SlideShare a Scribd company logo

Current Forensic Tools

Jyothishmathi Institute of Technology and Science Karimnagar
Jyothishmathi Institute of Technology and Science Karimnagar

Current Forensic tools: evaluating computer forensic tool needs, computer forensics software tools, computer forensics hardware tools, validating and testing forensics software E-Mail Investigations: Exploring the role of e-mail in investigation, exploring the roles of the client and server in e-mail, investigating e-mail crimes and violations, understanding e-mail servers, using specialized e-mail forensic tools. Cell phone and mobile device forensics: Understanding mobile device forensics, understanding acquisition procedures for cell phones and mobile devices

Technology
1 of 23
Download to read offline
Current Forensic Tools Dr R Jegadeesan Prof-CSE Jyothishmathi Institute of Technology and Science, karimnagar
• Look for versatility, flexibility, and robustness – OS – File system(s) – Script capabilities – Automated features – Vendor’s reputation for support • Keep in mind what application files you will be analyzing 2 Current Forensic Tools Evaluating computer forensic tool needs
• Hardware forensic tools – Range from single-purpose components to complete computer systems and servers • Software forensic tools – Types • Command-line applications • GUI applications – Commonly used to copy data from a suspect’s disk drive to an image file 3 Current Forensic Tools Types of Computer Forensics Tools
• Five major categories: – Acquisition – Validation and discrimination – Extraction – Reconstruction – Reporting 4 Current Forensic Tools Tasks Performed by Computer Forensics Tools
• Validation – Ensuring the integrity of data being copied • Discrimination of data – Involves sorting and searching through all investigation data 5 Current Forensic Tools Validating and testing forensics software
• Subfunctions – Hashing o CRC-32, MD5, Secure Hash Algorithms – Filtering o Known system files can be ignored o Based on hash value sets – Analyzing file headers o Discriminate files based on their types • National Software Reference Library (NSRL) has compiled a list of known file hashes – For a variety of OSs, applications, and images 6 Current Forensic Tools Validating and testing forensics software
• Subfunctions – Hashing o CRC-32, MD5, Secure Hash Algorithms – Filtering o Known system files can be ignored o Based on hash value sets – Analyzing file headers o Discriminate files based on their types • National Software Reference Library (NSRL) has compiled a list of known file hashes – For a variety of OSs, applications, and images 7 Current Forensic Tools Validating and testing forensics software
• Many computer forensics programs include a list of common header values – With this information, you can see whether a file extension is incorrect for the file type • Most forensics tools can identify header values 8 Current Forensic Tools Validating and testing forensics software
9 Current Forensic Tools Validating and testing forensics software Table1:Tools
10 E-Mail Investigations Introduction What is E-mail investigation? “E-mail investigation is a digital forensics process of finding out evidences from suspect emails that allows investigator to examine, preserve, and reveal digital evidence”(branch of forensics science).
11 E-Mail Investigations Exploring the role of e-mail in investigation Vital Roles of E-mail Forensics • Examine. • Preserve. • Carve Evidence. • Report.
12 E-Mail Investigations Exploring the role of e-mail in investigation Requirements of E-mail Investigation • To carve evidence. • To ensure the reliability of e-mails. • To pointing on illegal acts and intertwine them. • Presenting an evidence
13 E-Mail Investigations Exploring the role of e-mail in investigation Goal of E-mail Forensics E-mail investigation contains the wealth of mails that’s why E-mail forensics investigator must not only investigate but also retrieve the kind of evidence from mails which is presentable and leads to legal action taken on the crime.
14 E-Mail Investigations Exploring the role of e-mail in investigation Types of E-mail Crimes 1. Email spoofing. 2.Email frauds. 3. Email bombing. 4. Sending threatening emails. 5. Defamatory emails. 6. Sending malicious codes through email..
15 E-Mail Investigations Investigating e-mail crimes and violations Investigating E-mail from Corporate • Corporate: Apps.rai@somecompany.com Everything after @ belongs to the domain name. • Investigating corporate emails is easier.
16 E-Mail Investigations Investigating e-mail crimes and violations Investigating E-mails from Public Servers Try to ignore the use of your own email-id while investigating. Use public severs like yahoo, Hotmail..,etc. • Public: Whatever@hotmail.com
17 E-Mail Investigations Investigating e-mail crimes and violations Investigating E-mail Header Search e-mail header in • GUI clients. • Command- line clients. • Web-based clients. Header contains useful information • Unique identifying number. • Sending time. • IP address of sending e-mail server. • IP address of e-mail client.
18 E-Mail Investigations Investigating e-mail crimes and violations Application of E-mail Investigation • Criminal undertaking. • Civil litigation. • E-mail tracing. • Corporate security policy .
19 E-Mail Investigations Use specified E-mail Investigating tool Use specified E-mail Investigating tool • AccessData’s FTK Imager. • MailXaminer. • Encase. • DBXtract. • Paraben, etc.
20 Cell phone and mobile device forensics Understanding Mobile Device Forensics • People store a wealth of information on cell phones and mobile devices o People don’t think about securing their mobile devices • Items stored on mobile devices: o Incoming, outgoing, and missed calls o Text and Short Message Service (SMS) messages o E-mail o Instant-messaging (IM) logs o Web pages o Pictures o Personal calendars o Address books o Music files o Voice recordings o GPS data • Investigating cell phones and mobile devices is one of the most challenging tasks in digital forensics
21 Cell phone and mobile device forensics Mobile Device Forensic Analysis Process • Biggest challenge is dealing with constantly changing models of cell phones • When you’re acquiring evidence, generally you’re performing two tasks: – Acting as though you’re a PC synchronizing with the device (to download data) – Reading the SIM card • First step is to identify the mobile device
22 Cell phone and mobile device forensics Data Acquisition Procedures for Cell Phones and Mobile Devices • Check these areas in the forensics lab : – Internal memory – SIM card – file system is a hierarchical structure – Removable or external memory cards • Information that can be retrieved: – Service-related data, such as identifiers for the SIM card and the subscriber – Call data, such as numbers dialed – Message information – Location information • If power has been lost, PINs or other access codes might be required to view files. • Encryption
23 E-Mail Investigations Thank you

