SlideShare a Scribd company logo
BITCOIN FORENSICS
BY- APURV SINGH GAUTAM
• Bitcoin is a cryptocurrency
• An attempt to bring back a DECENTRALISED currency of people
• Not controlled by a Central Bank
• Works on Blockchain Technology
What is Bitcoin ?
LOOKS
Example of Bitcoin
• A forensics investigator should know the Tech Architecture
• All about BLOCKCHAIN
• Currently no software tools is available
• Everything is in Public and Private Key (Cryptography)
How to Perform Forensics ??
• Elliptic Curve Digital Signature Algorithm is used
• ECDSA is used to generate a public key from the PrivKey
• The PubKey can be used to verify transactions signed using the PrivKey
• 64-byte PubKeys are hashed down to 20-byte addresses
• 20-byte hash formatted using base58 check to produce either a P2PKH or P2SH Bitcoin
address
Algorithm for Bitcoin
• Type of distributed ledger
• Stored data in blocks
• Blocks contain digitally recorded data that is unchangeable
• Linked List is used in which each block contains hash of previous block
What is BlockChain ??
• Bitcoin network is composed of PEERS connected to other PEERS over unencrypted TCP
channels
• Each peer attempts to maintain EIGHT outgoing connections to other peers
• These eight peers are called ENTRY NODES
• Transaction and Block messages are propagated in network by being Relayed through
these ENTRY NODES to other peers
How Bitcoin Network Works ??
• Bitcoins don’t EXIST ANYWHERE, not even on a hard drive
• For a Bitcoin Address there are no digital Bitcoins held against that Address
• One must reconstruct the balance of bitcoin by looking at the Blockchain
• Everyone on the network knows about the TRANSACTION and the history can be traced
back to the point where the BITCOINS were produced
Search based
On Block
Number, Address,
Block Hash,
Transaction
Hash or Public Key
http://www.blockexplorer.com
http://www.blockexplorer.com/blocks
https://blockchain.info/stats
Bitcoin Core Wallet
Bitcoin Core/Bitcoin-QT Folder
Structure
Bitcoin Core/Bitcoin-QT Folder
Structure
Bitcoin Core/Bitcoin-QT Folder
Analysis
• Blocks subdirectory – This subdirectory contains blockchain data and contains a “blk.dat”
file and a “blocks/index” subdirectory
• “blk.dat” stores actual Bitcoin block dumped in raw format
• The “blocks/index” subdirectory is a database that contains metadata about all known
blocks
• chainstate subdirectory – It is a database with a compact representation of all currently up
spent transactions and some metadata about where the transactions originated
• Database subdirectory – It contains database journaling files
Bitcoin Core/Bitcoin-QT Folder Structure
• System Info
• Info about Logged Users
• Registry Info
• Remnants of Chats
• Web browsing Activities
• Recent Communications
• Info from Cloud Services
Collection of Bitcoin Artifacts
• Look thoroughly through the transactions happening on Blockchain
• Note down Bitcoin public addresses properly
• Seize any Physical object that can connect to the Internet in addition to the Hard
Drive
• Bitcoins addresses can help in tracing the purchases
Few Tips for an Investigator
Thank You

More Related Content

What's hot

Data recovery
Data recoveryData recovery
Data recovery
Mir Majid
 
E mail Investigation
E mail InvestigationE mail Investigation
E mail Investigation
Dr Raghu Khimani
 
Role of Forensic Scientists in Laboratory & Crime Scene.pptx
Role of Forensic Scientists in Laboratory & Crime Scene.pptxRole of Forensic Scientists in Laboratory & Crime Scene.pptx
Role of Forensic Scientists in Laboratory & Crime Scene.pptx
Applied Forensic Research Sciences
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensics
pranjal dutta
 
Operating System Forensics
Operating System ForensicsOperating System Forensics
Operating System Forensics
ArunJS5
 
Windowsforensics
WindowsforensicsWindowsforensics
Windowsforensics
Santosh Khadsare
 
4 Getting Started & 5 Leads
4 Getting Started & 5 Leads4 Getting Started & 5 Leads
4 Getting Started & 5 Leads
Sam Bowne
 
CNIT 121: 9 Network Evidence
CNIT 121: 9 Network EvidenceCNIT 121: 9 Network Evidence
CNIT 121: 9 Network Evidence
Sam Bowne
 
