SlideShare a Scribd company logo

Computer Forensics ppt

•Download as PPTX, PDF•
•
O
OECLIB Odisha Electronics Control Library

This document provides an overview of computer forensics. It defines computer forensics as the process of identifying, preserving, analyzing and presenting digital evidence in a legally acceptable manner. The document discusses the history, goals, and methodology of computer forensics, as well as who uses these services and the skills required. Computer forensics is used to find evidence for a variety of computer crimes and cybercrimes to assist in arrests and prosecutions.

Software
1 of 26
www.oeclib.in Submitted By: Odisha Electronics Control Library Seminar On Computer Forensics
CONTENTS 2 • Introduction • What is Computer Forensics? • Characteristics • Needs • History • Goal • Cyber Crime & Evidence • Rules Of Handling Evidence • Top 10 Location For Evidence • Computer Forensics Methodology • Applications of Computer Forensics • Who Uses Computer Forensics • Skills Requirements for Computer Forensics • Conclusion • References
Introduction “Forensic computing is the process of identifying, preserving, analyzing and presenting digital evidence in a manner that is legally acceptable.”(Rodney Mckemmish 1999).
What is Computer Forensics? 4  “Forensic computing is the process of identifying, preserving, analyzing and presenting digital evidence in a manner that is legally acceptable.”(Rodney Mckemmish 1999).  Evidence might be required for a wide range of computer crimes and misuses.  Information collected assists in arrests, prosecution, termination of employment, and preventing future illegal activity
Characteristics 5  IDENTIFYING  PRESERVING  ANALYZING  PRESENTING
NEEDS OF COMPUTER FORENSICS 6 o To produce evidence in the court that can lead to the punishment of the actual. o To ensure the integrity of the computer system. o To focus on the response to hi-tech offenses, started to intertwine.
HISTORY OF COMPUTER FORENSICS 7 o Began to evolve more than 30 years ago in US when law enforcement and military investigators started seeing criminals get technical. o Over the next decades, and up to today, the field has exploded. Law enforcement and the military continue to have a large presence in the information security and computer forensic field at the local, state and federal level. o Now a days, Software companies continue to produce newer and more robust forensic software programs. And law enforcement and the military continue to identify and train more and more of their personnel in the response to crimes involving technology.
GOAL OF COMPUTER FORENSICS 8  The main goal of computer forensic experts is not only to find the criminal but also to find out the evidence and the presentation of the evidence in a manner that leads to legal action of the criminal.
CYBER CRIME & EVIDENCE 9  CYBER CRIME  Cyber crime occurs when information technology is used to commit or conceal an offence.
Types of Cyber Crime 10 o Forgery o Breech of Computer Security o Fraud/Theft o Copyright Violations o Identity Theft o Threats o Burglary o Homicide o Administrative Investigations o Cyber Terrorism o Sales and Investment Fraud o Electronic Fund Transfer Fraud
11
Cybercrime: Top 20 Countries 12
Evidence 13  An item does not become officially a piece of evidence until a court admits it.  Much of forensics practice concerns how to collect, preserve and analyze these items without compromising their potential to be admitted as evidence in a court of law.
DIGITAL EVIDENCE 14  “Any data that is recorded or preserved on any medium in or by a computer system or other similar device, that can be read or understand by a person or a computer system or other similar device. It includes a display, print out or other output of that data.”
TYPES OF DIGITAL EVIDENCE 15 1) PERSISTANT DATA Meaning data that remains intact when the computer is turned off. E.g. hard drives, disk drives and removable storage devices (such as USB drives or flash drives). 2) VOLATILE DATA, Meaning data that would be lost if the computer is turned off. E.g. deleted files, computer history, the computer's registry, temporary files and web browsing history.
5 RULES OF EVIDENCES 16 1) Admissible  Must be able to be used in court or elsewhere. 2) Authentic  Evidence relates to incident in relevant way. 3) Complete (no tunnel vision)  Exculpatory evidence for alternative suspects. 4) Reliable  No question about authenticity & veracity. 5) Believable  Clear, easy to understand, and believable by a jury.
TOP 10 LOCATION FOR EVIDENCE 17 1) Internet History Files 2) Temporary Internet Files 3) Slack/Unallocated Space 4) Buddy lists, personal chat room records, others saved areas 5) News groups/club lists/posting 6) Settings, folder structure, file names 7) File Storage Dates 8) Software/Hardware added 9) File Sharing ability 10) E-mails
Methodology 18 1) Shut Down the Computer 2) Document the Hardware Configuration of The System 3) Transport the Computer System to A Secure Location 4) Make Bit Stream Backups of Hard Disks and Floppy Disks 5) Mathematically Verify Data on All Storage Devices 6) Document the System Date and Time 7) Make a List of Key Search Words
CONT… 8) Evaluate the Windows Swap File 9) Evaluate File Slack 10) Evaluate Unallocated Space (Erased Files) 11) Search Files, File Slack and Unallocated Space for Key Words 12) Document File Names, Dates and Times 13) Identify File, Program and Storage Anomalies 14) Evaluate Program Functionality 15) Document Your Findings
Applications 20  FINANCIAL FRAUD DETECTION  CRIMINAL PROSECUTION  CIVIL LITIGATION  “CORPORATE SECURITY POLICY AND VIOLATIONS”
Who Uses Computer Forensics? 21  Criminal Prosecutors  Rely on evidence obtained from a computer to prosecute suspects and use as evidence.  Civil Litigations  Personal and business data discovered on a computer can be used in fraud, harassment, or discrimination cases.  Private Corporations  Obtained evidence from employee computers can be used as evidence in harassment, fraud, and embezzlement cases.
Who Uses Computer Forensics? (cont..) 22  Law Enforcement Officials  Rely on computer forensics to backup search warrants and post-seizure handling.  Individual/Private Citizens  Obtain the services of professional computer forensic specialists to support claims of harassment, abuse, or wrongful termination from employment.
Skills Required For Computer Forensics Application 23 o Programming or computer-related experience o Broad understanding of operating systems and applications o Strong analytical skills o Strong computer science fundamentals o Strong system administrative skills o Knowledge of the latest intruder tools o Knowledge of cryptography and steganography o Strong understanding of the rules of evidence and evidence handling o Ability to be an expert witness in a court of law
Conclusion  With computers becoming more and more involved in our everyday lives, both professionally and socially, there is a need for computer forensics.  This field will enable crucial electronic evidence to be found, whether it was lost, deleted, damaged, or hidden, and used to prosecute individuals that believe they have successfully beaten the system.
References  www.google.com  www.wikipedia.com  www.oeclib.in
Thanks 26

