SlideShare a Scribd company logo

Digital forensics.abdallah

ahmad abdelhafeez
ahmad abdelhafeez

network,security

Engineering
1 of 25
Download to read offline
Digital Forensics Supervised by : Dr. Ashraf Tammam Presented by : Abdallah Hodieb
What It is a branch of forensic science specialized in recovery and investigation of material found in digital devices. often related to computer crime.
Why Due to the growth in computer crime law enforcement agencies began establishing specialized groups to handle the technical aspects of investigations. Computer Crimes such as : Fraud, Forgery , Extortion , Industrial espionage Virus/Trojan distribution Homicide investigations Theft of or destruction of intellectual property
Who ● Criminal Prosecutors & law enforcement agencies. ● Insurance Companies. ● Private Corporations.
How The process might differ according to the laws enforced by the country . But the general process mainly consists of : ● Acquisition ● Preservation ● Identification ● Evaluation ● Presentation
Challenges Legal rules determine whether potential evidence is admissible in court. Authenticity and validity of evidence must be ensured. Evidence can’t damaged, destroyed, or compromised by the procedures used in identification . Preventing viruses infections during the analysis process Extraction process is properly handled to protect from mechanical or electromagnetic damage.
Acquisition Is the process of acquiring any data that can be used as evidence , from the confiscated exhibits. The process must guarantee that the data is not changed during the acquisition [ ex : no modification date changes ] Ex: Computer Devices , Network maps , External Devices.
General Acquisition Process Restrict access ( local / remote ) to the machine. Dump memory ( if possible ). Document Hardware Configuration ( internal and external ). Make a digital copy of all applicable storage devices. Authenticate all copies using Checksums . Document all the search steps and operations executed.
Types of Data Volatile : Memory Contents. Network Traffic. Non-Volatile: File System contents [ HD , USB Disks , etc .. ]
Preservation The original state of the data should be preserved exactly as acquired . Any operations done on the data should be done on an exact copy , to guarantee the integrity of the original confiscated data.
Identification Identifying what data could be recovered and retrieving it by using Computer Forensic tools. Identifying and recovering hidden / deleted data using various tools. Identification of any tampering or anomalies in the data.
General Identification Process Make a List of Key Search Words. Evaluate the Windows Swap File. Evaluate Unallocated Space (Erased Files). Document File Names, Dates and Times. Identify File, Program and Storage Anomalies. Evaluate Program Functionality. Document Your Findings.
Examples of hidden data Changing file names ,extensions. Encryption. Hidden drive space non-partitioned space in-between partitions. Slack Space. Partition waste space. Bad sectors. Other steganography ways.
Steganography Example To human eyes, data usually contains known forms, like images, e-mail, sounds, and text. Most Internet data naturally includes gratuitous headers, too. The duck flies at midnight.
Evaluation Evaluation of the recovered information , and determining if it can be used as evidence .
Presentation Presenting of evidence discovered in a manner which complies with the rules and regulations . ex: It understood by lawyers, non-technically staff and suitable as evidence as determined by country laws.
Tools Digital Forensic experts use a combination of software and hardware tools. The tools include disk analysers , steganography analysis tools , decryption , hex viewers , network monitors , etc .. List of the most used software tools : https://en.wikipedia.org/wiki/List_of_digital_forensics_tools
SANS Investigative Forensic Toolkit
volatility memory forensics
Hex Editors
DD Disk Cloning
Xplico Network Forensics
Tableau forensic write blocker
Versatile Preservation & Examination Responder Kit
DD , Hex editor Live Example

Recommended

Sujit
SujitSujit
SujitSujit George
 
Chapter 3 cmp forensic
Chapter 3 cmp forensicChapter 3 cmp forensic
Chapter 3 cmp forensicshahhardik27
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsRamesh Ogania
 
Computer forensics and its role
Computer forensics and its roleComputer forensics and its role
Computer forensics and its roleSudeshna Basak
 
Cyber forensic standard operating procedures
Cyber forensic standard operating proceduresCyber forensic standard operating procedures
Cyber forensic standard operating proceduresSoumen Debgupta
 
Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensicsChaitanya Dhareshwar
 
Computer Forensic
Computer ForensicComputer Forensic
Computer ForensicTawhidur Rahman
 
computer forensics
computer forensicscomputer forensics
computer forensicsAkhil Kumar
 

Recommended

Sujit
SujitSujit
SujitSujit George
 
Chapter 3 cmp forensic
Chapter 3 cmp forensicChapter 3 cmp forensic
Chapter 3 cmp forensicshahhardik27
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsRamesh Ogania
 
Computer forensics and its role
Computer forensics and its roleComputer forensics and its role
Computer forensics and its roleSudeshna Basak
 
Cyber forensic standard operating procedures
Cyber forensic standard operating proceduresCyber forensic standard operating procedures
Cyber forensic standard operating proceduresSoumen Debgupta
 
Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensicsChaitanya Dhareshwar
 
Computer Forensic
Computer ForensicComputer Forensic
Computer ForensicTawhidur Rahman
 
computer forensics
computer forensicscomputer forensics
computer forensicsAkhil Kumar
 
Cyber Crimes & Cyber Forensics
Cyber Crimes & Cyber ForensicsCyber Crimes & Cyber Forensics
Cyber Crimes & Cyber Forensicsjahanzebmunawar
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2Manu Mathew Cherian
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsLalit Garg
 
Watching the Detectives: Using digital forensics techniques to investigate th...
Watching the Detectives: Using digital forensics techniques to investigate th...Watching the Detectives: Using digital forensics techniques to investigate th...
Watching the Detectives: Using digital forensics techniques to investigate th...GarethKnight
 
Computer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP KhartoumComputer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP KhartoumOWASP Khartoum
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensicsalrawes
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsSarwar Hossain Rafsan
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsDaksh Verma
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsShreya Singireddy
 
Forensic laboratory setup requirements
Forensic laboratory setup requirements Forensic laboratory setup requirements
Forensic laboratory setup requirements Sonali Parab
 
computer forensics
computer forensicscomputer forensics
computer forensicsshivi123456
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1Manu Mathew Cherian
 
Computer Forensic
Computer ForensicComputer Forensic
Computer ForensicNovizul Evendi
 
Digital Forensic Tools - Application Specific.
Digital Forensic Tools - Application Specific.Digital Forensic Tools - Application Specific.
Digital Forensic Tools - Application Specific.guestcf6f5b
 
Current Forensic Tools
Current Forensic Tools Current Forensic Tools
Current Forensic Tools Jyothishmathi Institute of Technology and Science Karimnagar
 
cyber Forensics
cyber Forensicscyber Forensics
cyber ForensicsMuzzammil Wani
 
An introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsAn introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsZyxware Technologies
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptOnkar1431
 
Incident handling.final
Incident handling.finalIncident handling.final
Incident handling.finalahmad abdelhafeez
 
Learning from History
Learning from HistoryLearning from History
Learning from HistoryBrian Honan
 

More Related Content

What's hot

Cyber Crimes & Cyber Forensics
Cyber Crimes & Cyber ForensicsCyber Crimes & Cyber Forensics
Cyber Crimes & Cyber Forensicsjahanzebmunawar
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsLalit Garg
 
Watching the Detectives: Using digital forensics techniques to investigate th...
Watching the Detectives: Using digital forensics techniques to investigate th...Watching the Detectives: Using digital forensics techniques to investigate th...
Watching the Detectives: Using digital forensics techniques to investigate th...GarethKnight
 
Computer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP KhartoumComputer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP KhartoumOWASP Khartoum
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensicsalrawes
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsDaksh Verma
 
Forensic laboratory setup requirements
Forensic laboratory setup requirements Forensic laboratory setup requirements
Forensic laboratory setup requirements Sonali Parab
 
computer forensics
computer forensicscomputer forensics
computer forensicsshivi123456
 
Digital Forensic Tools - Application Specific.
Digital Forensic Tools - Application Specific.Digital Forensic Tools - Application Specific.
Digital Forensic Tools - Application Specific.guestcf6f5b
 
An introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsAn introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsZyxware Technologies
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptOnkar1431
 

What's hot (20)

Cyber Crimes & Cyber Forensics
Cyber Crimes & Cyber ForensicsCyber Crimes & Cyber Forensics
Cyber Crimes & Cyber Forensics
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Watching the Detectives: Using digital forensics techniques to investigate th...
Watching the Detectives: Using digital forensics techniques to investigate th...Watching the Detectives: Using digital forensics techniques to investigate th...
Watching the Detectives: Using digital forensics techniques to investigate th...
 