Introduction to Forensics by Piyush B. Thakur
Introduction to Forensics by Piyush B. Thakur Introduction to Forensics by Piyush B. Thakur
Introduction to Forensics by Piyush B. Thakur
Piyush Thakur
 
Mobile Phone Seizure Guide by Raghu Khimani
Mobile Phone Seizure Guide by Raghu KhimaniMobile Phone Seizure Guide by Raghu Khimani
Mobile Phone Seizure Guide by Raghu Khimani
Dr Raghu Khimani
 
Police and Detective Training Schools
Police and Detective Training SchoolsPolice and Detective Training Schools
Police and Detective Training Schools
Applied Forensic Research Sciences
 
[발표용 '15.11.27]정보보안 전문가 되는길 new(최종_요약본)
[발표용 '15.11.27]정보보안 전문가 되는길 new(최종_요약본)[발표용 '15.11.27]정보보안 전문가 되는길 new(최종_요약본)
[발표용 '15.11.27]정보보안 전문가 되는길 new(최종_요약본)
james yoo
 
AV Evasion with the Veil Framework
AV Evasion with the Veil FrameworkAV Evasion with the Veil Framework
AV Evasion with the Veil Framework
VeilFramework
 
Search & Seizure of Electronic Evidence by Pelorus Technologies
Search & Seizure of Electronic Evidence by Pelorus TechnologiesSearch & Seizure of Electronic Evidence by Pelorus Technologies
Search & Seizure of Electronic Evidence by Pelorus Technologies
urjarathi
 
Live data collection_from_windows_system
Live data collection_from_windows_systemLive data collection_from_windows_system
Live data collection_from_windows_system
Maceni Muse
 
EVM - The Heart of Ethereum
EVM - The Heart of EthereumEVM - The Heart of Ethereum
EVM - The Heart of Ethereum
Truong Nguyen
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptx
Ambuj Kumar
 
Blockchain-based Solutions for Identity & Access Management
Blockchain-based Solutions for Identity & Access ManagementBlockchain-based Solutions for Identity & Access Management
Blockchain-based Solutions for Identity & Access Management
Prabath Siriwardena
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
Roberto Ellis
 
Digital Forensic ppt
Digital Forensic pptDigital Forensic ppt
Digital Forensic ppt
Suchita Rawat
 

What's hot (20)

Data recovery
Data recoveryData recovery
Data recovery
 
E mail Investigation
E mail InvestigationE mail Investigation
E mail Investigation
 
Role of Forensic Scientists in Laboratory & Crime Scene.pptx
Role of Forensic Scientists in Laboratory & Crime Scene.pptxRole of Forensic Scientists in Laboratory & Crime Scene.pptx
Role of Forensic Scientists in Laboratory & Crime Scene.pptx
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensics
 
Operating System Forensics
Operating System ForensicsOperating System Forensics
Operating System Forensics
 
Windowsforensics
WindowsforensicsWindowsforensics
Windowsforensics
 
4 Getting Started & 5 Leads
4 Getting Started & 5 Leads4 Getting Started & 5 Leads
4 Getting Started & 5 Leads
 
CNIT 121: 9 Network Evidence
CNIT 121: 9 Network EvidenceCNIT 121: 9 Network Evidence
CNIT 121: 9 Network Evidence
 
Introduction to Forensics by Piyush B. Thakur
Introduction to Forensics by Piyush B. Thakur Introduction to Forensics by Piyush B. Thakur
Introduction to Forensics by Piyush B. Thakur
 
Mobile Phone Seizure Guide by Raghu Khimani
Mobile Phone Seizure Guide by Raghu KhimaniMobile Phone Seizure Guide by Raghu Khimani
Mobile Phone Seizure Guide by Raghu Khimani
 
Police and Detective Training Schools
Police and Detective Training SchoolsPolice and Detective Training Schools
Police and Detective Training Schools
 
[발표용 '15.11.27]정보보안 전문가 되는길 new(최종_요약본)
[발표용 '15.11.27]정보보안 전문가 되는길 new(최종_요약본)[발표용 '15.11.27]정보보안 전문가 되는길 new(최종_요약본)
[발표용 '15.11.27]정보보안 전문가 되는길 new(최종_요약본)
 
AV Evasion with the Veil Framework
AV Evasion with the Veil FrameworkAV Evasion with the Veil Framework
AV Evasion with the Veil Framework
 
