Downloaded 48 times
More Related Content
Bitcoin Forensics
- 2. The views expressedin this presentation are Mere Apne. Reference to any specific products, process ,or service do not necessarily constitute or imply endorsement, recommendation, or views of Min of Def or any Govt All images used are for illustrative purposes only & Do not promote any specific product
- 8.
- 11. Name used bythe unknown person or persons who designed BITCOIN and created its original reference implementation SATOSHI NAKAMOTO Kahan Gaya Usay Dhoondo
- 13. AS OF 17THFEB 2017 1 BITCOIN IS WORTH 1040$ SO 1 BITCOIN IS 70103
- 14. THE LAST BITCOIN (PROBABLY21 MILLIONTH COIN) WILL BE MINED IN THE YEAR 2140
- 17.
- 19. CRYPTOCURRENCY IS ANATTEMPT TO BRING BACK A DECENTRALISED CURRENCY OF PEOPLE, ONE THAT IS NOT SUBJECT TO INFLATIONARY MOVES BY A CENTRAL BANK
- 22. Distributed Ledger isa Consensus of Replicated, Shared & Synchronized digital data geographically spread across multiple sites & countries
- 23. Type of DistributedLedger, comprised of Unchangeable, Digitally Recorded Data in packages called BLOCKS TAMPER EVIDENT LEDGER
- 25.
- 26. BASICALLY CHUNKS OFINFO THAT CAN BE USED TO MATHEMATICAL GUARANTEE ABOUT MESSAGES
- 27. Peer-to- Peer (P2P) network is createdwhen two or more PCs are connected & share resources without going through a separate server computer
- 31. “शरीर में 206हड्डिय ां है, और सांविध न में 1670 क नून ... हड्िी से लेकर क नून सब तोड़त हूूँ….” SHA तोड़ के दिख ….
- 34.
- 36.
- 38. A user forCONDUCTING TRANSACTIONS utilizing BITCOIN, he or she must first DOWNLOAD and setup a BITCOIN WALLET BITCOIN WALLET can show the total BALANCE of all BITCOINS it CONTROLS and let A USER PAY a specified AMOUNT
- 39. WALLET contains aUSER’S PRIVATE KEY, which ALLOWS FOR THE SPENDING of the BITCOINS, which are located in the BLOCK CHAIN Once wallet is INSTALLED & CONFIGURED, an ADDRESS is GENERATED which is SIMILAR to an E-MAIL or PHYSICAL ADDRESS
- 40. WALLET is basically theBitcoin Equivalent of a Bank account. Allows to RECEIVE BITCOINS, STORE them, and then SEND them to others
- 41. Connected to theInternet or is online is said to be HOT Cold Wallets & Hot Wallets Cold is considered most Secure & suitable for Storing Large Amounts of bitcoins Hot is suitable for Frequently Accessed funds COLD implies it is Offline or Disconnected from the Internet
- 42. Designedto be downloaded &used on Laptops/PCs DESKTOPWALLETS Armory, Multibit, Msigna and Hiveto mention a FEW Easyto Access. Available for Different OS – Windows, Mac OS and Ubuntu.
- 43.
- 44.
- 45. PHYSICALWALLETS Once they aregenerated, you print them out on a piece of paper Paper Wallets can Securely hold your BITCOINS in Cold Storage form for a long time Bitaddress.org or Blockchain.info
- 46. BitcoinQt is theFirst ever built bitcoin CLIENT WALLET BITCOINCLIENTS WALLETS Original bitcoin wallet used by the Pioneers of the currency COMPUTERS installed with these wallets FORM PART OF THE CORE NETWORK & have access to all transactions on the blockchain
- 47.
- 50.
- 51. They DON’T EXIST ANYWHERE,even on a hard drive
- 52. When we saySOMEONE HAS BITCOINS & you look at a PARTICULAR BITCOIN ADDRESS, there are NO DIGITAL BITCOINS held AGAINST that ADDRESS BALANCE of any BITCOIN address ISN’T HELD at that ADDRESS; one MUST RECONSTRUCT it by looking at the BLOCKCHAIN
- 53. Everyone on theNETWORK knows about a TRANSACTION and THE HISTORY OF A TRANSACTION can be TRACED BACK to the point where the BITCOINS were produced
- 54. Conduct a SEARCH based onBLOCK NUMBER, ADDRESS, BLOCK HASH, TRANSACTION HASH or PUBLIC KEY
- 57.
- 58. BITCOIN-QT FOLDER STRUCTURE Blocks– This subdirectory contains blockchain data and contains a “blk.dat” file and a “blocks/index” subdirectory. “blk.dat” stores actual Bitcoin blocks dumped in raw format. The “blocks/index subdirectory” is a database that contains metadata about all known blocks
- 59. Chainstate subdirectory- itis a database with a compact representation of all currently unspent transactions and some metadata about where the transactions originated BITCOIN-QT FOLDER STRUCTURE
- 60. Database subdirectory - Containsdatabase journaling files (Data Directory, BITCOIN-QT FOLDER STRUCTURE
- 61. LOCK FILE DEBUG.LOG PEERS.DAT WALLET.DAT BITCOIN-QT FOLDERSTRUCTURE DB LOCK FILE EXTENSIVE LOGGING FILE PEER INFORMATION STORAGE FOR KEYS,TXN,METADATA etc
- 62. Private key ofthe suspect, they can search for that particular key on the Blockchain to Trace the purchases to other potential Suspects. investigator has the Bitcoin
- 64. BITCOIN FORENSIC ARTIFACTEXAMINATION Windows 7 Professional Multibit Bitcoin-Qt Bitminter Basic USB ASIC Bitcoin Gateway laptop ML6720 120 GB WD hard drive (4) USB ASIC Mining drives USB powered cooling fan 32 GB USB thumb drive
- 67. Utilizing the datafrom 344 transactions, Meiklejohn able to identify the owners of more than a million Bitcoin addresses Sarah Meiklejohn, a Bitcoin focused Computer Researcher Extensive Research in Bitcoin Blockchain Found that by looking blockchain an investigator can uncover who owns a Bitcoin addresses
- 72. Bitcoin transactions occurvia a Network Connection, an investigator should seize any Physical Object that can connect to the Internet in addition to the hard drive COLLECTION OF BITCOIN ARTIFACTS
- 74. • System Info •Info about Logged users • Registry Info • Remnants of Chats • Web browsing Activities • Recent Communications • Info from Cloud Services • Decryption Keys for encrypted volumes mounted COLLECTION OF BITCOIN ARTIFACTS
- 75.
- 78.