Recommended

Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
Nikhil Mashruwala
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
Somya Johri
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
Kathirvel Ayyaswamy
 
Digital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsDigital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic Investigations
Filip Maertens
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
SCREAM138
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
Priya Manik
 
Network forensic
Network forensicNetwork forensic
Network forensic
Manjushree Mashal
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
vishnuv43
 

Recommended

Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
Nikhil Mashruwala
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
Somya Johri
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
Kathirvel Ayyaswamy
 
Digital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsDigital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic Investigations
Filip Maertens
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
SCREAM138
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
Priya Manik
 
Network forensic
Network forensicNetwork forensic
Network forensic
Manjushree Mashal
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
vishnuv43
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensic
Online
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
Roberto Ellis
 
L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptx
Bhupeshkumar Nanhe
 
Digital Forensic ppt
Digital Forensic pptDigital Forensic ppt
Digital Forensic ppt
Suchita Rawat
 
Computer forensics and its role
Computer forensics and its roleComputer forensics and its role
Computer forensics and its role
Sudeshna Basak
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
yash sawarkar
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1
Manu Mathew Cherian
 
Difference between Cyber and digital Forensic.pptx
Difference between Cyber and digital Forensic.pptxDifference between Cyber and digital Forensic.pptx
Difference between Cyber and digital Forensic.pptx
Applied Forensic Research Sciences
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics Overview
Yansi Keim
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
Vidoushi B-Somrah
 
A brief Intro to Digital Forensics
A brief Intro to Digital ForensicsA brief Intro to Digital Forensics
A brief Intro to Digital Forensics
Manik Bhola
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
deaneal
 
computer forensics
computer forensicscomputer forensics
computer forensics
Akhil Kumar
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
Neilg42
 
Digital Forensic
Digital ForensicDigital Forensic
Digital Forensic
Cleverence Kombe
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
Mithileysh Sathiyanarayanan
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkit
Milap Oza
 