Search & Seizure of Electronic Evidence by Pelorus Technologies
Search & Seizure of Electronic Evidence by Pelorus TechnologiesSearch & Seizure of Electronic Evidence by Pelorus Technologies
Search & Seizure of Electronic Evidence by Pelorus Technologies
 
Live data collection_from_windows_system
Live data collection_from_windows_systemLive data collection_from_windows_system
Live data collection_from_windows_system
 
EVM - The Heart of Ethereum
EVM - The Heart of EthereumEVM - The Heart of Ethereum
EVM - The Heart of Ethereum
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptx
 
Blockchain-based Solutions for Identity & Access Management
Blockchain-based Solutions for Identity & Access ManagementBlockchain-based Solutions for Identity & Access Management
Blockchain-based Solutions for Identity & Access Management
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Digital Forensic ppt
Digital Forensic pptDigital Forensic ppt
Digital Forensic ppt
 

Similar to Bitcoin Forensics

Bitcoin 101 - Certified Bitcoin Professional Training Session
Bitcoin 101 - Certified Bitcoin Professional Training SessionBitcoin 101 - Certified Bitcoin Professional Training Session
Bitcoin 101 - Certified Bitcoin Professional Training Session
Lisa Cheng
 
Architecture and operations.pptx
Architecture and operations.pptxArchitecture and operations.pptx
Architecture and operations.pptx
harshitmittal737363
 
Blockchain Fundamental_KIPMI_2022.02.26.pdf
Blockchain Fundamental_KIPMI_2022.02.26.pdfBlockchain Fundamental_KIPMI_2022.02.26.pdf
Blockchain Fundamental_KIPMI_2022.02.26.pdf
adinugroho751867
 
Blockchain, working [blockchain vs bitcoin] pros and cons
Blockchain, working [blockchain vs bitcoin] pros and consBlockchain, working [blockchain vs bitcoin] pros and cons
Blockchain, working [blockchain vs bitcoin] pros and cons
Jerin Sebastian
 
A Breathless Tour of Blockchain
A Breathless Tour of BlockchainA Breathless Tour of Blockchain
A Breathless Tour of Blockchain
Eoin Woods
 
Bitcoin and the future of cryptocurrency
Bitcoin and the future of cryptocurrencyBitcoin and the future of cryptocurrency
Bitcoin and the future of cryptocurrency
Ben Hall
 
Blockchain (1).pptx
Blockchain (1).pptxBlockchain (1).pptx
Blockchain (1).pptx
MeetPBarasara
 
introduction to bitcoin
introduction to bitcoinintroduction to bitcoin
introduction to bitcoin
Shubham Tiwari
 
Node.js Blockchain Implementation
Node.js Blockchain ImplementationNode.js Blockchain Implementation
Node.js Blockchain Implementation
GlobalLogic Ukraine
 
Blockchain Technology
Blockchain TechnologyBlockchain Technology
Blockchain Technology
Rashi Singh
 
Agile Network India | Block Chain - New usecases | Abhilash Aravind
Agile Network India | Block Chain - New usecases | Abhilash AravindAgile Network India | Block Chain - New usecases | Abhilash Aravind
Agile Network India | Block Chain - New usecases | Abhilash Aravind
AgileNetwork
 
Ethereum Blockchain with Smart contract and ERC20
Ethereum Blockchain with Smart contract and ERC20Ethereum Blockchain with Smart contract and ERC20
Ethereum Blockchain with Smart contract and ERC20
Truong Nguyen
 
Bitcoin I.pptx
Bitcoin I.pptxBitcoin I.pptx
Bitcoin I.pptx
AseemBhube1
 
Introduction to Blockchain
Introduction to BlockchainIntroduction to Blockchain
Introduction to Blockchain
Akshay Kumar
 
Blockchain - Presentacion Betabeers Galicia 10/12/2014
Blockchain - Presentacion Betabeers Galicia 10/12/2014Blockchain - Presentacion Betabeers Galicia 10/12/2014
Blockchain - Presentacion Betabeers Galicia 10/12/2014
WeKCo Coworking
 
Blockchain and bitcoin fundamentals (usages and applications)
Blockchain and bitcoin fundamentals (usages and applications)Blockchain and bitcoin fundamentals (usages and applications)
Blockchain and bitcoin fundamentals (usages and applications)
Amir Rafati
 
Flowchain: A case study on building a Blockchain for the IoT
Flowchain: A case study on building a Blockchain for the IoTFlowchain: A case study on building a Blockchain for the IoT
Flowchain: A case study on building a Blockchain for the IoT
LinuxCon ContainerCon CloudOpen China
 
