Uploaded byDetectalix
PPTX, PDF46 views

Brief introduction to digital forensics

Digital forensics involves the preservation, collection, and analysis of digital evidence using scientifically proven methods to reconstruct events. Key aspects include various branches like computer and mobile forensics, phases such as assessment, acquisition, analysis, and reporting, and concepts like the order of volatility and chain of custody. Tools for digital forensics can be commercial or open-source, with a preference for the latter due to cost and accessibility.

Embed presentation

Download to read offline
BRIEF INTRODUCTION TO DIGITAL FORENSICS
DEFINITION Digital forensics can be defined as: “The use of scientifically derived and proven methods toward the preservation, collection,validation, identification, analysis, interpretation, documentation and presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events [...]”, Digital Forensic Research Workshop (DFRWS), 2001
BRANCHES OF DIGITAL FORENSICS • Computer forensics • Disk and filesystem forensics • Memory forensics • Mobile forensics • Network forensics • Cloud forensics • IoT forensics and more…
PHASES OF DIGITAL FORENSICS • Assessment • Acquisition • Analysis • Reporting
ACQUISITION • Acquisition involves acquiring a copy or image of the device(s) or data. • Always mount the device in read-only mode! • Always verify the integrity of the image!
ANALYSIS • Analysis includes extraction and recovery of data from the image and their subsequent examination and interpretation. • Always work on the image and not on the original device or data!
REPORTING • Reporting is about documenting and writing the report of all the forensic job done in the previous phases. • The final report documents the findings as well as the procedures and tools used. • Could be very effective for the outcome of the investigation!
ORDER OF VOLATILITY • The order of volatility (OOV) defines the degree of volatility of data. • For example, data in RAM is more volatile than on hard disk. • More volatile data should be acquired first.
LOCARD'S PRINCIPLE • Locard's exchange principle states that every interaction with the crime scene leaves something and make something to be taken away • This also applies to the digital world and digital forensic examinators too, that should be careful not to corrupt evidence and minimize the effects of her actions.
CHAIN OF CUSTODY • Chain of custody refers to the complete route of the evidence from its identification and collection to its storage and preservation. • The chain of custody must be properly documented and cannot be broken for the evidence to be admissable in a court.
COMMERCIAL VS. OPEN SOURCE FORENSIC TOOLS • Examples of known commercial forensic suites are Guidance Encase, Access Data FTK and ProDiscover. • But quite expensive, closed source and not available on Linux. • Open source tools are free and widely accepted by the digital forensic community. • Various Linux forensic distros available: SIFT, CSI, Tsurugi, Caine, Paladin…

More Related Content

ODP
Brief introduction to digital forensics
byMarco Alamanni
 
PDF
digital forensics-9 of cyber security.pdf
byAdyakantaSahoo
 
PPTX
digitalforensicpptlatest28-230522192202-1d9b832e (1).pptx
byMoshoodKareemOlawale
 
PPTX
Digital forensics
byyash sawarkar
 
PDF
Cyber Forensics training by Forensic Academy
byForensic Academy
 
PPT
Lecture2 Introduction to Digital Forensics.ppt
bySurajgroupsvideo
 
PPT
Lecture-2 Introduction to Digital Forensics.ppt
byamansinght675
 
DOCX
Cyber&digital forensics report
byyash sawarkar
 
Brief introduction to digital forensics
byMarco Alamanni
 
digital forensics-9 of cyber security.pdf
byAdyakantaSahoo
 
digitalforensicpptlatest28-230522192202-1d9b832e (1).pptx
byMoshoodKareemOlawale
 
Digital forensics
byyash sawarkar
 
Cyber Forensics training by Forensic Academy
byForensic Academy
 
Lecture2 Introduction to Digital Forensics.ppt
bySurajgroupsvideo
 
Lecture-2 Introduction to Digital Forensics.ppt
byamansinght675
 
Cyber&digital forensics report
byyash sawarkar
 

Similar to Brief introduction to digital forensics

PPTX
DIGITAL FORENSICS_PRESENTATION
byAmina Baha
 
PDF
180 184
byEditor IJARCET
 
PPTX
Unit 4 -Digital Forensic Chapter for MSBTE engineering students
bygboy4529248
 
PPT
CS426_forensics.ppt
byPrabithGupta1
 
PPT
CS426_forensics.ppt
byOkviNugroho1
 
PPT
CS426_forensics_tools to analyse and deve
byvikashagarwal874473
 
PPT
Network Forensics Basic lecture for Everyone
byBurhanKhan774154
 
PPTX
Digital forensics ahmed emam
byahmad abdelhafeez
 
PDF
Final Outline of Forensic Presentation.pdf
byImranKhan423233
 
PDF
Digital forensic science and its scope manesh t
byManesh T
 
PPTX
Digital forensics
byvishnuv43
 
PPTX
ppt for Module 5 cybersecuirty_023501.pptx
byMayuraD1
 
PPTX
Draft current state of digital forensic and data science
byDamir Delija
 
PDF
Sued or Suing: Introduction to Digital Forensics
byAnyck Turgeon, CFE/GRCP/CEFI/CCIP/C|CISO/CBA
 