Computer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP KhartoumComputer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP Khartoum
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensic
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Forensic laboratory setup requirements
Forensic laboratory setup requirements Forensic laboratory setup requirements
Forensic laboratory setup requirements
 
computer forensics
computer forensicscomputer forensics
computer forensics
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1
 
Computer Forensic
Computer ForensicComputer Forensic
Computer Forensic
 
Digital Forensic Tools - Application Specific.
Digital Forensic Tools - Application Specific.Digital Forensic Tools - Application Specific.
Digital Forensic Tools - Application Specific.
 
Current Forensic Tools
Current Forensic Tools Current Forensic Tools
Current Forensic Tools
 
cyber Forensics
cyber Forensicscyber Forensics
cyber Forensics
 
An introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsAn introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensics
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
 

Viewers also liked

Learning from History
Learning from HistoryLearning from History
Learning from HistoryBrian Honan
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5sabtolinux
 
Web Defacement Web Defacement The Graffiti Parallels - Root.Dark.Team & Anony...
Web Defacement Web Defacement The Graffiti Parallels - Root.Dark.Team & Anony...Web Defacement Web Defacement The Graffiti Parallels - Root.Dark.Team & Anony...
Web Defacement Web Defacement The Graffiti Parallels - Root.Dark.Team & Anony...Joey Hernandez
 
Defending Your Frontend
Defending Your FrontendDefending Your Frontend
Defending Your FrontendBishan Singh
 
ARM 7: ThaiCERT Operations and Priorities
ARM 7: ThaiCERT Operations and PrioritiesARM 7: ThaiCERT Operations and Priorities
ARM 7: ThaiCERT Operations and PrioritiesAPNIC
 
Cehv8 - Module 10: Denial of Service
Cehv8 - Module 10: Denial of ServiceCehv8 - Module 10: Denial of Service
Cehv8 - Module 10: Denial of ServiceVuz Dở Hơi
 
Sdn pres v2-Software-defined networks
Sdn pres v2-Software-defined networksSdn pres v2-Software-defined networks
Sdn pres v2-Software-defined networksahmad abdelhafeez
 
Network DDoS Incident Response Cheat Sheet (by SANS)
Network DDoS Incident Response Cheat Sheet (by SANS)Network DDoS Incident Response Cheat Sheet (by SANS)
Network DDoS Incident Response Cheat Sheet (by SANS)Martin Cabrera
 
Web defacement
Web defacementWeb defacement
Web defacementstudent
 
Cehv8 - Module 05: System Hacking
Cehv8 - Module 05: System HackingCehv8 - Module 05: System Hacking
Cehv8 - Module 05: System HackingVuz Dở Hơi
 

Viewers also liked (20)

Incident handling.final
Incident handling.finalIncident handling.final
Incident handling.final
 
Learning from History
Learning from HistoryLearning from History
Learning from History
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5
 
Web Defacement Web Defacement The Graffiti Parallels - Root.Dark.Team & Anony...
Web Defacement Web Defacement The Graffiti Parallels - Root.Dark.Team & Anony...Web Defacement Web Defacement The Graffiti Parallels - Root.Dark.Team & Anony...
Web Defacement Web Defacement The Graffiti Parallels - Root.Dark.Team & Anony...
 