Tutorial blockchain technical overview-ss
Tutorial blockchain technical overview-ssTutorial blockchain technical overview-ss
Tutorial blockchain technical overview-ss
Howard Anglin
 
A Quick Start To Blockchain by Seval Capraz
A Quick Start To Blockchain by Seval CaprazA Quick Start To Blockchain by Seval Capraz
A Quick Start To Blockchain by Seval Capraz
Seval Çapraz
 
An Introduction to Blockchain Technology
An Introduction to Blockchain TechnologyAn Introduction to Blockchain Technology
An Introduction to Blockchain Technology
Aboul Ella Hassanien
 

Similar to Bitcoin Forensics (20)

Bitcoin 101 - Certified Bitcoin Professional Training Session
Bitcoin 101 - Certified Bitcoin Professional Training SessionBitcoin 101 - Certified Bitcoin Professional Training Session
Bitcoin 101 - Certified Bitcoin Professional Training Session
 
Architecture and operations.pptx
Architecture and operations.pptxArchitecture and operations.pptx
Architecture and operations.pptx
 
Blockchain Fundamental_KIPMI_2022.02.26.pdf
Blockchain Fundamental_KIPMI_2022.02.26.pdfBlockchain Fundamental_KIPMI_2022.02.26.pdf
Blockchain Fundamental_KIPMI_2022.02.26.pdf
 
Blockchain, working [blockchain vs bitcoin] pros and cons
Blockchain, working [blockchain vs bitcoin] pros and consBlockchain, working [blockchain vs bitcoin] pros and cons
Blockchain, working [blockchain vs bitcoin] pros and cons
 
A Breathless Tour of Blockchain
A Breathless Tour of BlockchainA Breathless Tour of Blockchain
A Breathless Tour of Blockchain
 
Bitcoin and the future of cryptocurrency
Bitcoin and the future of cryptocurrencyBitcoin and the future of cryptocurrency
Bitcoin and the future of cryptocurrency
 
Blockchain (1).pptx
Blockchain (1).pptxBlockchain (1).pptx
Blockchain (1).pptx
 
introduction to bitcoin
introduction to bitcoinintroduction to bitcoin
introduction to bitcoin
 
Node.js Blockchain Implementation
Node.js Blockchain ImplementationNode.js Blockchain Implementation
Node.js Blockchain Implementation
 
Blockchain Technology
Blockchain TechnologyBlockchain Technology
Blockchain Technology
 
Agile Network India | Block Chain - New usecases | Abhilash Aravind
Agile Network India | Block Chain - New usecases | Abhilash AravindAgile Network India | Block Chain - New usecases | Abhilash Aravind
Agile Network India | Block Chain - New usecases | Abhilash Aravind
 
Ethereum Blockchain with Smart contract and ERC20
Ethereum Blockchain with Smart contract and ERC20Ethereum Blockchain with Smart contract and ERC20
Ethereum Blockchain with Smart contract and ERC20
 
Bitcoin I.pptx
Bitcoin I.pptxBitcoin I.pptx
Bitcoin I.pptx
 
Introduction to Blockchain
Introduction to BlockchainIntroduction to Blockchain
Introduction to Blockchain
 
Blockchain - Presentacion Betabeers Galicia 10/12/2014
Blockchain - Presentacion Betabeers Galicia 10/12/2014Blockchain - Presentacion Betabeers Galicia 10/12/2014
Blockchain - Presentacion Betabeers Galicia 10/12/2014
 
Blockchain and bitcoin fundamentals (usages and applications)
Blockchain and bitcoin fundamentals (usages and applications)Blockchain and bitcoin fundamentals (usages and applications)
Blockchain and bitcoin fundamentals (usages and applications)
 
Flowchain: A case study on building a Blockchain for the IoT
Flowchain: A case study on building a Blockchain for the IoTFlowchain: A case study on building a Blockchain for the IoT
Flowchain: A case study on building a Blockchain for the IoT
 
Tutorial blockchain technical overview-ss
Tutorial blockchain technical overview-ssTutorial blockchain technical overview-ss
Tutorial blockchain technical overview-ss
 
A Quick Start To Blockchain by Seval Capraz
A Quick Start To Blockchain by Seval CaprazA Quick Start To Blockchain by Seval Capraz
A Quick Start To Blockchain by Seval Capraz
 