PPTX
Forensic Science – Digital Forensics – Digital Evidence – The Digital Forensi...
byManiMaran230751
 
PPTX
Digital Forensic ppt
bySuchita Rawat
 
PPTX
Cyber forensics 02 mit-2014
byMuzzammil Wani
 
PPT
L11 - Intro to Computer Forensics.ppt
byRebeccaMunasheChimhe
 
PDF
FORENSIC COMPUTING MODELS: TECHNICAL OVERVIEW
bycscpconf
 
PPTX
Digital forensic tools
byParsons Corporation
 
DIGITAL FORENSICS_PRESENTATION
byAmina Baha
 
180 184
byEditor IJARCET
 
Unit 4 -Digital Forensic Chapter for MSBTE engineering students
bygboy4529248
 
CS426_forensics.ppt
byPrabithGupta1
 
CS426_forensics.ppt
byOkviNugroho1
 
CS426_forensics_tools to analyse and deve
byvikashagarwal874473
 
Network Forensics Basic lecture for Everyone
byBurhanKhan774154
 
Digital forensics ahmed emam
byahmad abdelhafeez
 
Final Outline of Forensic Presentation.pdf
byImranKhan423233
 
Digital forensic science and its scope manesh t
byManesh T
 
Digital forensics
byvishnuv43
 
ppt for Module 5 cybersecuirty_023501.pptx
byMayuraD1
 
Draft current state of digital forensic and data science
byDamir Delija
 
Sued or Suing: Introduction to Digital Forensics
byAnyck Turgeon, CFE/GRCP/CEFI/CCIP/C|CISO/CBA
 
Forensic Science – Digital Forensics – Digital Evidence – The Digital Forensi...
byManiMaran230751
 
Digital Forensic ppt
bySuchita Rawat
 
Cyber forensics 02 mit-2014
byMuzzammil Wani
 
L11 - Intro to Computer Forensics.ppt
byRebeccaMunasheChimhe
 
FORENSIC COMPUTING MODELS: TECHNICAL OVERVIEW
bycscpconf
 
Digital forensic tools
byParsons Corporation
 

More from Detectalix

PPTX
Windows Recycle Bin Analysis with free tools
byDetectalix
 
PPTX
Windows Registry analysis with RegRipper
byDetectalix
 
PPTX
Introduction to the Sleuth Kit and filesystem forensics
byDetectalix
 
PPTX
iOS free, open source forensic tools
byDetectalix
 
PPTX
Android forensic acquisition
byDetectalix
 
PPTX
Drive Imaging with dc3dd
byDetectalix
 
PPTX
Intro to digital forensic imaging
byDetectalix
 
Windows Recycle Bin Analysis with free tools
byDetectalix
 
Windows Registry analysis with RegRipper
byDetectalix
 
Introduction to the Sleuth Kit and filesystem forensics
byDetectalix
 
iOS free, open source forensic tools
byDetectalix
 
Android forensic acquisition
byDetectalix
 
Drive Imaging with dc3dd
byDetectalix
 
Intro to digital forensic imaging
byDetectalix
 

Recently uploaded

PDF
Complete iOS Delivery App Features & Admin Tools
byShiv Technolabs Pvt. Ltd.
 
PDF
Ultimate Guide to CMMS An In-Depth Analysis - Zapium
byhello208828
 
PPTX
40m_wAIred_DigitalPlatformRabobank_10022026.pptx
bySimonedeGijt
 
PDF
Routing Guidelines: Unlocking Smarter Query Routing in MySQL Architectures
byMiguel Araújo
 
PPTX
GraphQL Day Paris 2025 | Bringing DevOps to GraphQL with the Apollo GraphOS O...
byapidays
 
PPTX
Salesforce Spring '26 Release presentation - Melbourne Salesforce User Group
byAnne N
 
PPTX
SAP S4 HANA Conversion and Migration .pptx
bysabeenakouser
 
PDF
SAP ERP to SAP S_4HANA Cloud Private Edition Delta Scope
bychuck78
 
PPTX
Best Digital Marketing Company in Lucknow
bydigitallearning9277
 
PDF
Doctor On Call App Development for Digital Healthcare.
byV3CUBE TECHNOLABS
 
PDF
Clean Architecture with Vertical Slice Architecture in .NET 8
byVineet Sharma
 
PDF
Introduction to Modern Artificial Intelligence.pdf
byAI n Dot Net
 
PDF
Metrics, Logs, Traces, and Mayhem_ Introducing an observability adventure gam...
byImma Valls Bernaus
 
PPTX
Pitch Deck for MEVIA OS - No Apps, Infinite, Decentralized Operating System
byDr. Edwin Hernandez
 
