SlideShare a Scribd company logo
1 of 25
Download to read offline
Intro to Computer Forensics
Mr. Islahuddin Jalal
MS (Cyber Security) – UKM Malaysia
Research Title – 3C-CSIRT Model for Afghanistan
BAKHTAR UNIVERSITY ‫باخترپوهنتون‬ ‫د‬
Outline
• Computer forensics
• Evolution, objective, advantages and disadvantages of CF
• Forensics Readiness Planning
• Cybercrime and its types
• Cybercrime investigation
Forensics Science
• Forensics Science is a science which proves to a court that the suspected
was involved or not, in the criminal activities, in order to find out the truth
that injustice shall not be occurred.
• Application of physical sciences to law
• in the search for truth in
• civil,
• criminal,
• and social behavioral matters
• In order to end that injustice shall not be done to any member of society. [CHFI]
• To prove that a person was present or not at the place of crime
Computer Forensics
• It is the combination of law and computer science
• Computer forensics is a process of gathering related data or
information from the digital appliances involved in the crime and
preserved those data or information in a way that is acceptable to
court of law.
• A methodical series of techniques and procedures for gathering
evidence, from computing equipment and various storage devices
and digital media that can be presented in a court of law in a
coherent and meaningful format. [Dr. H.B. Wolfe]
Computer Forensics
• Forensics computing is thee science of capturing, processing, and
investigating data from computers using a methodology whereby any
evidence discovered is acceptable in a court of law. [CHFI]
• The preservation, identification, extraction, interpretation, and
documentation of computer evidence, to include the rules of
evidence, legal processes, integrity of evidence, factual reporting of
the information found, and providing of expert opinion in a court of
law or other legal and/or administrative proceeding as to what was
found [CSI]
Aspects of Organizational Security [CHFI]
Evolution of Computer Forensics
• Francis Galton (1982 – 1911): Made the first recorded study of fingerprints
• Leone Lattes (1887 – 1954): Discovered Blood groupings
• Calvin Goddard (1891 – 1955): allowed firearms and bullet comparison for
solving many pending court cases
• Albert Osborn (1858 – 1946): Developed essential feature of document
examination
• Hans Gross (1847 – 1915): Made use of scientific study to head criminal
investigations
• FBI (1932): A lab was set up to provide forensics services to all field agents
and other law authorities across the country.
Evolution of Computer Forensics [CHFI]
Objective of Computer Forensics
• To find out the criminal which is directly or indirectly related to cyber
region.
• To recover, analyze and preserve computer and related materials in
such a way that they can be presented as evidence in a court of law.
• To identify the evidence quickly, estimate the potential impact of the
malicious activity on the victim, and assess the intent and identity of
the perpetrator.
Advantages of Computer Forensics
• Help to protect from and solve cases involving
• Theft of intellectual property
• This is related to any act that allows access to customer data and any confidential
information
• Financial Fraud
• This is related to anything that uses fraudulent purchase of victims information to
conduct fraudulent transactions.
Disadvantages of Computer Forensics
• Digital evidence accepted into court must prove that there is no
tampering
• Costs
• Producing electronic records and preserving them is extremely costly
• Legal practitioners must have extensive computer knowledge
Need for Computer Forensics [CHFI]
Forensics Readiness?
• It is defined as the ability of an organization to maximize its potential
to use digital evidence whilst minimizing the costs of an investigation.
Benefits of Forensics Readiness [CHFI]
• Evidence can be gathered to act in the company’s defense if subject to a
law suit
• In the event of a major incident, a fast and efficient investigation can be
conducted and corresponding actions can be followed with minimal
disruption to the business.
• Forensics readiness can extend the target of information security to the
wider threat from cybercrime such as intellectual property protection,
fraud, or extortion.
• Fixed and structured approach for storage of evidence can considerably
reduce the expense and time of an internal investigation
• It can improve and simplify law enforcement interface
• In case of a major incident, proper and in-depth investigation can be
conducted
Goals of Forensics Readiness [CHFI]
Forensics Readiness Planning
1) Define the business states that need digital evidence
2) Identify the potential evidence available
3) Determine the evidence collection requirement
4) Decide the procedure for securely collecting the evidence that meets the
requirement in a forensically sound manner
5) Establish a policy for securely handling and storing the collected evidence
6) Ensure that the observation process is aimed to detect and prevent the
important incidents
7) Ensure investigative staff are capable to complete any task related to handling
and preserving the evidence
8) Document all the activities performed and their impact
9) Ensure authorized review to facilitate action in response to the incident
Cyber Crime
• Cyber crime is an illegal action against any entity using computer, its
systems and its applications.
• Crime directed against a computer
• Crime where the computer contains evidence
• Crime where the computer is used as a tool to commit the crime
• A cyber crime is intentional and not accidental
Cyber crime
• Computer and networks make a healthy environment for the cyber
criminal to perform their illegal actions due to the following factors
• Speed
• Anonymity
• Different cyber laws
• It is also a great challenges for the investigators as well.
Modes of Attacks
• There are generally two main types of attacks
• Internal Attacks
• Breach of trust from employees within the organization
• External Attacks
• Attackers either hired by an insider or by an external entity to destroy the competitor’s
reputation
Examples of Cyber crime
1) Fraud achieved by the manipulation of the computer network
2) Deliberate circumvention of the computer systems
3) Unauthorized access to or modification of programs and data
4) Intellectual property theft, including software piracy
5) Industrial espionage by means of access to or theft of computer materials
6) Identity theft, which is accomplished by the use of fraudulent computer
7) Writing or spreading computer viruses or worms
8) Salami slicing is the practice of stealing money repeatedly in small quantities
9) Denial of service attack, where the company’s websites are flooded with
service requests and their website is overloaded and either slowed or is
crashed completely
10) Making and digitally distributing child pornography
CHFI
Cyber Crime Investigation [CHFI]
Key Steps in Forensics Investigation [CHFI]
Key Steps in Forensics Investigation [CHFI]
Thank You
For Your Patience

