SlideShare a Scribd company logo

Cyber forensics and investigations

Download as PPTX, PDF
Jay Mehta
Jay Mehta

Jay Mehta is a cyber forensics investigator. His responsibilities include identifying and preserving crime scenes and evidence, documenting findings, and maintaining chain of custody of electronic evidence. Cyber forensics is important because digital evidence can be altered, damaged, or destroyed easily and crosses borders quickly. Various groups like law enforcement, companies and individuals use cyber forensics to investigate crimes and lawsuits.

Technology
1 of 15
Jay Mehta
Cyber Forensics ?
Forensics Investigator ?
Forensics Investigator ? • Identifying the crime scene • Protecting the crime scene • Preserving temporary and fragile evidence • Collecting complete information about the incident • Documenting all findings • Packaging and transporting the electronic evidence • Gather preliminary information at the scene
Why Cyber Forensics ?
Forensic Investigation Process
Digital Evidence ? • Latent/Hidden • Crosses jurisdictional borders quickly and easily • Can be altered, damaged, or destroyed easily • Can be time sensitive
Chain of Custody ? • A list of all devices that were secured from the crime scene for further Investigation • Accurate information about the devices that has been copied, transferred, and collected • Timestamp of all the collected evidence • Who processed the item? • Who is the owner of the item? • Where was it taken or seized from? • All electronic evidence that was collected from the crime scene must be properly documented each time that evidence is viewed • Such documentation must be made available, if requested by the client, throughout the pre-trial discovery phase.
Forensic Investigation Challenges • Inadequate chain of custody • Not maintaining legal procedures • Inadequate evidential integrity • Inadequate evidence gathering and maintaining accuracy, authenticity, completeness
Who uses Cyber Forensics ? • Criminal Prosecutors • Civil Litigations • Insurance Companies • Private Corporations • Law Enforcement Officials • Individual/Private Citizens
Evidence Processing Guidelines • Step 1: Shut down the computer • Step 2: Document the Hardware Configuration of The System • Step 3: Transport the Computer System to A Secure Location • Step 4: Make Bit Stream Backups of Hard Disks and Floppy Disks • Step 5: Mathematically Authenticate Data on All Storage Devices • Step 6: Document the System Date and Time • Step 7: Make a List of Key Search Words • Step 8: Evaluate Unallocated Space (Erased Files) • Step 9: Document File Names, Dates and Times • Step 10: Identify File, Program and Storage Anomalies • Step 11: Evaluate Program Functionality • Step 12: Document Your Findings • Step 13: Retain Copies of Software Used
Types of Cyber Forensics • Database forensics • Email forensics • Malware forensics • Memory forensics • Mobile forensics • Network forensics
Cyber forensics and investigations
Cyber forensics and investigations
Cyber forensics and investigations

Recommended

DIGITAL FORENSICS_PRESENTATION
DIGITAL FORENSICS_PRESENTATIONDIGITAL FORENSICS_PRESENTATION
DIGITAL FORENSICS_PRESENTATIONAmina Baha
 
Data Security for Project Managers
Data Security for Project ManagersData Security for Project Managers
Data Security for Project ManagersJoseph Wojowski
 
Enterprise Forensics 101
Enterprise Forensics 101Enterprise Forensics 101
Enterprise Forensics 101Mona Arkhipova
 
Security Issues in Internet of Things
Security Issues in Internet of ThingsSecurity Issues in Internet of Things
Security Issues in Internet of ThingsLohith Haravu Chandrashekar
 
Inside the Wire - thotcon 0x9
Inside the Wire - thotcon 0x9Inside the Wire - thotcon 0x9
Inside the Wire - thotcon 0x9Mike Kelly
 
Handling digital crime scene
Handling digital crime sceneHandling digital crime scene
Handling digital crime sceneSKMohamedKasim
 
The Forensic Lab
The Forensic LabThe Forensic Lab
The Forensic Labprimeteacher32
 
Raabit and bacteria
Raabit and bacteriaRaabit and bacteria
Raabit and bacteriasabin kafle
 

Recommended

DIGITAL FORENSICS_PRESENTATION
DIGITAL FORENSICS_PRESENTATIONDIGITAL FORENSICS_PRESENTATION
DIGITAL FORENSICS_PRESENTATIONAmina Baha
 