An Introduction to Blockchain Technology
An Introduction to Blockchain TechnologyAn Introduction to Blockchain Technology
An Introduction to Blockchain Technology
 

More from Apurv Singh Gautam

Automating Threat Hunting on the Dark Web and other nitty-gritty things
Automating Threat Hunting on the Dark Web and other nitty-gritty thingsAutomating Threat Hunting on the Dark Web and other nitty-gritty things
Automating Threat Hunting on the Dark Web and other nitty-gritty things
Apurv Singh Gautam
 
Threat Hunting on the Dark Web
Threat Hunting on the Dark WebThreat Hunting on the Dark Web
Threat Hunting on the Dark Web
Apurv Singh Gautam
 
All about Cyber Security - From the perspective of a MS student
All about Cyber Security - From the perspective of a MS studentAll about Cyber Security - From the perspective of a MS student
All about Cyber Security - From the perspective of a MS student
Apurv Singh Gautam
 
SIT Summer School (Cyber Security)
SIT Summer School (Cyber Security)SIT Summer School (Cyber Security)
SIT Summer School (Cyber Security)
Apurv Singh Gautam
 
Cyber Security Seminar Day 2
Cyber Security Seminar Day 2Cyber Security Seminar Day 2
Cyber Security Seminar Day 2
Apurv Singh Gautam
 
Cyber Security Seminar Day 1
Cyber Security Seminar Day 1Cyber Security Seminar Day 1
Cyber Security Seminar Day 1
Apurv Singh Gautam
 
Cyber Security Fundamentals
Cyber Security FundamentalsCyber Security Fundamentals
Cyber Security Fundamentals
Apurv Singh Gautam
 
Log Out Cyber Awareness
Log Out Cyber AwarenessLog Out Cyber Awareness
Log Out Cyber Awareness
Apurv Singh Gautam
 
OSINT
OSINTOSINT
Intro to Network Vapt
Intro to Network VaptIntro to Network Vapt
Intro to Network Vapt
Apurv Singh Gautam
 
Security News Bytes (Aug Sept 2017)
Security News Bytes (Aug Sept 2017)Security News Bytes (Aug Sept 2017)
Security News Bytes (Aug Sept 2017)
Apurv Singh Gautam
 
Anonymous traffic network
Anonymous traffic networkAnonymous traffic network
Anonymous traffic network
Apurv Singh Gautam
 
Flexible Displays
Flexible DisplaysFlexible Displays
Flexible Displays
Apurv Singh Gautam
 
India against corruption
India against corruptionIndia against corruption
India against corruption
Apurv Singh Gautam
 
Encrypted database management system
Encrypted database management systemEncrypted database management system
Encrypted database management system
Apurv Singh Gautam
 

More from Apurv Singh Gautam (15)

Automating Threat Hunting on the Dark Web and other nitty-gritty things
Automating Threat Hunting on the Dark Web and other nitty-gritty thingsAutomating Threat Hunting on the Dark Web and other nitty-gritty things
Automating Threat Hunting on the Dark Web and other nitty-gritty things
 
Threat Hunting on the Dark Web
Threat Hunting on the Dark WebThreat Hunting on the Dark Web
Threat Hunting on the Dark Web
 
All about Cyber Security - From the perspective of a MS student
All about Cyber Security - From the perspective of a MS studentAll about Cyber Security - From the perspective of a MS student
All about Cyber Security - From the perspective of a MS student
 
SIT Summer School (Cyber Security)
SIT Summer School (Cyber Security)SIT Summer School (Cyber Security)
SIT Summer School (Cyber Security)
 
Cyber Security Seminar Day 2
Cyber Security Seminar Day 2Cyber Security Seminar Day 2
Cyber Security Seminar Day 2
 
Cyber Security Seminar Day 1
Cyber Security Seminar Day 1Cyber Security Seminar Day 1
Cyber Security Seminar Day 1
 
Cyber Security Fundamentals
Cyber Security FundamentalsCyber Security Fundamentals
Cyber Security Fundamentals
 
Log Out Cyber Awareness
Log Out Cyber AwarenessLog Out Cyber Awareness
Log Out Cyber Awareness
 
OSINT
OSINTOSINT
OSINT
 
Intro to Network Vapt
Intro to Network VaptIntro to Network Vapt
Intro to Network Vapt
 