More Related Content

What's hot

Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeAung Thu Rha Hein
 
Digital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsDigital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsFilip Maertens
 
Anti forensic
Anti forensicAnti forensic
Anti forensicMilap Oza
 
A brief Intro to Digital Forensics
A brief Intro to Digital ForensicsA brief Intro to Digital Forensics
A brief Intro to Digital ForensicsManik Bhola
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsSCREAM138
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsNeilg42
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - NotesKranthi
 
Accessing Forensic Images
Accessing Forensic ImagesAccessing Forensic Images
Accessing Forensic ImagesCTIN
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Lecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.pptLecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.pptSurajgroupsvideo
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 

What's hot (20)

Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research Challenge
 
Digital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsDigital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic Investigations
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Cyber Forensics
Cyber Forensics Cyber Forensics
Cyber Forensics
 
Anti forensic
Anti forensicAnti forensic
Anti forensic
 
A brief Intro to Digital Forensics
A brief Intro to Digital ForensicsA brief Intro to Digital Forensics
A brief Intro to Digital Forensics
 
computer forensics
computer forensicscomputer forensics
computer forensics
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes
 
Accessing Forensic Images
Accessing Forensic ImagesAccessing Forensic Images
Accessing Forensic Images
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
 
Computer Forensics ppt
Computer Forensics pptComputer Forensics ppt
Computer Forensics ppt
 
Lecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.pptLecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.ppt
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensics
 
Autopsy Digital forensics tool
Autopsy Digital forensics toolAutopsy Digital forensics tool
Autopsy Digital forensics tool
 
Computer Forensic
Computer ForensicComputer Forensic
Computer Forensic
 

Viewers also liked

Chfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays WorldChfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays Worldgueste0d962
 
Computer Forensic Softwares
Computer Forensic SoftwaresComputer Forensic Softwares
Computer Forensic SoftwaresDhruv Seth
 
Ce hv6 module 57 computer forensics and incident handling
Ce hv6 module 57 computer forensics and incident handlingCe hv6 module 57 computer forensics and incident handling
Ce hv6 module 57 computer forensics and incident handlingVi Tính Hoàng Nam
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Bridging the gap between mobile and computer forensics
Bridging the gap between mobile and computer forensicsBridging the gap between mobile and computer forensics
Bridging the gap between mobile and computer forensicsNina Ananiasvili
 
Computer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP KhartoumComputer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP KhartoumOWASP Khartoum
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsdeaneal
 
Digital Crime & Forensics - Presentation
Digital Crime & Forensics - PresentationDigital Crime & Forensics - Presentation
Digital Crime & Forensics - Presentationprashant3535
 
MobileForensicsbyFayMahdi
MobileForensicsbyFayMahdiMobileForensicsbyFayMahdi
MobileForensicsbyFayMahdiFay M.
 