Network Forensics
Network ForensicsNetwork Forensics
Network Forensics
primeteacher32
 
Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu Khimani
Dr Raghu Khimani
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
One97 Communications Limited
 
computer-forensics-8727-OHvDvOm.pptx
computer-forensics-8727-OHvDvOm.pptxcomputer-forensics-8727-OHvDvOm.pptx
computer-forensics-8727-OHvDvOm.pptx
ssuser2bf502
 
computer-forensics-8727-OHvDvOm.pptx
computer-forensics-8727-OHvDvOm.pptxcomputer-forensics-8727-OHvDvOm.pptx
computer-forensics-8727-OHvDvOm.pptx
DaniyaHuzaifa
 

More Related Content

What's hot

Computer forensics and its role
Computer forensics and its roleComputer forensics and its role
Computer forensics and its role
Sudeshna Basak
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
yash sawarkar
 
computer forensics
computer forensicscomputer forensics
computer forensics
Akhil Kumar
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkit
Milap Oza
 

What's hot (20)

Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensic
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptx
 
Digital Forensic ppt
Digital Forensic pptDigital Forensic ppt
Digital Forensic ppt
 
Computer forensics and its role
Computer forensics and its roleComputer forensics and its role
Computer forensics and its role
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1
 
Difference between Cyber and digital Forensic.pptx
Difference between Cyber and digital Forensic.pptxDifference between Cyber and digital Forensic.pptx
Difference between Cyber and digital Forensic.pptx
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics Overview
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
A brief Intro to Digital Forensics
A brief Intro to Digital ForensicsA brief Intro to Digital Forensics
A brief Intro to Digital Forensics
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
computer forensics
computer forensicscomputer forensics
computer forensics
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
Digital Forensic
Digital ForensicDigital Forensic
Digital Forensic
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkit
 
Network Forensics
Network ForensicsNetwork Forensics
Network Forensics
 
Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu Khimani
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 

Similar to Computer Forensics ppt

computer-forensics-8727-OHvDvOm.pptx
computer-forensics-8727-OHvDvOm.pptxcomputer-forensics-8727-OHvDvOm.pptx
computer-forensics-8727-OHvDvOm.pptx
ssuser2bf502
 
Akcomputerforensics 130222081008-phpapp02-140809110602-phpapp02
Akcomputerforensics 130222081008-phpapp02-140809110602-phpapp02Akcomputerforensics 130222081008-phpapp02-140809110602-phpapp02
Akcomputerforensics 130222081008-phpapp02-140809110602-phpapp02
satyabwati
 
Digital Evidence - the defence, prosecution, & the court
Digital Evidence - the defence, prosecution, & the courtDigital Evidence - the defence, prosecution, & the court
Digital Evidence - the defence, prosecution, & the court
Cell Site Analysis (CSA)
 
computerforensics-140212060522-phpapp02.pdf
computerforensics-140212060522-phpapp02.pdfcomputerforensics-140212060522-phpapp02.pdf
computerforensics-140212060522-phpapp02.pdf
Gnanavi2
 
Assignment 1 ) -----  Portfolio AssignmentsPrefaceListed.docx
Assignment 1 ) -----  Portfolio AssignmentsPrefaceListed.docxAssignment 1 ) -----  Portfolio AssignmentsPrefaceListed.docx
Assignment 1 ) -----  Portfolio AssignmentsPrefaceListed.docx
carlibradley31429
 

Similar to Computer Forensics ppt (20)

computer-forensics-8727-OHvDvOm.pptx
computer-forensics-8727-OHvDvOm.pptxcomputer-forensics-8727-OHvDvOm.pptx
computer-forensics-8727-OHvDvOm.pptx
 
computer-forensics-8727-OHvDvOm.pptx
computer-forensics-8727-OHvDvOm.pptxcomputer-forensics-8727-OHvDvOm.pptx
computer-forensics-8727-OHvDvOm.pptx
 
Akcomputerforensics 130222081008-phpapp02-140809110602-phpapp02
Akcomputerforensics 130222081008-phpapp02-140809110602-phpapp02Akcomputerforensics 130222081008-phpapp02-140809110602-phpapp02
Akcomputerforensics 130222081008-phpapp02-140809110602-phpapp02
 