Defending Your Frontend
Defending Your FrontendDefending Your Frontend
Defending Your Frontend
 
Executive Breach Response Playbook
Executive Breach Response PlaybookExecutive Breach Response Playbook
Executive Breach Response Playbook
 
Cloud computing final show
Cloud computing final showCloud computing final show
Cloud computing final show
 
File000113
File000113File000113
File000113
 
ARM 7: ThaiCERT Operations and Priorities
ARM 7: ThaiCERT Operations and PrioritiesARM 7: ThaiCERT Operations and Priorities
ARM 7: ThaiCERT Operations and Priorities
 
pentration testing
pentration testingpentration testing
pentration testing
 
File000132
File000132File000132
File000132
 
Cehv8 - Module 10: Denial of Service
Cehv8 - Module 10: Denial of ServiceCehv8 - Module 10: Denial of Service
Cehv8 - Module 10: Denial of Service
 
Malewareanalysis
Malewareanalysis Malewareanalysis
Malewareanalysis
 
Sdn pres v2-Software-defined networks
Sdn pres v2-Software-defined networksSdn pres v2-Software-defined networks
Sdn pres v2-Software-defined networks
 
Network DDoS Incident Response Cheat Sheet (by SANS)
Network DDoS Incident Response Cheat Sheet (by SANS)Network DDoS Incident Response Cheat Sheet (by SANS)
Network DDoS Incident Response Cheat Sheet (by SANS)
 
File000115
File000115File000115
File000115
 
Web defacement
Web defacementWeb defacement
Web defacement
 
Localization in wsn
Localization in wsnLocalization in wsn
Localization in wsn
 
File000141
File000141File000141
File000141
 
Cehv8 - Module 05: System Hacking
Cehv8 - Module 05: System HackingCehv8 - Module 05: System Hacking
Cehv8 - Module 05: System Hacking
 

Similar to Digital forensics.abdallah

Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Computer forensics Slides
Computer forensics SlidesComputer forensics Slides
Computer forensics SlidesVarun Sehgal
 
Digital Forensic ppt
Digital Forensic pptDigital Forensic ppt
Digital Forensic pptSuchita Rawat
 
What is Digital Forensics.docx
What is Digital Forensics.docxWhat is Digital Forensics.docx
What is Digital Forensics.docxAliAshraf68199
 
Evidence and data
Evidence and dataEvidence and data
Evidence and dataAtul Rai
 
Business Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicBusiness Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicDhiren Gala
 
Network and computer forensics
Network and computer forensicsNetwork and computer forensics
Network and computer forensicsJohnson Ubah
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsNeilg42
 
Digital forensics Steps
Digital forensics StepsDigital forensics Steps
Digital forensics Stepsgamemaker762
 
3e - Computer Crime
3e - Computer Crime3e - Computer Crime
3e - Computer CrimeMISY
 
3e - Security And Privacy
3e - Security And Privacy3e - Security And Privacy
3e - Security And PrivacyMISY
 
Uncover important digital evidence with digital forensic tools
Uncover important digital evidence with digital forensic toolsUncover important digital evidence with digital forensic tools
Uncover important digital evidence with digital forensic toolsParaben Corporation
 
cyber law and forensics,biometrics systems
cyber law and forensics,biometrics systemscyber law and forensics,biometrics systems
cyber law and forensics,biometrics systemsMayank Diwakar
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsBense Tony
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 

Similar to Digital forensics.abdallah (20)

Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkit
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
 
Computer forensics Slides
Computer forensics SlidesComputer forensics Slides
Computer forensics Slides
 
Digital Forensic ppt
Digital Forensic pptDigital Forensic ppt
Digital Forensic ppt
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
 
What is Digital Forensics.docx
What is Digital Forensics.docxWhat is Digital Forensics.docx
What is Digital Forensics.docx
 
Evidence and data
Evidence and dataEvidence and data
Evidence and data
 
Business Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicBusiness Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer Forensic
 
Network and computer forensics
Network and computer forensicsNetwork and computer forensics
Network and computer forensics
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Computer forencis
Computer forencisComputer forencis
Computer forencis
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
Digital forensics Steps
Digital forensics StepsDigital forensics Steps
Digital forensics Steps
 
3e - Computer Crime
3e - Computer Crime3e - Computer Crime
3e - Computer Crime
 
3e - Security And Privacy
3e - Security And Privacy3e - Security And Privacy
3e - Security And Privacy
 