Computer Forensics: First Responder Training - Eric Vanderburg - JurInnov
Computer Forensics: First Responder Training - Eric Vanderburg - JurInnovComputer Forensics: First Responder Training - Eric Vanderburg - JurInnov
Computer Forensics: First Responder Training - Eric Vanderburg - JurInnovEric Vanderburg
 
FIRST 2006 Full-day Tutorial on Logs for Incident Response
FIRST 2006 Full-day Tutorial on Logs for Incident ResponseFIRST 2006 Full-day Tutorial on Logs for Incident Response
FIRST 2006 Full-day Tutorial on Logs for Incident ResponseAnton Chuvakin
 
ICS Review & Response
ICS Review & ResponseICS Review & Response
ICS Review & Responsedwoodwoody
 

Viewers also liked (20)

Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
 
Chfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays WorldChfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays World
 
Computer Forensic Softwares
Computer Forensic SoftwaresComputer Forensic Softwares
Computer Forensic Softwares
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Ce hv6 module 57 computer forensics and incident handling
Ce hv6 module 57 computer forensics and incident handlingCe hv6 module 57 computer forensics and incident handling
Ce hv6 module 57 computer forensics and incident handling
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkit
 
Bridging the gap between mobile and computer forensics
Bridging the gap between mobile and computer forensicsBridging the gap between mobile and computer forensics
Bridging the gap between mobile and computer forensics
 
Computer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP KhartoumComputer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP Khartoum
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Digital Crime & Forensics - Presentation
Digital Crime & Forensics - PresentationDigital Crime & Forensics - Presentation
Digital Crime & Forensics - Presentation
 
Lect 2 computer forensics
Lect 2 computer forensicsLect 2 computer forensics
Lect 2 computer forensics
 
Csc339 – lecture 2 network fundamental
Csc339 – lecture 2 network fundamentalCsc339 – lecture 2 network fundamental
Csc339 – lecture 2 network fundamental
 
Fs Ch 18
Fs Ch 18Fs Ch 18
Fs Ch 18
 
Fs Ch 19
Fs Ch 19Fs Ch 19
Fs Ch 19
 
MobileForensicsbyFayMahdi
MobileForensicsbyFayMahdiMobileForensicsbyFayMahdi
MobileForensicsbyFayMahdi
 
Computer Forensics: First Responder Training - Eric Vanderburg - JurInnov
Computer Forensics: First Responder Training - Eric Vanderburg - JurInnovComputer Forensics: First Responder Training - Eric Vanderburg - JurInnov
Computer Forensics: First Responder Training - Eric Vanderburg - JurInnov
 
Incident Response in the wake of Dear CEO
Incident Response in the wake of Dear CEOIncident Response in the wake of Dear CEO
Incident Response in the wake of Dear CEO
 
FIRST 2006 Full-day Tutorial on Logs for Incident Response
FIRST 2006 Full-day Tutorial on Logs for Incident ResponseFIRST 2006 Full-day Tutorial on Logs for Incident Response
FIRST 2006 Full-day Tutorial on Logs for Incident Response
 
Incident Response
Incident ResponseIncident Response
Incident Response
 
ICS Review & Response
ICS Review & ResponseICS Review & Response
ICS Review & Response
 

Similar to Lect 1 computer forensics

Computer Forensics (1).pptx
Computer Forensics (1).pptxComputer Forensics (1).pptx
Computer Forensics (1).pptxGautam708801
 
164199724-Introduction-To-Digital-Forensics-ppt.ppt
164199724-Introduction-To-Digital-Forensics-ppt.ppt164199724-Introduction-To-Digital-Forensics-ppt.ppt
164199724-Introduction-To-Digital-Forensics-ppt.pptharshbj1801
 
