Project Report.pdf
Automobile Management System Project Report.pdfAutomobile Management System Project Report.pdf
Automobile Management System Project Report.pdf
 
WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234
 
Vaccine management system project report documentation..pdf
Vaccine management system project report documentation..pdfVaccine management system project report documentation..pdf
Vaccine management system project report documentation..pdf
 
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
 
TECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSE
TECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSETECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSE
TECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSE
 
Forklift Classes Overview by Intella Parts
Forklift Classes Overview by Intella PartsForklift Classes Overview by Intella Parts
Forklift Classes Overview by Intella Parts
 
shape functions of 1D and 2 D rectangular elements.pptx
shape functions of 1D and 2 D rectangular elements.pptxshape functions of 1D and 2 D rectangular elements.pptx
shape functions of 1D and 2 D rectangular elements.pptx
 
Standard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - NeometrixStandard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - Neometrix
 
LIGA(E)11111111111111111111111111111111111111111.ppt
LIGA(E)11111111111111111111111111111111111111111.pptLIGA(E)11111111111111111111111111111111111111111.ppt
LIGA(E)11111111111111111111111111111111111111111.ppt
 
calpeda Water Efficient and Effective Pump.pptx
calpeda Water Efficient and Effective Pump.pptxcalpeda Water Efficient and Effective Pump.pptx
calpeda Water Efficient and Effective Pump.pptx
 
Gen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdfGen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdf
 
Online blood donation management system project.pdf
Online blood donation management system project.pdfOnline blood donation management system project.pdf
Online blood donation management system project.pdf
 
road safety engineering r s e unit 3.pdf
road safety engineering r s e unit 3.pdfroad safety engineering r s e unit 3.pdf
road safety engineering r s e unit 3.pdf
 
İTÜ CAD and Reverse Engineering Workshop
İTÜ CAD and Reverse Engineering WorkshopİTÜ CAD and Reverse Engineering Workshop
İTÜ CAD and Reverse Engineering Workshop
 
Event Management System Vb Net Project Report.pdf
Event Management System Vb Net Project Report.pdfEvent Management System Vb Net Project Report.pdf
Event Management System Vb Net Project Report.pdf
 
Cosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdfCosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdf
 
Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptx
Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptxCloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptx
Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptx
 
Chat application through client server management system project.pdf
Chat application through client server management system project.pdfChat application through client server management system project.pdf
Chat application through client server management system project.pdf
 
Scaling in conventional MOSFET for constant electric field and constant voltage
Scaling in conventional MOSFET for constant electric field and constant voltageScaling in conventional MOSFET for constant electric field and constant voltage
Scaling in conventional MOSFET for constant electric field and constant voltage
 