PDF
Taxi App UIUX Design for Seamless Ride Booking
byV3CUBE TECHNOLABS
 
PDF
eresource Xcel ERP for Maunfacturing - Best Manufacturing ERP for SME
byeresource Infotech Pvt.Ltd
 
PDF
Research-Driven Development: Navigating the Generative Era in Software
byCadabra Studio
 
PPTX
‘Analyzing Application Logs Using AI’ Webinar
byTier1 app
 
PDF
MySQL Routing Guidelines: Designing Smarter Query Routing Together
byMiguel Araújo
 
PPTX
Prime Teams – Real-Time Employee Monitoring & Project Management Software
byPrime Teams
 
Complete iOS Delivery App Features & Admin Tools
byShiv Technolabs Pvt. Ltd.
 
Ultimate Guide to CMMS An In-Depth Analysis - Zapium
byhello208828
 
40m_wAIred_DigitalPlatformRabobank_10022026.pptx
bySimonedeGijt
 
Routing Guidelines: Unlocking Smarter Query Routing in MySQL Architectures
byMiguel Araújo
 
GraphQL Day Paris 2025 | Bringing DevOps to GraphQL with the Apollo GraphOS O...
byapidays
 
Salesforce Spring '26 Release presentation - Melbourne Salesforce User Group
byAnne N
 
SAP S4 HANA Conversion and Migration .pptx
bysabeenakouser
 
SAP ERP to SAP S_4HANA Cloud Private Edition Delta Scope
bychuck78
 
Best Digital Marketing Company in Lucknow
bydigitallearning9277
 
Doctor On Call App Development for Digital Healthcare.
byV3CUBE TECHNOLABS
 
Clean Architecture with Vertical Slice Architecture in .NET 8
byVineet Sharma
 
Introduction to Modern Artificial Intelligence.pdf
byAI n Dot Net
 
Metrics, Logs, Traces, and Mayhem_ Introducing an observability adventure gam...
byImma Valls Bernaus
 
Pitch Deck for MEVIA OS - No Apps, Infinite, Decentralized Operating System
byDr. Edwin Hernandez
 
Taxi App UIUX Design for Seamless Ride Booking
byV3CUBE TECHNOLABS
 
eresource Xcel ERP for Maunfacturing - Best Manufacturing ERP for SME
byeresource Infotech Pvt.Ltd
 
Research-Driven Development: Navigating the Generative Era in Software
byCadabra Studio
 
‘Analyzing Application Logs Using AI’ Webinar
byTier1 app
 
MySQL Routing Guidelines: Designing Smarter Query Routing Together
byMiguel Araújo
 
Prime Teams – Real-Time Employee Monitoring & Project Management Software
byPrime Teams
 

Brief introduction to digital forensics

  • 1.
  • 2.
    DEFINITION Digital forensics canbe defined as: “The use of scientifically derived and proven methods toward the preservation, collection,validation, identification, analysis, interpretation, documentation and presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events [...]”, Digital Forensic Research Workshop (DFRWS), 2001
  • 3.
    BRANCHES OF DIGITALFORENSICS • Computer forensics • Disk and filesystem forensics • Memory forensics • Mobile forensics • Network forensics • Cloud forensics • IoT forensics and more…
  • 4.
    PHASES OF DIGITALFORENSICS • Assessment • Acquisition • Analysis • Reporting
  • 5.
    ACQUISITION • Acquisition involvesacquiring a copy or image of the device(s) or data. • Always mount the device in read-only mode! • Always verify the integrity of the image!
  • 6.
    ANALYSIS • Analysis includesextraction and recovery of data from the image and their subsequent examination and interpretation. • Always work on the image and not on the original device or data!
  • 7.
    REPORTING • Reporting isabout documenting and writing the report of all the forensic job done in the previous phases. • The final report documents the findings as well as the procedures and tools used. • Could be very effective for the outcome of the investigation!
  • 8.
    ORDER OF VOLATILITY •The order of volatility (OOV) defines the degree of volatility of data. • For example, data in RAM is more volatile than on hard disk. • More volatile data should be acquired first.
  • 9.
    LOCARD'S PRINCIPLE • Locard'sexchange principle states that every interaction with the crime scene leaves something and make something to be taken away • This also applies to the digital world and digital forensic examinators too, that should be careful not to corrupt evidence and minimize the effects of her actions.
  • 10.
    CHAIN OF CUSTODY •Chain of custody refers to the complete route of the evidence from its identification and collection to its storage and preservation. • The chain of custody must be properly documented and cannot be broken for the evidence to be admissable in a court.
  • 11.
    COMMERCIAL VS. OPENSOURCE FORENSIC TOOLS • Examples of known commercial forensic suites are Guidance Encase, Access Data FTK and ProDiscover. • But quite expensive, closed source and not available on Linux. • Open source tools are free and widely accepted by the digital forensic community. • Various Linux forensic distros available: SIFT, CSI, Tsurugi, Caine, Paladin…