Uncover important digital evidence with digital forensic tools
Uncover important digital evidence with digital forensic toolsUncover important digital evidence with digital forensic tools
Uncover important digital evidence with digital forensic tools
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
 
cyber law and forensics,biometrics systems
cyber law and forensics,biometrics systemscyber law and forensics,biometrics systems
cyber law and forensics,biometrics systems
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptx
 

More from ahmad abdelhafeez

Surveying cross layer protocols in ws ns
Surveying cross layer protocols in ws nsSurveying cross layer protocols in ws ns
Surveying cross layer protocols in ws nsahmad abdelhafeez
 
Energy harvesting sensor nodes
Energy harvesting sensor nodes Energy harvesting sensor nodes
Energy harvesting sensor nodes ahmad abdelhafeez
 
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...ahmad abdelhafeez
 
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...ahmad abdelhafeez
 
Energy conservation in wireless sensor networks
Energy conservation in wireless sensor networksEnergy conservation in wireless sensor networks
Energy conservation in wireless sensor networksahmad abdelhafeez
 
Digital forensics ahmed emam
Digital forensics ahmed emamDigital forensics ahmed emam
Digital forensics ahmed emamahmad abdelhafeez
 
Malewareanalysis presentation
Malewareanalysis presentationMalewareanalysis presentation
Malewareanalysis presentationahmad abdelhafeez
 
Automatic left ventricle segmentation
Automatic left ventricle segmentationAutomatic left ventricle segmentation
Automatic left ventricle segmentationahmad abdelhafeez
 
Facial expression recognition based on local binary patterns final
Facial expression recognition based on local binary patterns finalFacial expression recognition based on local binary patterns final
Facial expression recognition based on local binary patterns finalahmad abdelhafeez
 

More from ahmad abdelhafeez (20)

Surveying cross layer protocols in ws ns
Surveying cross layer protocols in ws nsSurveying cross layer protocols in ws ns
Surveying cross layer protocols in ws ns
 
Service level management
Service level managementService level management
Service level management
 
Energy harvesting sensor nodes
Energy harvesting sensor nodes Energy harvesting sensor nodes
Energy harvesting sensor nodes
 
V5I3_IJERTV5IS031157
V5I3_IJERTV5IS031157V5I3_IJERTV5IS031157
V5I3_IJERTV5IS031157
 
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
 
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
 
Energy conservation in wireless sensor networks
Energy conservation in wireless sensor networksEnergy conservation in wireless sensor networks
Energy conservation in wireless sensor networks
 
Routing
RoutingRouting
Routing
 
Wsn security issues
Wsn security issuesWsn security issues
Wsn security issues
 
Trusted systems
Trusted systemsTrusted systems
Trusted systems
 
opnet
opnetopnet
opnet
 
Wsn security issues
Wsn security issuesWsn security issues
Wsn security issues
 
Intrusion prevension
Intrusion prevensionIntrusion prevension
Intrusion prevension
 
Digital forensics ahmed emam
Digital forensics ahmed emamDigital forensics ahmed emam
Digital forensics ahmed emam
 
Malewareanalysis presentation
Malewareanalysis presentationMalewareanalysis presentation
Malewareanalysis presentation
 
Automatic left ventricle segmentation
Automatic left ventricle segmentationAutomatic left ventricle segmentation
Automatic left ventricle segmentation
 
Facial expression recognition based on local binary patterns final
Facial expression recognition based on local binary patterns finalFacial expression recognition based on local binary patterns final
Facial expression recognition based on local binary patterns final
 
Sudoku
SudokuSudoku
Sudoku
 
I pv4 versus ipv6
I pv4 versus ipv6I pv4 versus ipv6
I pv4 versus ipv6
 
8086
8086 8086
8086
 

Recently uploaded

Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxPoojaBan
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfAsst.prof M.Gokilavani
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)dollysharma2066
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx959SahilShah
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxbritheesh05
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionDr.Costas Sachpazis
 
Work Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvWork Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvLewisJB
 
