SlideShare a Scribd company logo

2013-10-18 Computer Forensics and Hash Values

Download as PPTX, PDF
Frederick Lane
Frederick Lane

A presentation delivered to the New Hampshire Association of Criminal Defense Lawyers on October 18, 2013.

Technology
1 of 14
Computer Forensics: Images and Integrity Frederick S. Lane NHACDL Fall 2013 CLE Concord, NH 18 October 2013 www.FrederickLane.com www.ComputerForensicsDigest.com
Background and Expertise • Attorney and Author of 7 Books • Computer Forensics Expert -- 15 years • Over 100 criminal cases • Lecturer on ComputerRelated Topics – 20+ years • Computer user (midframes, desktops, laptops) – 35+ years
Lecture Overview • Not Your Mother’s Hash • The Role of Hash Values in Computer Forensics • The Growing Use of Hash Flags • P2P Investigations Using Hash Values
Not Your Mother’s Hash • Cryptograhic Hash Values • Relatively Easy to Generate • Extremely Difficult to Determine Original Data from Hash Value • Extremely Difficult to Change Data without Changing Hash • Extremely Unlikely that Different Data Will Produce the Same Hash Value
Types of Hash Alogirithms • Secure Hash Algorithm • Developed by NIST in 1995 • 40 characters long • Message Digest • Developed by Prof. Rivest in 1990 • 32 characters long • Photo DNA • Developed by Microsoft • Hash value based on histograms of multiple section of image
Complex Explanation • The word DOG can be represented in different ways: • Binary: 010001000110111101100111 • Hexadecimal: 646f67 • A hash algorithm converts the hexadecimal value to a fixed-length hexadecimal string. • SHA-1: e49512524f47b4138d850c9d9d85972927281 da0 • MD5: 06d80eb0c50b49a509b49f2424e8c805
Complex Explanation • Changing a single letter changes each value. • For instance, the word COG produces the following values: • Binary: 010000110110111101100111 • Hexadecimal: 436f67 • SHA-1: d3da816674b638d05caa672f60f381ff504e578c • MD5: 01e33197684afd628ccf82a5ae4fd6ad
Simple Explanation Oatmeal-Raisin Cookies Oatmeal-Chocolate Chip Cookies
Evidence Integrity • Acquisition Hashes • Creation of Mirror Images • Verification of Accuracy of Mirror Images • Use of “Known File Filter” • Hashkeeper • National Software Reference Library • NCMEC CVIP Database
Growing Use of Hash Flags • Child Protection and Sexual Predator Act of 1998 • 2008: ISPs Agree to Block Access to Known Sources of CP and to Scan for NCMEC Hash Values • SAFE Act: Requires ISPs and OSPs to Turn Over Subscriber Info If Known CP Is Identified
P2P Hash Values • Basic Operation of Peer-toPeer Networks • • • • Decentralized Distribution Gnutella and eDonkey Client Software Hash Values Associated with Each File
Automated P2P Searches • Peer Spectre or Nordic Mule Scans for IP Addresses of Devices Offering to Share Known CP Files • IP Addresses Are Stored by TLO in Child Protection System • Officers Conduct “Undercover” Investigations by Reviewing Spreadsheets of Hits in CPS
Growing Defense Concerns • No Independent Examination of Proprietary Software • Very Little Information Regarding TLO or CPS • Peer Spectre May Generate False Hits Due to Normal Operation of P2P Clients • Search Warrant Affidavits Fail to Mention Role of TLO or CPS
Computer Forensics: Images and Integrity Frederick S. Lane NHACDL Fall 2013 CLE Concord, NH 18 October 2013 www.FrederickLane.com www.ComputerForensicsDigest.com

Recommended

2013-12-18 Digital Forensics and Child Pornography
2013-12-18 Digital Forensics and Child Pornography2013-12-18 Digital Forensics and Child Pornography
2013-12-18 Digital Forensics and Child PornographyFrederick Lane
 
2013-12-06 Digital Forensics and Child Pornography
2013-12-06 Digital Forensics and Child Pornography2013-12-06 Digital Forensics and Child Pornography
2013-12-06 Digital Forensics and Child PornographyFrederick Lane
 
Scuba diving into The Deep Dark Web
Scuba diving into The Deep Dark WebScuba diving into The Deep Dark Web
Scuba diving into The Deep Dark Webn|u - The Open Security Community
 