Obstacles to Cybercrime Investigations
Obstacles to Cybercrime InvestigationsObstacles to Cybercrime Investigations
Obstacles to Cybercrime InvestigationsDr. Prashant Vats
 
Cyber forensic 1
Cyber forensic 1Cyber forensic 1
Cyber forensic 1anilinvns
 
Review on Cyber Forensics - Copy.pptx
Review on Cyber Forensics - Copy.pptxReview on Cyber Forensics - Copy.pptx
Review on Cyber Forensics - Copy.pptxVaishnaviBorse8
 
Latihan2 comp-forensic
Latihan2 comp-forensicLatihan2 comp-forensic
Latihan2 comp-forensicsabtolinux
 
Digital&computforensic
Digital&computforensicDigital&computforensic
Digital&computforensicRahul Badekar
 
Computer forensics 1
Computer forensics 1Computer forensics 1
Computer forensics 1Jinalkakadiya
 
Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1Anpumathews
 
Business Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicBusiness Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicDhiren Gala
 
Digital forensic
Digital forensicDigital forensic
Digital forensicChandan Sah
 

Similar to Lect 1 computer forensics (20)

Computer Forensics (1).pptx
Computer Forensics (1).pptxComputer Forensics (1).pptx
Computer Forensics (1).pptx
 
164199724-Introduction-To-Digital-Forensics-ppt.ppt
164199724-Introduction-To-Digital-Forensics-ppt.ppt164199724-Introduction-To-Digital-Forensics-ppt.ppt
164199724-Introduction-To-Digital-Forensics-ppt.ppt
 
CYBERFORENSICS
CYBERFORENSICSCYBERFORENSICS
CYBERFORENSICS
 
Computer Forensics.pptx
Computer Forensics.pptxComputer Forensics.pptx
Computer Forensics.pptx
 
Obstacles to Cybercrime Investigations
Obstacles to Cybercrime InvestigationsObstacles to Cybercrime Investigations
Obstacles to Cybercrime Investigations
 
Lect 3 Computer Forensics
Lect 3 Computer ForensicsLect 3 Computer Forensics
Lect 3 Computer Forensics
 
File000114
File000114File000114
File000114
 
Cyber forensic 1
Cyber forensic 1Cyber forensic 1
Cyber forensic 1
 
Review on Cyber Forensics - Copy.pptx
Review on Cyber Forensics - Copy.pptxReview on Cyber Forensics - Copy.pptx
Review on Cyber Forensics - Copy.pptx
 
Latihan2 comp-forensic
Latihan2 comp-forensicLatihan2 comp-forensic
Latihan2 comp-forensic
 
Digital forensics by vimal priya.s
Digital forensics  by vimal priya.sDigital forensics  by vimal priya.s
Digital forensics by vimal priya.s
 
Digital&computforensic
Digital&computforensicDigital&computforensic
Digital&computforensic
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Chap 1 general introduction to computer forensics
Chap 1  general introduction to computer forensicsChap 1  general introduction to computer forensics
Chap 1 general introduction to computer forensics
 
Computer forensics 1
Computer forensics 1Computer forensics 1
Computer forensics 1
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
 
Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1
 
Business Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicBusiness Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer Forensic
 
Difference between Cyber and digital Forensic.pptx
Difference between Cyber and digital Forensic.pptxDifference between Cyber and digital Forensic.pptx
Difference between Cyber and digital Forensic.pptx
 
Digital forensic
Digital forensicDigital forensic
Digital forensic
 

More from Kabul Education University

More from Kabul Education University (20)

Cryptography and Network security # Lecture 8
Cryptography and Network security # Lecture 8Cryptography and Network security # Lecture 8
Cryptography and Network security # Lecture 8
 
ITIL # Lecture 9
ITIL # Lecture 9ITIL # Lecture 9
ITIL # Lecture 9
 
Cryptography and Network security # Lecture 7
Cryptography and Network security # Lecture 7Cryptography and Network security # Lecture 7
Cryptography and Network security # Lecture 7
 
ITIL # Lecture 8
ITIL # Lecture 8ITIL # Lecture 8
ITIL # Lecture 8
 
Cryptography and Network security # Lecture 6
Cryptography and Network security # Lecture 6Cryptography and Network security # Lecture 6
Cryptography and Network security # Lecture 6
 