Digital&computforensic
Digital&computforensicDigital&computforensic
Digital&computforensic
 
computer forensics by amritanshu kaushik
computer forensics by amritanshu kaushikcomputer forensics by amritanshu kaushik
computer forensics by amritanshu kaushik
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
 
Lecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.pptLecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.ppt
 
Business Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicBusiness Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer Forensic
 
Sued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital ForensicsSued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital Forensics
 
Cyber Security 1215
Cyber Security 1215Cyber Security 1215
Cyber Security 1215
 
Digital Evidence - the defence, prosecution, & the court
Digital Evidence - the defence, prosecution, & the courtDigital Evidence - the defence, prosecution, & the court
Digital Evidence - the defence, prosecution, & the court
 
4.content (computer forensic)
4.content (computer forensic)4.content (computer forensic)
4.content (computer forensic)
 
computerforensics-140212060522-phpapp02.pdf
computerforensics-140212060522-phpapp02.pdfcomputerforensics-140212060522-phpapp02.pdf
computerforensics-140212060522-phpapp02.pdf
 
3170725_Unit-1.pptx
3170725_Unit-1.pptx3170725_Unit-1.pptx
3170725_Unit-1.pptx
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
 
Cyber Security Isaca Bglr Presentation 24th July
Cyber Security Isaca Bglr Presentation 24th JulyCyber Security Isaca Bglr Presentation 24th July
Cyber Security Isaca Bglr Presentation 24th July
 
A Literature Review On Cyber Forensic And Its Analysis Tools
A Literature Review On Cyber Forensic And Its Analysis ToolsA Literature Review On Cyber Forensic And Its Analysis Tools
A Literature Review On Cyber Forensic And Its Analysis Tools
 
Cyber forensics and auditing
Cyber forensics and auditingCyber forensics and auditing
Cyber forensics and auditing
 
Chap 1 general introduction to computer forensics
Chap 1 general introduction to computer forensicsChap 1 general introduction to computer forensics
Chap 1 general introduction to computer forensics
 
Assignment 1 ) -----  Portfolio AssignmentsPrefaceListed.docx
Assignment 1 ) -----  Portfolio AssignmentsPrefaceListed.docxAssignment 1 ) -----  Portfolio AssignmentsPrefaceListed.docx
Assignment 1 ) -----  Portfolio AssignmentsPrefaceListed.docx
 

More from OECLIB Odisha Electronics Control Library

More from OECLIB Odisha Electronics Control Library (20)

5G technology-ppt
5G technology-ppt5G technology-ppt
5G technology-ppt
 
Futex ppt
Futex pptFutex ppt
Futex ppt
 
Distributed Computing ppt
Distributed Computing pptDistributed Computing ppt
Distributed Computing ppt
 
Autonomic Computing PPT
Autonomic Computing PPTAutonomic Computing PPT
Autonomic Computing PPT
 
Asynchronous Chips ppt
Asynchronous Chips pptAsynchronous Chips ppt
Asynchronous Chips ppt
 
Artificial Eye PPT
Artificial Eye PPTArtificial Eye PPT
Artificial Eye PPT
 
Agent Oriented Programming PPT
Agent Oriented Programming PPTAgent Oriented Programming PPT
Agent Oriented Programming PPT
 
Wireless application protocol ppt
Wireless application protocol pptWireless application protocol ppt
Wireless application protocol ppt
 
Wireless Communication ppt
Wireless Communication pptWireless Communication ppt
Wireless Communication ppt
 
4G Wireless Systems ppt
4G Wireless Systems ppt4G Wireless Systems ppt
4G Wireless Systems ppt
 
Steganography ppt
Steganography pptSteganography ppt
Steganography ppt
 
Sixth sense technology ppt
Sixth sense technology pptSixth sense technology ppt
Sixth sense technology ppt
 
Soa ppt
Soa pptSoa ppt
Soa ppt
 
Software developement life cycle ppt
Software developement life cycle pptSoftware developement life cycle ppt
Software developement life cycle ppt
 
Voice-over-Internet Protocol (VoIP) ppt
Voice-over-Internet Protocol (VoIP) pptVoice-over-Internet Protocol (VoIP) ppt
Voice-over-Internet Protocol (VoIP) ppt
 