Recommended

Forensic artifacts in modern linux systems
Forensic artifacts in modern linux systemsForensic artifacts in modern linux systems
Forensic artifacts in modern linux systemsGol D Roger
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic toolsParsons Corporation
 
Windowsforensics
WindowsforensicsWindowsforensics
WindowsforensicsSantosh Khadsare
 
Email investigation
Email investigationEmail investigation
Email investigationAnimesh Shaw
 
Forensic imaging
Forensic imagingForensic imaging
Forensic imagingDINESH KAMBLE
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsMithileysh Sathiyanarayanan
 

Recommended

Forensic artifacts in modern linux systems
Forensic artifacts in modern linux systemsForensic artifacts in modern linux systems
Forensic artifacts in modern linux systemsGol D Roger
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic toolsParsons Corporation
 
Windowsforensics
WindowsforensicsWindowsforensics
WindowsforensicsSantosh Khadsare
 
Email investigation
Email investigationEmail investigation
Email investigationAnimesh Shaw
 
Forensic imaging
Forensic imagingForensic imaging
Forensic imagingDINESH KAMBLE
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsMithileysh Sathiyanarayanan
 
L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxBhupeshkumar Nanhe
 
Digital forensics ahmed emam
Digital forensics ahmed emamDigital forensics ahmed emam
Digital forensics ahmed emamahmad abdelhafeez
 
Operating System Forensics
Operating System ForensicsOperating System Forensics
Operating System ForensicsArunJS5
 
Preserving and recovering digital evidence
Preserving and recovering digital evidencePreserving and recovering digital evidence
Preserving and recovering digital evidenceOnline
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenesprimeteacher32
 
Computer Forensic
Computer ForensicComputer Forensic
Computer ForensicNovizul Evendi
 
Understanding computer investigation
Understanding computer investigationUnderstanding computer investigation
Understanding computer investigationOnline
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 
Anti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsAnti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsgaurang17
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsNicholas Davis
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - NotesKranthi
 
E-mail Investigation
E-mail InvestigationE-mail Investigation
E-mail Investigationedwardbel
 
Digital forensics Steps
Digital forensics StepsDigital forensics Steps
Digital forensics Stepsgamemaker762
 
Electornic evidence collection
Electornic evidence collectionElectornic evidence collection
Electornic evidence collectionFakrul Alam
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsyash sawarkar
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
Autopsy Digital forensics tool
Autopsy Digital forensics toolAutopsy Digital forensics tool
Autopsy Digital forensics toolSreekanth Narendran
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidencerakesh mishra
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber ForensicsKathirvel Ayyaswamy
 
Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDr Raghu Khimani
 
Computer Forensic Tools.pptx
Computer Forensic Tools.pptxComputer Forensic Tools.pptx
Computer Forensic Tools.pptxKomalNagre4
 
s07_bhavesh_ppt
s07_bhavesh_ppts07_bhavesh_ppt
s07_bhavesh_pptS V National Institute of Technology (SVNIT), Surat (NIT, Surat)
 

More Related Content

What's hot

L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxBhupeshkumar Nanhe
 
Digital forensics ahmed emam
Digital forensics ahmed emamDigital forensics ahmed emam
Digital forensics ahmed emamahmad abdelhafeez
 
Operating System Forensics
Operating System ForensicsOperating System Forensics
Operating System ForensicsArunJS5
 
Preserving and recovering digital evidence
Preserving and recovering digital evidencePreserving and recovering digital evidence
Preserving and recovering digital evidenceOnline
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenesprimeteacher32
 
Understanding computer investigation
Understanding computer investigationUnderstanding computer investigation
Understanding computer investigationOnline
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 
Anti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsAnti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsgaurang17
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - NotesKranthi
 
E-mail Investigation
E-mail InvestigationE-mail Investigation
E-mail Investigationedwardbel
 
Digital forensics Steps
Digital forensics StepsDigital forensics Steps
Digital forensics Stepsgamemaker762
 
Electornic evidence collection
Electornic evidence collectionElectornic evidence collection
Electornic evidence collectionFakrul Alam
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidencerakesh mishra
 
Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDr Raghu Khimani
 

What's hot (20)

L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptx
 
Digital forensics ahmed emam
Digital forensics ahmed emamDigital forensics ahmed emam
Digital forensics ahmed emam
 
Operating System Forensics
Operating System ForensicsOperating System Forensics
Operating System Forensics
 
Preserving and recovering digital evidence
Preserving and recovering digital evidencePreserving and recovering digital evidence
Preserving and recovering digital evidence
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenes
 
Computer Forensic
Computer ForensicComputer Forensic
Computer Forensic
 
Understanding computer investigation
Understanding computer investigationUnderstanding computer investigation
Understanding computer investigation
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptx
 
Anti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsAnti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifacts
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes
 
E-mail Investigation
E-mail InvestigationE-mail Investigation
E-mail Investigation
 
Digital forensics Steps
Digital forensics StepsDigital forensics Steps
Digital forensics Steps
 
Electornic evidence collection
Electornic evidence collectionElectornic evidence collection
Electornic evidence collection
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensic
 
Autopsy Digital forensics tool
Autopsy Digital forensics toolAutopsy Digital forensics tool
Autopsy Digital forensics tool
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidence
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 
Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu Khimani
 

Similar to Current Forensic Tools

Computer Forensic Tools.pptx
Computer Forensic Tools.pptxComputer Forensic Tools.pptx
Computer Forensic Tools.pptxKomalNagre4
 
E discovery mallareddy 20160213
E discovery mallareddy 20160213E discovery mallareddy 20160213
E discovery mallareddy 20160213nullowaspmumbai
 
Computer Forensics – What Every Lawyer Needs to Know
Computer Forensics – What Every Lawyer Needs to KnowComputer Forensics – What Every Lawyer Needs to Know
Computer Forensics – What Every Lawyer Needs to KnowWinston & Strawn LLP
 
Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)AltheimPrivacy
 
Uncover important digital evidence with digital forensic tools
Uncover important digital evidence with digital forensic toolsUncover important digital evidence with digital forensic tools
Uncover important digital evidence with digital forensic toolsParaben Corporation
 
Digital&computforensic
Digital&computforensicDigital&computforensic
Digital&computforensicRahul Badekar
 
Personal Computer 'Forensics' Occupation -- Simply What Does A Pc Forensic Ex...
Personal Computer 'Forensics' Occupation -- Simply What Does A Pc Forensic Ex...Personal Computer 'Forensics' Occupation -- Simply What Does A Pc Forensic Ex...
Personal Computer 'Forensics' Occupation -- Simply What Does A Pc Forensic Ex...William782Delaney
 
Computer forensics 1
Computer forensics 1Computer forensics 1
Computer forensics 1Jinalkakadiya
 