Data Security for Project Managers
Data Security for Project ManagersData Security for Project Managers
Data Security for Project ManagersJoseph Wojowski
 
Enterprise Forensics 101
Enterprise Forensics 101Enterprise Forensics 101
Enterprise Forensics 101Mona Arkhipova
 
Security Issues in Internet of Things
Security Issues in Internet of ThingsSecurity Issues in Internet of Things
Security Issues in Internet of ThingsLohith Haravu Chandrashekar
 
Inside the Wire - thotcon 0x9
Inside the Wire - thotcon 0x9Inside the Wire - thotcon 0x9
Inside the Wire - thotcon 0x9Mike Kelly
 
Handling digital crime scene
Handling digital crime sceneHandling digital crime scene
Handling digital crime sceneSKMohamedKasim
 
The Forensic Lab
The Forensic LabThe Forensic Lab
The Forensic Labprimeteacher32
 
Raabit and bacteria
Raabit and bacteriaRaabit and bacteria
Raabit and bacteriasabin kafle
 
InfoSecurity.be 2011
InfoSecurity.be 2011InfoSecurity.be 2011
InfoSecurity.be 2011Xavier Mertens
 
Computer Forensics – What Every Lawyer Needs to Know
Computer Forensics – What Every Lawyer Needs to KnowComputer Forensics – What Every Lawyer Needs to Know
Computer Forensics – What Every Lawyer Needs to KnowWinston & Strawn LLP
 
Memory Forensics
Memory ForensicsMemory Forensics
Memory ForensicsAnshul Tayal
 
Bh europe 2013_wilhoit
Bh europe 2013_wilhoitBh europe 2013_wilhoit
Bh europe 2013_wilhoitKyle Wilhoit
 
How to protect your business telephony from cyber attacks - webinar 2017, Eng...
How to protect your business telephony from cyber attacks - webinar 2017, Eng...How to protect your business telephony from cyber attacks - webinar 2017, Eng...
How to protect your business telephony from cyber attacks - webinar 2017, Eng...Askozia
 
CNIT 121: 16 Report Writing
CNIT 121: 16 Report WritingCNIT 121: 16 Report Writing
CNIT 121: 16 Report WritingSam Bowne
 
Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015Hykeos
 
Network security
Network securityNetwork security
Network securityDonald West Rock
 
Vrfid Document Tracking
Vrfid Document TrackingVrfid Document Tracking
Vrfid Document TrackingVicinity RFID Solutions Pvt. Ltd.
 
Design and Analyze Secure Networked Systems - 1
Design and Analyze Secure Networked Systems - 1Design and Analyze Secure Networked Systems - 1
Design and Analyze Secure Networked Systems - 1Don Kim
 
Enterprise Documents Secure and On the Go
Enterprise Documents Secure and On the GoEnterprise Documents Secure and On the Go
Enterprise Documents Secure and On the GoRob Bogue
 
CNIT 121: 11 Analysis Methodology
CNIT 121: 11 Analysis MethodologyCNIT 121: 11 Analysis Methodology
CNIT 121: 11 Analysis MethodologySam Bowne
 
Cyber security
Cyber securityCyber security
Cyber securityJahirUddinKomol
 
Plain talk about security public - ms1
Plain talk about security public - ms1Plain talk about security public - ms1
Plain talk about security public - ms1Mike Stone
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Positive Hack Days
 
Production Challenges for Container Networking
Production Challenges for Container NetworkingProduction Challenges for Container Networking
Production Challenges for Container NetworkingVipin Jain
 
St. Mark Lutheran Cyber safety seminar - JurInnov - Eric Vanderburg
St. Mark Lutheran Cyber safety seminar - JurInnov - Eric VanderburgSt. Mark Lutheran Cyber safety seminar - JurInnov - Eric Vanderburg
St. Mark Lutheran Cyber safety seminar - JurInnov - Eric VanderburgEric Vanderburg
 
1. Security and Risk Management
1. Security and Risk Management1. Security and Risk Management
1. Security and Risk ManagementSam Bowne
 
Untangled Conference - November 8, 2014 - Security Awareness
Untangled Conference - November 8, 2014 - Security AwarenessUntangled Conference - November 8, 2014 - Security Awareness
Untangled Conference - November 8, 2014 - Security AwarenessEric Vanderburg
 
CNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsCNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsSam Bowne
 
