Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Computer Forensics in Fighting Crimes

835 views

Published on

Published in: Technology
  • Be the first to comment

Computer Forensics in Fighting Crimes

  1. 1. Computer Forensics In Fighting Crimes Paul Umoren
  2. 2. OUTLINES DEFINITION OF COMPUTER FORENSICS COOMPUTER FORENSICS TECHNIGUES SCOPE OF COMPUTER FORENSIC COMPUTER FORENSICS PROCESS IMPORTANCE OF COMPUTER FORENSICS
  3. 3. ITEMS USE FOR EXAMINATION COMPUTER FORENSICS CASES COMMON MISTAKES MADE DURING A COMPUTER FORENSIC ANALYSIS CONCLUSION QUESTIONS REFERENCES
  4. 4. DEFINITION: This is the discovery, collection, and analysis of evidence found on computers and networks to investigate and establish faces in
  5. 5. COMPUTER FORENSICS TECHNIQUES: Cross-drive analysis: A forensic technique that correlates information found on multiple HDD Live analysis: The practice is useful when dealing with Encrypting File System and recovery of RAM data when the system was shutdown Deleted files: This is a common technique
  6. 6. TECHNIQUES CONTNUE: Analysis of chat logs: This involves the Analysis of log files Reviewing of trace nodes
  7. 7. SCOPE OF COMPUTER FORENSIC: It focuses on computers and networks for finding crimes evidence for government, private business and other sectors of organization. Computers: (examination of computer media, program, data & log files, Internet messaging conversation, internet chat, email, etc)
  8. 8. SCOPE CONTINUES: Networks: (analysis of server contents, server and router log files, packet traffic and information obtain from Internet access providers.) It is critical for Law enforcement as an evidence gathering and criminal investigation tool
  9. 9. COMPUTER FORENSICS PROCESS: Acquisition/Preserve the media (The original drives need be imaged, make copies of original) Extract evidence (this depends on the type of investigation,the specialist needs to determine what kind of information on the computer is pertinent to the case)
  10. 10. PROCESS CONTUNUES: Analysis: (The most tasking part, the information retrieve can be incriminating or exculpatory.) Reporting/Documentation: (Configuration of the computer and BIOS settings to every step taken and pertinent evidence that is found should be reported and
  11. 11. WHY COMPUTER FORENSICS? Computer forensics allows for the general integrity of your network infrastructure and ensures that your organization’s private information remains private. Protection From employee abuse, as well as protects your company from violating government regulations such as those rules regarding customer data privacy.
  12. 12. WHY COMPUTER FORENSICS? CONTS. CUT DOWN COST: (Working with professionals who have both technological and practical understandings of computer forensics and electronic discovery can also cut costs for your company) ANTITERRORISM :It is important as an antiterrorism tool for both criminal persecution and intelligent gathering.
  13. 13. COMPUTER FORENSICS TOOLS: The Forensics Recovery of Digital Evidence Guidance Software’s EnCase Ultimate Toolkit The FireChief hardware A portable Tableau write blocker attached to a Hard Drive
  14. 14. SOME ITEMS USE FOR EXAMINATION:
  15. 15. COMPUTER FORENSICS CASES : Soham murders The alibi of the killer was disproved when mobile phone records of the person he claimed to be with showed she was out of town at the time. BTK Killer(Dennis Rader was convicted of a string of serial killings that occurred over a period of sixteen years)
  16. 16. COMPUTER FORENSICS CASES CONTS. : Joseph E. Duncan III (Forensic investigators found a spreadsheet in which Duncan was planning his murders; this helped prove he was planning the crimes.) Sharon Lopatka (After going through hundreds of emails, investigators were able to find her killer, Robert Glass.)
  17. 17. COMPUTER FORENSICS CASES CONTS. : Dr. Conrad Murray (Michael Jackson’s doctor was convicted partially by digital evidence on his computer. This evidence included medical documentation showing lethal amounts of propofol.)
  18. 18. COMMON MISTAKES MADE DURING A COMPUTER FORENSIC ANALYSIS: Using the internal IT staff to conduct a computer forensics investigation Waiting until the last minute to perform a computer forensics exam Too narrowly limiting the scope of computer forensics
  19. 19. COMMON MISTAKES CONTINUES: Not being prepared to preserve electronic evidence Not selecting a qualified computer forensics team
  20. 20. COMPUTER FORENSIC CERTIFICATIONS: ISFCE Certified Computer Examine IACRB Certified Computer Forensics Examine IACIS offers the Certified Computer Forensic Examiner (CFCE) program. Asian School of Cyber Laws offers international level certifications in Digital Evidence Analysis and in Digital Forensic Investigation
  21. 21. CONCLUSION: Though this area is a bit new to some people in computing, but it is very important to battle cybercrimes in the society which is difficult to handle in the real world scenarios. Large companies should be able to train some of their IT staff in computer forensics which could become asset to the company.
  22. 22. QUESTIONS:
  23. 23. REFERENCES: Michael G. Noblett; Mark M. Pollitt, Lawrence A. Presley (October 2000). "Recovering and examining computer forensic evidence” Leigland, R (September 2004). "A Formalization of Digital Forensics". A Yasinsac; RF Erbacher, DG Marks, MM Pollitt (2003). "Computer forensics education". IEEE Security & Privacy. CiteSeerX: 10.1.1.1.9510. www.google.com Wikipedia, the free encyclopedia.htm Shelly, Cashman Vermaat (2006);Discovery Computers A

×