Computer Forensic Softwares
Computer Forensic SoftwaresComputer Forensic Softwares
Computer Forensic SoftwaresDhruv Seth
 
Digital forensic science and its scope manesh t
Digital forensic science and its scope manesh tDigital forensic science and its scope manesh t
Digital forensic science and its scope manesh tManesh T
 
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdfGnanavi2
 
Computer crimes and forensics
Computer crimes and forensics Computer crimes and forensics
Computer crimes and forensics Avinash Mavuru
 

Similar to Current Forensic Tools (20)

Computer Forensic Tools.pptx
Computer Forensic Tools.pptxComputer Forensic Tools.pptx
Computer Forensic Tools.pptx
 
s07_bhavesh_ppt
s07_bhavesh_ppts07_bhavesh_ppt
s07_bhavesh_ppt
 
Introduction to e-Discovery
Introduction to e-Discovery Introduction to e-Discovery
Introduction to e-Discovery
 
E discovery mallareddy 20160213
E discovery mallareddy 20160213E discovery mallareddy 20160213
E discovery mallareddy 20160213
 
Computer Forensics – What Every Lawyer Needs to Know
Computer Forensics – What Every Lawyer Needs to KnowComputer Forensics – What Every Lawyer Needs to Know
Computer Forensics – What Every Lawyer Needs to Know
 
Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Uncover important digital evidence with digital forensic tools
Uncover important digital evidence with digital forensic toolsUncover important digital evidence with digital forensic tools
Uncover important digital evidence with digital forensic tools
 
Digital&computforensic
Digital&computforensicDigital&computforensic
Digital&computforensic
 
Personal Computer 'Forensics' Occupation -- Simply What Does A Pc Forensic Ex...
Personal Computer 'Forensics' Occupation -- Simply What Does A Pc Forensic Ex...Personal Computer 'Forensics' Occupation -- Simply What Does A Pc Forensic Ex...
Personal Computer 'Forensics' Occupation -- Simply What Does A Pc Forensic Ex...
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Computer forensics 1
Computer forensics 1Computer forensics 1
Computer forensics 1
 
Computer Forensic Softwares
Computer Forensic SoftwaresComputer Forensic Softwares
Computer Forensic Softwares
 
The Scope of Cyber Forensic.pptx
The Scope of Cyber Forensic.pptxThe Scope of Cyber Forensic.pptx
The Scope of Cyber Forensic.pptx
 
Scope of Cyber forensics
Scope of Cyber forensicsScope of Cyber forensics
Scope of Cyber forensics
 
Digital forensic science and its scope manesh t
Digital forensic science and its scope manesh tDigital forensic science and its scope manesh t
Digital forensic science and its scope manesh t
 
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
 
Computer Forensic
Computer ForensicComputer Forensic
Computer Forensic
 
Computer crimes and forensics
Computer crimes and forensics Computer crimes and forensics
Computer crimes and forensics
 
CYBERFORENSICS
CYBERFORENSICSCYBERFORENSICS
CYBERFORENSICS
 

More from Jyothishmathi Institute of Technology and Science Karimnagar

More from Jyothishmathi Institute of Technology and Science Karimnagar (20)

JAVA PROGRAMMING- GUI Programming with Swing - The Swing Buttons
JAVA PROGRAMMING- GUI Programming with Swing - The Swing ButtonsJAVA PROGRAMMING- GUI Programming with Swing - The Swing Buttons
JAVA PROGRAMMING- GUI Programming with Swing - The Swing Buttons
 
JAVA PROGRAMMING - The Collections Framework
JAVA PROGRAMMING - The Collections Framework JAVA PROGRAMMING - The Collections Framework
JAVA PROGRAMMING - The Collections Framework
 
JAVA PROGRAMMING- Exception handling - Multithreading
JAVA PROGRAMMING- Exception handling - MultithreadingJAVA PROGRAMMING- Exception handling - Multithreading
JAVA PROGRAMMING- Exception handling - Multithreading
 
JAVA PROGRAMMING – Packages - Stream based I/O
JAVA PROGRAMMING – Packages - Stream based I/O JAVA PROGRAMMING – Packages - Stream based I/O
JAVA PROGRAMMING – Packages - Stream based I/O
 
Java programming -Object-Oriented Thinking- Inheritance
Java programming -Object-Oriented Thinking- InheritanceJava programming -Object-Oriented Thinking- Inheritance
Java programming -Object-Oriented Thinking- Inheritance
 