Collecting and preserving digital evidence
Collecting and preserving digital evidenceCollecting and preserving digital evidence
Collecting and preserving digital evidenceOnline
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenesprimeteacher32
 

More Related Content

What's hot

Computer Forensics – What Every Lawyer Needs to Know
Computer Forensics – What Every Lawyer Needs to KnowComputer Forensics – What Every Lawyer Needs to Know
Computer Forensics – What Every Lawyer Needs to KnowWinston & Strawn LLP
 
Bh europe 2013_wilhoit
Bh europe 2013_wilhoitBh europe 2013_wilhoit
Bh europe 2013_wilhoitKyle Wilhoit
 
How to protect your business telephony from cyber attacks - webinar 2017, Eng...
How to protect your business telephony from cyber attacks - webinar 2017, Eng...How to protect your business telephony from cyber attacks - webinar 2017, Eng...
How to protect your business telephony from cyber attacks - webinar 2017, Eng...Askozia
 
CNIT 121: 16 Report Writing
CNIT 121: 16 Report WritingCNIT 121: 16 Report Writing
CNIT 121: 16 Report WritingSam Bowne
 
Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015Hykeos
 
Design and Analyze Secure Networked Systems - 1
Design and Analyze Secure Networked Systems - 1Design and Analyze Secure Networked Systems - 1
Design and Analyze Secure Networked Systems - 1Don Kim
 
Enterprise Documents Secure and On the Go
Enterprise Documents Secure and On the GoEnterprise Documents Secure and On the Go
Enterprise Documents Secure and On the GoRob Bogue
 
CNIT 121: 11 Analysis Methodology
CNIT 121: 11 Analysis MethodologyCNIT 121: 11 Analysis Methodology
CNIT 121: 11 Analysis MethodologySam Bowne
 
Plain talk about security public - ms1
Plain talk about security public - ms1Plain talk about security public - ms1
Plain talk about security public - ms1Mike Stone
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Positive Hack Days
 
Production Challenges for Container Networking
Production Challenges for Container NetworkingProduction Challenges for Container Networking
Production Challenges for Container NetworkingVipin Jain
 
St. Mark Lutheran Cyber safety seminar - JurInnov - Eric Vanderburg
St. Mark Lutheran Cyber safety seminar - JurInnov - Eric VanderburgSt. Mark Lutheran Cyber safety seminar - JurInnov - Eric Vanderburg
St. Mark Lutheran Cyber safety seminar - JurInnov - Eric VanderburgEric Vanderburg
 
1. Security and Risk Management
1. Security and Risk Management1. Security and Risk Management
1. Security and Risk ManagementSam Bowne
 
Untangled Conference - November 8, 2014 - Security Awareness
Untangled Conference - November 8, 2014 - Security AwarenessUntangled Conference - November 8, 2014 - Security Awareness
Untangled Conference - November 8, 2014 - Security AwarenessEric Vanderburg
 
CNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsCNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsSam Bowne
 

What's hot (20)

InfoSecurity.be 2011
InfoSecurity.be 2011InfoSecurity.be 2011
InfoSecurity.be 2011
 
Computer Forensics – What Every Lawyer Needs to Know
Computer Forensics – What Every Lawyer Needs to KnowComputer Forensics – What Every Lawyer Needs to Know
Computer Forensics – What Every Lawyer Needs to Know
 
Memory Forensics
Memory ForensicsMemory Forensics
Memory Forensics
 
Bh europe 2013_wilhoit
Bh europe 2013_wilhoitBh europe 2013_wilhoit
Bh europe 2013_wilhoit
 
How to protect your business telephony from cyber attacks - webinar 2017, Eng...
How to protect your business telephony from cyber attacks - webinar 2017, Eng...How to protect your business telephony from cyber attacks - webinar 2017, Eng...
How to protect your business telephony from cyber attacks - webinar 2017, Eng...
 