Security News Bytes (Aug Sept 2017)
Security News Bytes (Aug Sept 2017)Security News Bytes (Aug Sept 2017)
Security News Bytes (Aug Sept 2017)
 
Anonymous traffic network
Anonymous traffic networkAnonymous traffic network
Anonymous traffic network
 
Flexible Displays
Flexible DisplaysFlexible Displays
Flexible Displays
 
India against corruption
India against corruptionIndia against corruption
India against corruption
 
Encrypted database management system
Encrypted database management systemEncrypted database management system
Encrypted database management system
 

Recently uploaded

Lee Barnes - Path to Becoming an Effective Test Automation Engineer.pdf
Lee Barnes - Path to Becoming an Effective Test Automation Engineer.pdfLee Barnes - Path to Becoming an Effective Test Automation Engineer.pdf
Lee Barnes - Path to Becoming an Effective Test Automation Engineer.pdf
leebarnesutopia
 
Discover the Unseen: Tailored Recommendation of Unwatched Content
Discover the Unseen: Tailored Recommendation of Unwatched ContentDiscover the Unseen: Tailored Recommendation of Unwatched Content
Discover the Unseen: Tailored Recommendation of Unwatched Content
ScyllaDB
 
Christine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptxChristine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptx
christinelarrosa
 
ScyllaDB Tablets: Rethinking Replication
ScyllaDB Tablets: Rethinking ReplicationScyllaDB Tablets: Rethinking Replication
ScyllaDB Tablets: Rethinking Replication
ScyllaDB
 
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
"Scaling RAG Applications to serve millions of users",  Kevin Goedecke"Scaling RAG Applications to serve millions of users",  Kevin Goedecke
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
Fwdays
 
Y-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PPY-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PP
c5vrf27qcz
 
Mutation Testing for Task-Oriented Chatbots
Mutation Testing for Task-Oriented ChatbotsMutation Testing for Task-Oriented Chatbots
Mutation Testing for Task-Oriented Chatbots
Pablo Gómez Abajo
 
Day 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio FundamentalsDay 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio Fundamentals
UiPathCommunity
 
"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota
Fwdays
 
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
Miro Wengner
 
AppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSFAppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSF
Ajin Abraham
 
GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...
GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...
GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...
GlobalLogic Ukraine
 
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
DanBrown980551
 
The Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptxThe Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptx
operationspcvita
 
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
Northern Engraving | Modern Metal Trim, Nameplates and Appliance PanelsNorthern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
Northern Engraving
 
Dandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity serverDandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity server
Antonios Katsarakis
 
AWS Certified Solutions Architect Associate (SAA-C03)
AWS Certified Solutions Architect Associate (SAA-C03)AWS Certified Solutions Architect Associate (SAA-C03)
AWS Certified Solutions Architect Associate (SAA-C03)
HarpalGohil4
 
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and BioinformaticiansBiomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Neo4j
 
Introducing BoxLang : A new JVM language for productivity and modularity!
Introducing BoxLang : A new JVM language for productivity and modularity!Introducing BoxLang : A new JVM language for productivity and modularity!
Introducing BoxLang : A new JVM language for productivity and modularity!
Ortus Solutions, Corp
 
"NATO Hackathon Winner: AI-Powered Drug Search", Taras Kloba
"NATO Hackathon Winner: AI-Powered Drug Search",  Taras Kloba"NATO Hackathon Winner: AI-Powered Drug Search",  Taras Kloba
"NATO Hackathon Winner: AI-Powered Drug Search", Taras Kloba
Fwdays
 

Recently uploaded (20)

Lee Barnes - Path to Becoming an Effective Test Automation Engineer.pdf
Lee Barnes - Path to Becoming an Effective Test Automation Engineer.pdfLee Barnes - Path to Becoming an Effective Test Automation Engineer.pdf
Lee Barnes - Path to Becoming an Effective Test Automation Engineer.pdf
 
Discover the Unseen: Tailored Recommendation of Unwatched Content
Discover the Unseen: Tailored Recommendation of Unwatched ContentDiscover the Unseen: Tailored Recommendation of Unwatched Content
Discover the Unseen: Tailored Recommendation of Unwatched Content
 
Christine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptxChristine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptx
 
ScyllaDB Tablets: Rethinking Replication
ScyllaDB Tablets: Rethinking ReplicationScyllaDB Tablets: Rethinking Replication
ScyllaDB Tablets: Rethinking Replication
 
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
"Scaling RAG Applications to serve millions of users",  Kevin Goedecke"Scaling RAG Applications to serve millions of users",  Kevin Goedecke
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
 
Y-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PPY-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PP
 
Mutation Testing for Task-Oriented Chatbots
Mutation Testing for Task-Oriented ChatbotsMutation Testing for Task-Oriented Chatbots
Mutation Testing for Task-Oriented Chatbots
 
Day 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio FundamentalsDay 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio Fundamentals
 
"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota
 
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
 
AppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSFAppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSF
 
GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...
GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...
GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...
 