WEB TECHNOLOGIES JavaScript
WEB TECHNOLOGIES JavaScriptWEB TECHNOLOGIES JavaScript
WEB TECHNOLOGIES JavaScript
 
WEB TECHNOLOGIES JSP
WEB TECHNOLOGIES JSPWEB TECHNOLOGIES JSP
WEB TECHNOLOGIES JSP
 
WEB TECHNOLOGIES Servlet
WEB TECHNOLOGIES ServletWEB TECHNOLOGIES Servlet
WEB TECHNOLOGIES Servlet
 
WEB TECHNOLOGIES XML
WEB TECHNOLOGIES XMLWEB TECHNOLOGIES XML
WEB TECHNOLOGIES XML
 
WEB TECHNOLOGIES- PHP Programming
WEB TECHNOLOGIES- PHP ProgrammingWEB TECHNOLOGIES- PHP Programming
WEB TECHNOLOGIES- PHP Programming
 
Compiler Design- Machine Independent Optimizations
Compiler Design- Machine Independent OptimizationsCompiler Design- Machine Independent Optimizations
Compiler Design- Machine Independent Optimizations
 
COMPILER DESIGN Run-Time Environments
COMPILER DESIGN Run-Time EnvironmentsCOMPILER DESIGN Run-Time Environments
COMPILER DESIGN Run-Time Environments
 
COMPILER DESIGN- Syntax Directed Translation
COMPILER DESIGN- Syntax Directed TranslationCOMPILER DESIGN- Syntax Directed Translation
COMPILER DESIGN- Syntax Directed Translation
 
COMPILER DESIGN- Syntax Analysis
COMPILER DESIGN- Syntax AnalysisCOMPILER DESIGN- Syntax Analysis
COMPILER DESIGN- Syntax Analysis
 
COMPILER DESIGN- Introduction & Lexical Analysis:
COMPILER DESIGN- Introduction & Lexical Analysis: COMPILER DESIGN- Introduction & Lexical Analysis:
COMPILER DESIGN- Introduction & Lexical Analysis:
 
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail SecurityCRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
 
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level SecurityCRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
 
CRYPTOGRAPHY & NETWORK SECURITY- Cryptographic Hash Functions
CRYPTOGRAPHY & NETWORK SECURITY- Cryptographic Hash FunctionsCRYPTOGRAPHY & NETWORK SECURITY- Cryptographic Hash Functions
CRYPTOGRAPHY & NETWORK SECURITY- Cryptographic Hash Functions
 
CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key Ciphers
CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key CiphersCRYPTOGRAPHY & NETWOK SECURITY- Symmetric key Ciphers
CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key Ciphers
 
CRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITYCRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITY
 

Recently uploaded

Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 

Recently uploaded (20)

Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 

Current Forensic Tools

  • 1. Current Forensic Tools Dr R Jegadeesan Prof-CSE Jyothishmathi Institute of Technology and Science, karimnagar
  • 2. • Look for versatility, flexibility, and robustness – OS – File system(s) – Script capabilities – Automated features – Vendor’s reputation for support • Keep in mind what application files you will be analyzing 2 Current Forensic Tools Evaluating computer forensic tool needs
  • 3. • Hardware forensic tools – Range from single-purpose components to complete computer systems and servers • Software forensic tools – Types • Command-line applications • GUI applications – Commonly used to copy data from a suspect’s disk drive to an image file 3 Current Forensic Tools Types of Computer Forensics Tools
  • 4. • Five major categories: – Acquisition – Validation and discrimination – Extraction – Reconstruction – Reporting 4 Current Forensic Tools Tasks Performed by Computer Forensics Tools
  • 5. • Validation – Ensuring the integrity of data being copied • Discrimination of data – Involves sorting and searching through all investigation data 5 Current Forensic Tools Validating and testing forensics software
  • 6. • Subfunctions – Hashing o CRC-32, MD5, Secure Hash Algorithms – Filtering o Known system files can be ignored o Based on hash value sets – Analyzing file headers o Discriminate files based on their types • National Software Reference Library (NSRL) has compiled a list of known file hashes – For a variety of OSs, applications, and images 6 Current Forensic Tools Validating and testing forensics software
  • 7. • Subfunctions – Hashing o CRC-32, MD5, Secure Hash Algorithms – Filtering o Known system files can be ignored o Based on hash value sets – Analyzing file headers o Discriminate files based on their types • National Software Reference Library (NSRL) has compiled a list of known file hashes – For a variety of OSs, applications, and images 7 Current Forensic Tools Validating and testing forensics software
  • 8. • Many computer forensics programs include a list of common header values – With this information, you can see whether a file extension is incorrect for the file type • Most forensics tools can identify header values 8 Current Forensic Tools Validating and testing forensics software
  • 9. 9 Current Forensic Tools Validating and testing forensics software Table1:Tools
  • 10. 10 E-Mail Investigations Introduction What is E-mail investigation? “E-mail investigation is a digital forensics process of finding out evidences from suspect emails that allows investigator to examine, preserve, and reveal digital evidence”(branch of forensics science).
  • 11. 11 E-Mail Investigations Exploring the role of e-mail in investigation Vital Roles of E-mail Forensics • Examine. • Preserve. • Carve Evidence. • Report.
  • 12. 12 E-Mail Investigations Exploring the role of e-mail in investigation Requirements of E-mail Investigation • To carve evidence. • To ensure the reliability of e-mails. • To pointing on illegal acts and intertwine them. • Presenting an evidence
  • 13. 13 E-Mail Investigations Exploring the role of e-mail in investigation Goal of E-mail Forensics E-mail investigation contains the wealth of mails that’s why E-mail forensics investigator must not only investigate but also retrieve the kind of evidence from mails which is presentable and leads to legal action taken on the crime.
  • 14. 14 E-Mail Investigations Exploring the role of e-mail in investigation Types of E-mail Crimes 1. Email spoofing. 2.Email frauds. 3. Email bombing. 4. Sending threatening emails. 5. Defamatory emails. 6. Sending malicious codes through email..
  • 15. 15 E-Mail Investigations Investigating e-mail crimes and violations Investigating E-mail from Corporate • Corporate: Apps.rai@somecompany.com Everything after @ belongs to the domain name. • Investigating corporate emails is easier.
  • 16. 16 E-Mail Investigations Investigating e-mail crimes and violations Investigating E-mails from Public Servers Try to ignore the use of your own email-id while investigating. Use public severs like yahoo, Hotmail..,etc. • Public: Whatever@hotmail.com
  • 17. 17 E-Mail Investigations Investigating e-mail crimes and violations Investigating E-mail Header Search e-mail header in • GUI clients. • Command- line clients. • Web-based clients. Header contains useful information • Unique identifying number. • Sending time. • IP address of sending e-mail server. • IP address of e-mail client.
  • 18. 18 E-Mail Investigations Investigating e-mail crimes and violations Application of E-mail Investigation • Criminal undertaking. • Civil litigation. • E-mail tracing. • Corporate security policy .
  • 19. 19 E-Mail Investigations Use specified E-mail Investigating tool Use specified E-mail Investigating tool • AccessData’s FTK Imager. • MailXaminer. • Encase. • DBXtract. • Paraben, etc.
  • 20. 20 Cell phone and mobile device forensics Understanding Mobile Device Forensics • People store a wealth of information on cell phones and mobile devices o People don’t think about securing their mobile devices • Items stored on mobile devices: o Incoming, outgoing, and missed calls o Text and Short Message Service (SMS) messages o E-mail o Instant-messaging (IM) logs o Web pages o Pictures o Personal calendars o Address books o Music files o Voice recordings o GPS data • Investigating cell phones and mobile devices is one of the most challenging tasks in digital forensics
  • 21. 21 Cell phone and mobile device forensics Mobile Device Forensic Analysis Process • Biggest challenge is dealing with constantly changing models of cell phones • When you’re acquiring evidence, generally you’re performing two tasks: – Acting as though you’re a PC synchronizing with the device (to download data) – Reading the SIM card • First step is to identify the mobile device
  • 22. 22 Cell phone and mobile device forensics Data Acquisition Procedures for Cell Phones and Mobile Devices • Check these areas in the forensics lab : – Internal memory – SIM card – file system is a hierarchical structure – Removable or external memory cards • Information that can be retrieved: – Service-related data, such as identifiers for the SIM card and the subscriber – Call data, such as numbers dialed – Message information – Location information • If power has been lost, PINs or other access codes might be required to view files. • Encryption