ZIGBEE TECHNOLOGY ppt
ZIGBEE TECHNOLOGY pptZIGBEE TECHNOLOGY ppt
ZIGBEE TECHNOLOGY ppt
 
Wimax ppt
Wimax pptWimax ppt
Wimax ppt
 
Wibree ppt
Wibree pptWibree ppt
Wibree ppt
 
Wearable Computing
Wearable ComputingWearable Computing
Wearable Computing
 
Virtual Private Networks (VPN) ppt
Virtual Private Networks (VPN) pptVirtual Private Networks (VPN) ppt
Virtual Private Networks (VPN) ppt
 

Recently uploaded

Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
VictoriaMetrics
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
Juha-Pekka Tolvanen
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Bert Jan Schrijver
 

Recently uploaded (20)

Evolving Data Governance for the Real-time Streaming and AI Era
Evolving Data Governance for the Real-time Streaming and AI EraEvolving Data Governance for the Real-time Streaming and AI Era
Evolving Data Governance for the Real-time Streaming and AI Era
 
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
WSO2Con2024 - Software Delivery in Hybrid Environments
WSO2Con2024 - Software Delivery in Hybrid EnvironmentsWSO2Con2024 - Software Delivery in Hybrid Environments
WSO2Con2024 - Software Delivery in Hybrid Environments
 
WSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security Program
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
 
WSO2Con2024 - Navigating the Digital Landscape: Transforming Healthcare with ...
WSO2Con2024 - Navigating the Digital Landscape: Transforming Healthcare with ...WSO2Con2024 - Navigating the Digital Landscape: Transforming Healthcare with ...
WSO2Con2024 - Navigating the Digital Landscape: Transforming Healthcare with ...
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdf
AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdfAzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdf
AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdf
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
 
WSO2Con2024 - Facilitating Broadband Switching Services for UK Telecoms Provi...
WSO2Con2024 - Facilitating Broadband Switching Services for UK Telecoms Provi...WSO2Con2024 - Facilitating Broadband Switching Services for UK Telecoms Provi...
WSO2Con2024 - Facilitating Broadband Switching Services for UK Telecoms Provi...
 
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public AdministrationWSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
 
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...
 
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
WSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - KeynoteWSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - Keynote
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AI
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 