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
 
The Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptxThe Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptx
 
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
Northern Engraving | Modern Metal Trim, Nameplates and Appliance PanelsNorthern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
 
Dandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity serverDandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity server
 
AWS Certified Solutions Architect Associate (SAA-C03)
AWS Certified Solutions Architect Associate (SAA-C03)AWS Certified Solutions Architect Associate (SAA-C03)
AWS Certified Solutions Architect Associate (SAA-C03)
 
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and BioinformaticiansBiomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
 
Introducing BoxLang : A new JVM language for productivity and modularity!
Introducing BoxLang : A new JVM language for productivity and modularity!Introducing BoxLang : A new JVM language for productivity and modularity!
Introducing BoxLang : A new JVM language for productivity and modularity!
 
"NATO Hackathon Winner: AI-Powered Drug Search", Taras Kloba
"NATO Hackathon Winner: AI-Powered Drug Search",  Taras Kloba"NATO Hackathon Winner: AI-Powered Drug Search",  Taras Kloba
"NATO Hackathon Winner: AI-Powered Drug Search", Taras Kloba
 

Bitcoin Forensics

  • 2. • Bitcoin is a cryptocurrency • An attempt to bring back a DECENTRALISED currency of people • Not controlled by a Central Bank • Works on Blockchain Technology What is Bitcoin ?
  • 4.
  • 6.
  • 7. • A forensics investigator should know the Tech Architecture • All about BLOCKCHAIN • Currently no software tools is available • Everything is in Public and Private Key (Cryptography) How to Perform Forensics ??
  • 8. • Elliptic Curve Digital Signature Algorithm is used • ECDSA is used to generate a public key from the PrivKey • The PubKey can be used to verify transactions signed using the PrivKey • 64-byte PubKeys are hashed down to 20-byte addresses • 20-byte hash formatted using base58 check to produce either a P2PKH or P2SH Bitcoin address Algorithm for Bitcoin
  • 9. • Type of distributed ledger • Stored data in blocks • Blocks contain digitally recorded data that is unchangeable • Linked List is used in which each block contains hash of previous block What is BlockChain ??
  • 10.
  • 11.
  • 12. • Bitcoin network is composed of PEERS connected to other PEERS over unencrypted TCP channels • Each peer attempts to maintain EIGHT outgoing connections to other peers • These eight peers are called ENTRY NODES • Transaction and Block messages are propagated in network by being Relayed through these ENTRY NODES to other peers How Bitcoin Network Works ??
  • 13.
  • 14. • Bitcoins don’t EXIST ANYWHERE, not even on a hard drive • For a Bitcoin Address there are no digital Bitcoins held against that Address • One must reconstruct the balance of bitcoin by looking at the Blockchain • Everyone on the network knows about the TRANSACTION and the history can be traced back to the point where the BITCOINS were produced
  • 15.
  • 16. Search based On Block Number, Address, Block Hash, Transaction Hash or Public Key http://www.blockexplorer.com
  • 18.
  • 24. • Blocks subdirectory – This subdirectory contains blockchain data and contains a “blk.dat” file and a “blocks/index” subdirectory • “blk.dat” stores actual Bitcoin block dumped in raw format • The “blocks/index” subdirectory is a database that contains metadata about all known blocks • chainstate subdirectory – It is a database with a compact representation of all currently up spent transactions and some metadata about where the transactions originated • Database subdirectory – It contains database journaling files Bitcoin Core/Bitcoin-QT Folder Structure
  • 25. • System Info • Info about Logged Users • Registry Info • Remnants of Chats • Web browsing Activities • Recent Communications • Info from Cloud Services Collection of Bitcoin Artifacts
  • 26. • Look thoroughly through the transactions happening on Blockchain • Note down Bitcoin public addresses properly • Seize any Physical object that can connect to the Internet in addition to the Hard Drive • Bitcoins addresses can help in tracing the purchases Few Tips for an Investigator