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ
 
An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...Chandu841456
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AIabhishek36461
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSCAESB
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girlsssuser7cb4ff
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdfCCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdfAsst.prof M.Gokilavani
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxwendy cai
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxDeepakSakkari2
 
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEINFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEroselinkalist12
 

Recently uploaded (20)

Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptx
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptx
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
 
Work Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvWork Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvv
 
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AI
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentation
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girls
 
POWER SYSTEMS-1 Complete notes examples
POWER SYSTEMS-1 Complete notes examplesPOWER SYSTEMS-1 Complete notes examples
POWER SYSTEMS-1 Complete notes examples
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdfCCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptx
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptx
 
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEINFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
 

Digital forensics.abdallah

  • 1. Digital Forensics Supervised by : Dr. Ashraf Tammam Presented by : Abdallah Hodieb
  • 2. What It is a branch of forensic science specialized in recovery and investigation of material found in digital devices. often related to computer crime.
  • 3. Why Due to the growth in computer crime law enforcement agencies began establishing specialized groups to handle the technical aspects of investigations. Computer Crimes such as : Fraud, Forgery , Extortion , Industrial espionage Virus/Trojan distribution Homicide investigations Theft of or destruction of intellectual property
  • 4. Who ● Criminal Prosecutors & law enforcement agencies. ● Insurance Companies. ● Private Corporations.
  • 5. How The process might differ according to the laws enforced by the country . But the general process mainly consists of : ● Acquisition ● Preservation ● Identification ● Evaluation ● Presentation
  • 6. Challenges Legal rules determine whether potential evidence is admissible in court. Authenticity and validity of evidence must be ensured. Evidence can’t damaged, destroyed, or compromised by the procedures used in identification . Preventing viruses infections during the analysis process Extraction process is properly handled to protect from mechanical or electromagnetic damage.
  • 7. Acquisition Is the process of acquiring any data that can be used as evidence , from the confiscated exhibits. The process must guarantee that the data is not changed during the acquisition [ ex : no modification date changes ] Ex: Computer Devices , Network maps , External Devices.
  • 8. General Acquisition Process Restrict access ( local / remote ) to the machine. Dump memory ( if possible ). Document Hardware Configuration ( internal and external ). Make a digital copy of all applicable storage devices. Authenticate all copies using Checksums . Document all the search steps and operations executed.
  • 9. Types of Data Volatile : Memory Contents. Network Traffic. Non-Volatile: File System contents [ HD , USB Disks , etc .. ]
  • 10. Preservation The original state of the data should be preserved exactly as acquired . Any operations done on the data should be done on an exact copy , to guarantee the integrity of the original confiscated data.
  • 11. Identification Identifying what data could be recovered and retrieving it by using Computer Forensic tools. Identifying and recovering hidden / deleted data using various tools. Identification of any tampering or anomalies in the data.
  • 12. General Identification Process Make a List of Key Search Words. Evaluate the Windows Swap File. Evaluate Unallocated Space (Erased Files). Document File Names, Dates and Times. Identify File, Program and Storage Anomalies. Evaluate Program Functionality. Document Your Findings.
  • 13. Examples of hidden data Changing file names ,extensions. Encryption. Hidden drive space non-partitioned space in-between partitions. Slack Space. Partition waste space. Bad sectors. Other steganography ways.
  • 14. Steganography Example To human eyes, data usually contains known forms, like images, e-mail, sounds, and text. Most Internet data naturally includes gratuitous headers, too. The duck flies at midnight.
  • 15. Evaluation Evaluation of the recovered information , and determining if it can be used as evidence .
  • 16. Presentation Presenting of evidence discovered in a manner which complies with the rules and regulations . ex: It understood by lawyers, non-technically staff and suitable as evidence as determined by country laws.
  • 17. Tools Digital Forensic experts use a combination of software and hardware tools. The tools include disk analysers , steganography analysis tools , decryption , hex viewers , network monitors , etc .. List of the most used software tools : https://en.wikipedia.org/wiki/List_of_digital_forensics_tools
  • 25. DD , Hex editor Live Example