Computer Forensics ppt

  • 1. www.oeclib.in Submitted By: Odisha Electronics Control Library Seminar On Computer Forensics
  • 2. CONTENTS 2 • Introduction • What is Computer Forensics? • Characteristics • Needs • History • Goal • Cyber Crime & Evidence • Rules Of Handling Evidence • Top 10 Location For Evidence • Computer Forensics Methodology • Applications of Computer Forensics • Who Uses Computer Forensics • Skills Requirements for Computer Forensics • Conclusion • References
  • 3. Introduction “Forensic computing is the process of identifying, preserving, analyzing and presenting digital evidence in a manner that is legally acceptable.”(Rodney Mckemmish 1999).
  • 4. What is Computer Forensics? 4  “Forensic computing is the process of identifying, preserving, analyzing and presenting digital evidence in a manner that is legally acceptable.”(Rodney Mckemmish 1999).  Evidence might be required for a wide range of computer crimes and misuses.  Information collected assists in arrests, prosecution, termination of employment, and preventing future illegal activity
  • 6. NEEDS OF COMPUTER FORENSICS 6 o To produce evidence in the court that can lead to the punishment of the actual. o To ensure the integrity of the computer system. o To focus on the response to hi-tech offenses, started to intertwine.
  • 7. HISTORY OF COMPUTER FORENSICS 7 o Began to evolve more than 30 years ago in US when law enforcement and military investigators started seeing criminals get technical. o Over the next decades, and up to today, the field has exploded. Law enforcement and the military continue to have a large presence in the information security and computer forensic field at the local, state and federal level. o Now a days, Software companies continue to produce newer and more robust forensic software programs. And law enforcement and the military continue to identify and train more and more of their personnel in the response to crimes involving technology.
  • 8. GOAL OF COMPUTER FORENSICS 8  The main goal of computer forensic experts is not only to find the criminal but also to find out the evidence and the presentation of the evidence in a manner that leads to legal action of the criminal.
  • 9. CYBER CRIME & EVIDENCE 9  CYBER CRIME  Cyber crime occurs when information technology is used to commit or conceal an offence.
  • 10. Types of Cyber Crime 10 o Forgery o Breech of Computer Security o Fraud/Theft o Copyright Violations o Identity Theft o Threats o Burglary o Homicide o Administrative Investigations o Cyber Terrorism o Sales and Investment Fraud o Electronic Fund Transfer Fraud
  • 11. 11
  • 12. Cybercrime: Top 20 Countries 12
  • 13. Evidence 13  An item does not become officially a piece of evidence until a court admits it.  Much of forensics practice concerns how to collect, preserve and analyze these items without compromising their potential to be admitted as evidence in a court of law.
  • 14. DIGITAL EVIDENCE 14  “Any data that is recorded or preserved on any medium in or by a computer system or other similar device, that can be read or understand by a person or a computer system or other similar device. It includes a display, print out or other output of that data.”
  • 15. TYPES OF DIGITAL EVIDENCE 15 1) PERSISTANT DATA Meaning data that remains intact when the computer is turned off. E.g. hard drives, disk drives and removable storage devices (such as USB drives or flash drives). 2) VOLATILE DATA, Meaning data that would be lost if the computer is turned off. E.g. deleted files, computer history, the computer's registry, temporary files and web browsing history.
  • 16. 5 RULES OF EVIDENCES 16 1) Admissible  Must be able to be used in court or elsewhere. 2) Authentic  Evidence relates to incident in relevant way. 3) Complete (no tunnel vision)  Exculpatory evidence for alternative suspects. 4) Reliable  No question about authenticity & veracity. 5) Believable  Clear, easy to understand, and believable by a jury.
  • 17. TOP 10 LOCATION FOR EVIDENCE 17 1) Internet History Files 2) Temporary Internet Files 3) Slack/Unallocated Space 4) Buddy lists, personal chat room records, others saved areas 5) News groups/club lists/posting 6) Settings, folder structure, file names 7) File Storage Dates 8) Software/Hardware added 9) File Sharing ability 10) E-mails
  • 18. Methodology 18 1) Shut Down the Computer 2) Document the Hardware Configuration of The System 3) Transport the Computer System to A Secure Location 4) Make Bit Stream Backups of Hard Disks and Floppy Disks 5) Mathematically Verify Data on All Storage Devices 6) Document the System Date and Time 7) Make a List of Key Search Words
  • 19. CONT… 8) Evaluate the Windows Swap File 9) Evaluate File Slack 10) Evaluate Unallocated Space (Erased Files) 11) Search Files, File Slack and Unallocated Space for Key Words 12) Document File Names, Dates and Times 13) Identify File, Program and Storage Anomalies 14) Evaluate Program Functionality 15) Document Your Findings
  • 20. Applications 20  FINANCIAL FRAUD DETECTION  CRIMINAL PROSECUTION  CIVIL LITIGATION  “CORPORATE SECURITY POLICY AND VIOLATIONS”
  • 21. Who Uses Computer Forensics? 21  Criminal Prosecutors  Rely on evidence obtained from a computer to prosecute suspects and use as evidence.  Civil Litigations  Personal and business data discovered on a computer can be used in fraud, harassment, or discrimination cases.  Private Corporations  Obtained evidence from employee computers can be used as evidence in harassment, fraud, and embezzlement cases.
  • 22. Who Uses Computer Forensics? (cont..) 22  Law Enforcement Officials  Rely on computer forensics to backup search warrants and post-seizure handling.  Individual/Private Citizens  Obtain the services of professional computer forensic specialists to support claims of harassment, abuse, or wrongful termination from employment.
  • 23. Skills Required For Computer Forensics Application 23 o Programming or computer-related experience o Broad understanding of operating systems and applications o Strong analytical skills o Strong computer science fundamentals o Strong system administrative skills o Knowledge of the latest intruder tools o Knowledge of cryptography and steganography o Strong understanding of the rules of evidence and evidence handling o Ability to be an expert witness in a court of law
  • 24. Conclusion  With computers becoming more and more involved in our everyday lives, both professionally and socially, there is a need for computer forensics.  This field will enable crucial electronic evidence to be found, whether it was lost, deleted, damaged, or hidden, and used to prosecute individuals that believe they have successfully beaten the system.

Editor's Notes

  1. 1