CNIT 121: 16 Report Writing
CNIT 121: 16 Report WritingCNIT 121: 16 Report Writing
CNIT 121: 16 Report Writing
 
Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015
 
Network security
Network securityNetwork security
Network security
 
Vrfid Document Tracking
Vrfid Document TrackingVrfid Document Tracking
Vrfid Document Tracking
 
Design and Analyze Secure Networked Systems - 1
Design and Analyze Secure Networked Systems - 1Design and Analyze Secure Networked Systems - 1
Design and Analyze Secure Networked Systems - 1
 
Enterprise Documents Secure and On the Go
Enterprise Documents Secure and On the GoEnterprise Documents Secure and On the Go
Enterprise Documents Secure and On the Go
 
CNIT 121: 11 Analysis Methodology
CNIT 121: 11 Analysis MethodologyCNIT 121: 11 Analysis Methodology
CNIT 121: 11 Analysis Methodology
 
Cyber security
Cyber securityCyber security
Cyber security
 
Plain talk about security public - ms1
Plain talk about security public - ms1Plain talk about security public - ms1
Plain talk about security public - ms1
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
 
Production Challenges for Container Networking
Production Challenges for Container NetworkingProduction Challenges for Container Networking
Production Challenges for Container Networking
 
St. Mark Lutheran Cyber safety seminar - JurInnov - Eric Vanderburg
St. Mark Lutheran Cyber safety seminar - JurInnov - Eric VanderburgSt. Mark Lutheran Cyber safety seminar - JurInnov - Eric Vanderburg
St. Mark Lutheran Cyber safety seminar - JurInnov - Eric Vanderburg
 
1. Security and Risk Management
1. Security and Risk Management1. Security and Risk Management
1. Security and Risk Management
 
Untangled Conference - November 8, 2014 - Security Awareness
Untangled Conference - November 8, 2014 - Security AwarenessUntangled Conference - November 8, 2014 - Security Awareness
Untangled Conference - November 8, 2014 - Security Awareness
 
CNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsCNIT 50: 9. NSM Operations
CNIT 50: 9. NSM Operations
 

Similar to Cyber forensics and investigations

Collecting and preserving digital evidence
Collecting and preserving digital evidenceCollecting and preserving digital evidence
Collecting and preserving digital evidenceOnline
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenesprimeteacher32
 
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdfGnanavi2
 
Preserving and recovering digital evidence
Preserving and recovering digital evidencePreserving and recovering digital evidence
Preserving and recovering digital evidenceOnline
 
Computer Forensics (1).pptx
Computer Forensics (1).pptxComputer Forensics (1).pptx
Computer Forensics (1).pptxGautam708801
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas IndonesiaIGN MANTRA
 
BASICS OF INVESTIGATION OF CYBER CRIME CASES.pptx
BASICS OF INVESTIGATION OF CYBER CRIME CASES.pptxBASICS OF INVESTIGATION OF CYBER CRIME CASES.pptx
BASICS OF INVESTIGATION OF CYBER CRIME CASES.pptxALISHAARORA31
 
ISSC455_Week6_Project_PowerPoint_Presentation_Intindolo
ISSC455_Week6_Project_PowerPoint_Presentation_IntindoloISSC455_Week6_Project_PowerPoint_Presentation_Intindolo
ISSC455_Week6_Project_PowerPoint_Presentation_IntindoloJohn Intindolo
 
Workshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantraWorkshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantraIGN MANTRA
 
Chapter 15 incident handling
Chapter 15 incident handlingChapter 15 incident handling
Chapter 15 incident handlingnewbie2019
 
CNIT 121: 6 Discovering the Scope of the Incident & 7 Live Data Collection
CNIT 121: 6 Discovering the Scope of the Incident & 7 Live Data CollectionCNIT 121: 6 Discovering the Scope of the Incident & 7 Live Data Collection
CNIT 121: 6 Discovering the Scope of the Incident & 7 Live Data CollectionSam Bowne
 

Similar to Cyber forensics and investigations (20)

Collecting and preserving digital evidence
Collecting and preserving digital evidenceCollecting and preserving digital evidence
Collecting and preserving digital evidence
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenes
 
Computer Forensic
Computer ForensicComputer Forensic
Computer Forensic
 
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Lect 3 Computer Forensics
Lect 3 Computer ForensicsLect 3 Computer Forensics
Lect 3 Computer Forensics
 
CF.ppt
CF.pptCF.ppt
CF.ppt
 
Preserving and recovering digital evidence
Preserving and recovering digital evidencePreserving and recovering digital evidence
Preserving and recovering digital evidence
 
Forensic
ForensicForensic
Forensic
 
Computer Forensics (1).pptx
Computer Forensics (1).pptxComputer Forensics (1).pptx
Computer Forensics (1).pptx
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensic
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptx
 