ITIL # Lecture 7
ITIL # Lecture 7ITIL # Lecture 7
ITIL # Lecture 7
 
Cryptography and Network security # Lecture 5
Cryptography and Network security # Lecture 5Cryptography and Network security # Lecture 5
Cryptography and Network security # Lecture 5
 
Cyber Security # Lec 5
Cyber Security # Lec 5Cyber Security # Lec 5
Cyber Security # Lec 5
 
ITIL # Lecture 6
ITIL # Lecture 6ITIL # Lecture 6
ITIL # Lecture 6
 
Cyber Security # Lec 4
Cyber Security # Lec 4 Cyber Security # Lec 4
Cyber Security # Lec 4
 
ITIL # Lecture 5
ITIL # Lecture 5ITIL # Lecture 5
ITIL # Lecture 5
 
Cyber Security # Lec 3
Cyber Security # Lec 3 Cyber Security # Lec 3
Cyber Security # Lec 3
 
ITIL # Lecture 4
ITIL # Lecture 4ITIL # Lecture 4
ITIL # Lecture 4
 
Cryptography and Network security # Lecture 4
Cryptography and Network security # Lecture 4Cryptography and Network security # Lecture 4
Cryptography and Network security # Lecture 4
 
Cyber Security # Lec 2
Cyber Security # Lec 2Cyber Security # Lec 2
Cyber Security # Lec 2
 
ITIL # Lecture 3
ITIL # Lecture 3ITIL # Lecture 3
ITIL # Lecture 3
 
Cryptography and Network security # Lecture 3
Cryptography and Network security # Lecture 3Cryptography and Network security # Lecture 3
Cryptography and Network security # Lecture 3
 
ITIL # Lecture 2
ITIL # Lecture 2ITIL # Lecture 2
ITIL # Lecture 2
 
Cryptography and Network Security # Lecture 2
Cryptography and Network Security # Lecture 2Cryptography and Network Security # Lecture 2
Cryptography and Network Security # Lecture 2
 
ITIL # Lecture 1
ITIL # Lecture 1ITIL # Lecture 1
ITIL # Lecture 1
 

Recently uploaded

Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Brian Pichman
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDELiveplex
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 

Recently uploaded (20)

Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
20150722 - AGV
20150722 - AGV20150722 - AGV
20150722 - AGV
 