CSE4004_Module3_1.pptx

  • 1. Digital Forensics Module 3 Processing Crime and Incident Scenes Dr. Nagaraj S V & Prof Seshu Babu Pulagara VIT Chennai
  • 2. Digital Evidence  According to E.Casey “Digital evidence or electronic evidence is any probative information stored or transmitted in digital form that a party to a court case may use “ Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 2
  • 3. Digital evidence sources E-mails  Digital images /photos Digital audio Digital Videos  ATM transaction logs  Word processor documents  Instant messages and their histories  Files saved from various programs Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 3
  • 4. Databases  The contents of computer memory and memory storage devices such as hard disks, CDs, DVDs, USB drives, digital tapes, floppies Computer backups  Printouts Global Positioning System data  Logs from electronic door locks Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 4
  • 5.  Spread sheets  Web browser logs  Mobile phone call logs  Computer programs/software  Data from handheld devices, peripheral devices (monitors, keyboards, mouse, memory sticks, thumb drives, zip disks), network devices  Answering machines Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 5
  • 6.  Internet chat logs  CCTV / Digital/ Web cameras  Debit / credit /prepaid / smart cards  VOIP devices  Microphones  USB / Wi-fi / Bluetooth / NFC devices  Memory card readers  Fax machines  Scanners Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 6
  • 7.  Network cards  Hubs  Modems  Network switches  Ethernet cables  Power supplies  Wireless access points  Wireless devices Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 7
  • 8.  Photocopying machines  Routers  IP addresses  LAN / MAC / Network Interface Card addresses  Digital audio/video recorders  MP3 players  Video game consoles Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 8
  • 9.  SIM Cards / SIM card readers  Smart watches  Satellite phones  Drones / UAVs  Sensors  Electronic pacemakers  IoT devices  Biometric identification devices: for fingerprint, hand geometry, iris, Voice Recognition, and facial recognition Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 9
  • 10.  Servers  Magnetic stripe cards  Virtual machines  Cloud-based storage  Network-attached storage  Telecom equipment  Cell phone towers  Skimmers Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 10
  • 11.  Social media  Wearables including activity trackers, body cams  Automated License Plate Readers  TASERs  Smart TVs  Baby monitors  Personal digital assistants  Keyloggers Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 11
  • 12.  Electric power meters / Smart meters  Home / building automation systems  Home security systems  Video display devices, projectors, monitors  Tablets  SD cards / CF Cards  Computer chips  Pagers Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 12
  • 13.  Hard drive duplicators  Videocassette recorders  Telephone caller ID units  Personal Computer Memory Card International Association (PCMCIA) cards  RAID devices  Mobile communication devices  External data storage devices Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 13
  • 14.  Videotapes  Wireless network equipment  Web sites  Card readers  RFID tags Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 14
  • 15. Digital evidence characteristics  Can be volatile (e.g. data in RAM)  Can be altered  Can be stored in digital form  May be transmitted in digital form  Can be erased / deleted/ destroyed Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 15
  • 16. SWGDE  Scientific Working Group on Digital Evidence (SWGDE) sets standards for retrieving, maintaining, and analyzing digital evidence  https://www.swgde.org Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 16
  • 17. Exercise  Identify tasks investigators must perform when working with digital evidence  Give examples of situations where original evidence can’t be used in courts.  Give examples of situations where additional technical expertise may be needed.  What is the initial-response field kit? What does it contain?  What is the extensive response field kit? What does it contain? Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 17
  • 18. Exercise  Attorneys may challenge digital evidence. They may ask whether digital evidence was altered or damaged. How to prove that the evidence is authentic? Hint: The original creator of a Microsoft Word document can be identified by using file metadata  Discuss terminology such as Fourth Amendment, warrants, innocent information, limiting phrase, plain view doctrine Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 18
  • 19. Exercise  Discuss the issues involved when collecting evidence from private sector incident scenes.  Discuss the issues involved when collecting evidence from public sector incident scenes.  Discuss the issues involved in seizing computers and digital devices.  Give guidelines for processing an incident scene. Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 19
  • 20.  Discuss the steps involved in securing an incident scene.  Discuss the following questions to ask when acquiring evidence: (i) Is the computer switched on when you reach the scene? (ii) Is it necessary to take the whole computer and all computer peripherals and media devices in the vicinity? Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 20
  • 21.  How to shield the computer and media devices from damage, danger, and destruction while carrying them to the lab?  Is the suspected perpetrator in the immediate vicinity of the computer or media device?  Is it probable that the suspect harmed or ruined the computer and media devices ?  Should the suspect be kept away from the computer? Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 21
  • 22. Storing digital evidence  Often it becomes necessary to store digital evidence for a long time  Magnetic tapes can store for several years and are cheaper than other media such as CDs or DVDs, DVD-Rs, DVD+Rs, or DVD-RWs  The risk of technology becoming obsolete is high in the computer field. For e.g. floppy disks are no longer used widely Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 22
  • 23. Safety tips  It is safer to have at least two copies of every image to avoid data loss  It is better to use different tools to produce the images  Limit access to lab and evidence storage area to prevent loss, damage, and alteration  Maintain the chain of custody for digital evidence  Document the evidence  Use evidence custody forms Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 23
  • 24.  Validation of evidence can be done using checksums, hash functions, cyclic redundancy checks Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 24
  • 25. References  Nelson, Amelia Philips, Christopher Steuart, “ Guide to Computer Forensics and Investigations”, Fifth Edition, 2015  Wikipedia Dr.Nagaraj S V & Prof Seshu Babu Pulagara, VIT Chennai 25