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
 
BASICS OF INVESTIGATION OF CYBER CRIME CASES.pptx
BASICS OF INVESTIGATION OF CYBER CRIME CASES.pptxBASICS OF INVESTIGATION OF CYBER CRIME CASES.pptx
BASICS OF INVESTIGATION OF CYBER CRIME CASES.pptx
 
ISSC455_Week6_Project_PowerPoint_Presentation_Intindolo
ISSC455_Week6_Project_PowerPoint_Presentation_IntindoloISSC455_Week6_Project_PowerPoint_Presentation_Intindolo
ISSC455_Week6_Project_PowerPoint_Presentation_Intindolo
 
Workshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantraWorkshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantra
 
cyber Forensics
cyber Forensicscyber Forensics
cyber Forensics
 
Chapter 15 incident handling
Chapter 15 incident handlingChapter 15 incident handling
Chapter 15 incident handling
 
CNIT 121: 6 Discovering the Scope of the Incident & 7 Live Data Collection
CNIT 121: 6 Discovering the Scope of the Incident & 7 Live Data CollectionCNIT 121: 6 Discovering the Scope of the Incident & 7 Live Data Collection
CNIT 121: 6 Discovering the Scope of the Incident & 7 Live Data Collection
 

Recently uploaded

How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfdanishmna97
 
Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxSimplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxMarkSteadman7
 
2024 May Patch Tuesday
2024 May Patch Tuesday2024 May Patch Tuesday
2024 May Patch TuesdayIvanti
 
Introduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxIntroduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxFIDO Alliance
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityVictorSzoltysek
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMKumar Satyam
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe中 央社
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseWSO2
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxFIDO Alliance
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)Samir Dash
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard37
 
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)Paige Cruz
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAnitaRaj43
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc
 
ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctBrainSell Technologies
 
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...caitlingebhard1
 
WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024Lorenzo Miniero
 

Recently uploaded (20)

How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cf
 
Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxSimplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptx
 
2024 May Patch Tuesday
2024 May Patch Tuesday2024 May Patch Tuesday
2024 May Patch Tuesday
 
Introduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxIntroduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptx
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern Enterprise
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
 
ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage Intacct
 
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
 
WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024
 

Cyber forensics and investigations

  • 4. Forensics Investigator ? • Identifying the crime scene • Protecting the crime scene • Preserving temporary and fragile evidence • Collecting complete information about the incident • Documenting all findings • Packaging and transporting the electronic evidence • Gather preliminary information at the scene
  • 7. Digital Evidence ? • Latent/Hidden • Crosses jurisdictional borders quickly and easily • Can be altered, damaged, or destroyed easily • Can be time sensitive
  • 8. Chain of Custody ? • A list of all devices that were secured from the crime scene for further Investigation • Accurate information about the devices that has been copied, transferred, and collected • Timestamp of all the collected evidence • Who processed the item? • Who is the owner of the item? • Where was it taken or seized from? • All electronic evidence that was collected from the crime scene must be properly documented each time that evidence is viewed • Such documentation must be made available, if requested by the client, throughout the pre-trial discovery phase.
  • 9. Forensic Investigation Challenges • Inadequate chain of custody • Not maintaining legal procedures • Inadequate evidential integrity • Inadequate evidence gathering and maintaining accuracy, authenticity, completeness
  • 10. Who uses Cyber Forensics ? • Criminal Prosecutors • Civil Litigations • Insurance Companies • Private Corporations • Law Enforcement Officials • Individual/Private Citizens
  • 11. Evidence Processing Guidelines • Step 1: Shut down the computer • Step 2: Document the Hardware Configuration of The System • Step 3: Transport the Computer System to A Secure Location • Step 4: Make Bit Stream Backups of Hard Disks and Floppy Disks • Step 5: Mathematically Authenticate Data on All Storage Devices • Step 6: Document the System Date and Time • Step 7: Make a List of Key Search Words • Step 8: Evaluate Unallocated Space (Erased Files) • Step 9: Document File Names, Dates and Times • Step 10: Identify File, Program and Storage Anomalies • Step 11: Evaluate Program Functionality • Step 12: Document Your Findings • Step 13: Retain Copies of Software Used
  • 12. Types of Cyber Forensics • Database forensics • Email forensics • Malware forensics • Memory forensics • Mobile forensics • Network forensics