Lect 1 computer forensics

  • 1. Intro to Computer Forensics Mr. Islahuddin Jalal MS (Cyber Security) – UKM Malaysia Research Title – 3C-CSIRT Model for Afghanistan BAKHTAR UNIVERSITY ‫باخترپوهنتون‬ ‫د‬
  • 2. Outline • Computer forensics • Evolution, objective, advantages and disadvantages of CF • Forensics Readiness Planning • Cybercrime and its types • Cybercrime investigation
  • 3. Forensics Science • Forensics Science is a science which proves to a court that the suspected was involved or not, in the criminal activities, in order to find out the truth that injustice shall not be occurred. • Application of physical sciences to law • in the search for truth in • civil, • criminal, • and social behavioral matters • In order to end that injustice shall not be done to any member of society. [CHFI] • To prove that a person was present or not at the place of crime
  • 4. Computer Forensics • It is the combination of law and computer science • Computer forensics is a process of gathering related data or information from the digital appliances involved in the crime and preserved those data or information in a way that is acceptable to court of law. • A methodical series of techniques and procedures for gathering evidence, from computing equipment and various storage devices and digital media that can be presented in a court of law in a coherent and meaningful format. [Dr. H.B. Wolfe]
  • 5. Computer Forensics • Forensics computing is thee science of capturing, processing, and investigating data from computers using a methodology whereby any evidence discovered is acceptable in a court of law. [CHFI] • The preservation, identification, extraction, interpretation, and documentation of computer evidence, to include the rules of evidence, legal processes, integrity of evidence, factual reporting of the information found, and providing of expert opinion in a court of law or other legal and/or administrative proceeding as to what was found [CSI]
  • 6. Aspects of Organizational Security [CHFI]
  • 7. Evolution of Computer Forensics • Francis Galton (1982 – 1911): Made the first recorded study of fingerprints • Leone Lattes (1887 – 1954): Discovered Blood groupings • Calvin Goddard (1891 – 1955): allowed firearms and bullet comparison for solving many pending court cases • Albert Osborn (1858 – 1946): Developed essential feature of document examination • Hans Gross (1847 – 1915): Made use of scientific study to head criminal investigations • FBI (1932): A lab was set up to provide forensics services to all field agents and other law authorities across the country.
  • 8. Evolution of Computer Forensics [CHFI]
  • 9. Objective of Computer Forensics • To find out the criminal which is directly or indirectly related to cyber region. • To recover, analyze and preserve computer and related materials in such a way that they can be presented as evidence in a court of law. • To identify the evidence quickly, estimate the potential impact of the malicious activity on the victim, and assess the intent and identity of the perpetrator.
  • 10. Advantages of Computer Forensics • Help to protect from and solve cases involving • Theft of intellectual property • This is related to any act that allows access to customer data and any confidential information • Financial Fraud • This is related to anything that uses fraudulent purchase of victims information to conduct fraudulent transactions.
  • 11. Disadvantages of Computer Forensics • Digital evidence accepted into court must prove that there is no tampering • Costs • Producing electronic records and preserving them is extremely costly • Legal practitioners must have extensive computer knowledge
  • 12. Need for Computer Forensics [CHFI]
  • 13. Forensics Readiness? • It is defined as the ability of an organization to maximize its potential to use digital evidence whilst minimizing the costs of an investigation.
  • 14. Benefits of Forensics Readiness [CHFI] • Evidence can be gathered to act in the company’s defense if subject to a law suit • In the event of a major incident, a fast and efficient investigation can be conducted and corresponding actions can be followed with minimal disruption to the business. • Forensics readiness can extend the target of information security to the wider threat from cybercrime such as intellectual property protection, fraud, or extortion. • Fixed and structured approach for storage of evidence can considerably reduce the expense and time of an internal investigation • It can improve and simplify law enforcement interface • In case of a major incident, proper and in-depth investigation can be conducted
  • 15. Goals of Forensics Readiness [CHFI]
  • 16. Forensics Readiness Planning 1) Define the business states that need digital evidence 2) Identify the potential evidence available 3) Determine the evidence collection requirement 4) Decide the procedure for securely collecting the evidence that meets the requirement in a forensically sound manner 5) Establish a policy for securely handling and storing the collected evidence 6) Ensure that the observation process is aimed to detect and prevent the important incidents 7) Ensure investigative staff are capable to complete any task related to handling and preserving the evidence 8) Document all the activities performed and their impact 9) Ensure authorized review to facilitate action in response to the incident
  • 17. Cyber Crime • Cyber crime is an illegal action against any entity using computer, its systems and its applications. • Crime directed against a computer • Crime where the computer contains evidence • Crime where the computer is used as a tool to commit the crime • A cyber crime is intentional and not accidental
  • 18. Cyber crime • Computer and networks make a healthy environment for the cyber criminal to perform their illegal actions due to the following factors • Speed • Anonymity • Different cyber laws • It is also a great challenges for the investigators as well.
  • 19. Modes of Attacks • There are generally two main types of attacks • Internal Attacks • Breach of trust from employees within the organization • External Attacks • Attackers either hired by an insider or by an external entity to destroy the competitor’s reputation
  • 20. Examples of Cyber crime 1) Fraud achieved by the manipulation of the computer network 2) Deliberate circumvention of the computer systems 3) Unauthorized access to or modification of programs and data 4) Intellectual property theft, including software piracy 5) Industrial espionage by means of access to or theft of computer materials 6) Identity theft, which is accomplished by the use of fraudulent computer 7) Writing or spreading computer viruses or worms 8) Salami slicing is the practice of stealing money repeatedly in small quantities 9) Denial of service attack, where the company’s websites are flooded with service requests and their website is overloaded and either slowed or is crashed completely 10) Making and digitally distributing child pornography
  • 21. CHFI
  • 23. Key Steps in Forensics Investigation [CHFI]
  • 24. Key Steps in Forensics Investigation [CHFI]
  • 25. Thank You For Your Patience