Dark web
Dark webDark web
Dark webSaqib Ullah
 
Why We Need a Dark(er) Web
Why We Need a Dark(er) WebWhy We Need a Dark(er) Web
Why We Need a Dark(er) WebJeroen Baert
 
osint - open source Intelligence
osint - open source Intelligenceosint - open source Intelligence
osint - open source IntelligenceOsama Ellahi
 
American Privacy: The 400-Year History of Our Most Contested Right
American Privacy: The 400-Year History of Our Most Contested RightAmerican Privacy: The 400-Year History of Our Most Contested Right
American Privacy: The 400-Year History of Our Most Contested RightFrederick Lane
 
2017-03-09 Cybertraps for Educators
2017-03-09 Cybertraps for Educators2017-03-09 Cybertraps for Educators
2017-03-09 Cybertraps for EducatorsFrederick Lane
 

Recommended

2013-12-18 Digital Forensics and Child Pornography
2013-12-18 Digital Forensics and Child Pornography2013-12-18 Digital Forensics and Child Pornography
2013-12-18 Digital Forensics and Child PornographyFrederick Lane
 
2013-12-06 Digital Forensics and Child Pornography
2013-12-06 Digital Forensics and Child Pornography2013-12-06 Digital Forensics and Child Pornography
2013-12-06 Digital Forensics and Child PornographyFrederick Lane
 
Scuba diving into The Deep Dark Web
Scuba diving into The Deep Dark WebScuba diving into The Deep Dark Web
Scuba diving into The Deep Dark Webn|u - The Open Security Community
 
Dark web
Dark webDark web
Dark webSaqib Ullah
 
Why We Need a Dark(er) Web
Why We Need a Dark(er) WebWhy We Need a Dark(er) Web
Why We Need a Dark(er) WebJeroen Baert
 
osint - open source Intelligence
osint - open source Intelligenceosint - open source Intelligence
osint - open source IntelligenceOsama Ellahi
 
American Privacy: The 400-Year History of Our Most Contested Right
American Privacy: The 400-Year History of Our Most Contested RightAmerican Privacy: The 400-Year History of Our Most Contested Right
American Privacy: The 400-Year History of Our Most Contested RightFrederick Lane
 
2017-03-09 Cybertraps for Educators
2017-03-09 Cybertraps for Educators2017-03-09 Cybertraps for Educators
2017-03-09 Cybertraps for EducatorsFrederick Lane
 
CompTIASecPLUS-Part6 - UnlimitedEdited.pptx
CompTIASecPLUS-Part6 - UnlimitedEdited.pptxCompTIASecPLUS-Part6 - UnlimitedEdited.pptx
CompTIASecPLUS-Part6 - UnlimitedEdited.pptxmohedkhadar60
 
Strategies for integrating semantic and blockchain technologies
Strategies for integrating semantic and blockchain technologiesStrategies for integrating semantic and blockchain technologies
Strategies for integrating semantic and blockchain technologiesHéctor Ugarte
 
Ch 12: Cryptography
Ch 12: CryptographyCh 12: Cryptography
Ch 12: CryptographySam Bowne
 
Hunting on the cheap
Hunting on the cheapHunting on the cheap
Hunting on the cheapAnjum Ahuja
 
Hunting on the Cheap
Hunting on the CheapHunting on the Cheap
Hunting on the CheapEndgameInc
 
Sullivan randomness-infiltrate 2014
Sullivan randomness-infiltrate 2014Sullivan randomness-infiltrate 2014
Sullivan randomness-infiltrate 2014Cloudflare
 
Cryptography
CryptographyCryptography
CryptographyJohnsonDaniel JohnsonDaniel
 
CNIT 123 12: Cryptography
CNIT 123 12: CryptographyCNIT 123 12: Cryptography
CNIT 123 12: CryptographySam Bowne
 
Applying Machine Learning to Network Security Monitoring - BayThreat 2013
Applying Machine Learning to Network Security Monitoring - BayThreat 2013Applying Machine Learning to Network Security Monitoring - BayThreat 2013
Applying Machine Learning to Network Security Monitoring - BayThreat 2013Alex Pinto
 
International collaborative efforts to share threat data in a vetted member c...
International collaborative efforts to share threat data in a vetted member c...International collaborative efforts to share threat data in a vetted member c...
International collaborative efforts to share threat data in a vetted member c...CODE BLUE
 
tHE GENERATION AND USE OF TLS FINGERPRINGTS
tHE GENERATION AND USE OF TLS FINGERPRINGTStHE GENERATION AND USE OF TLS FINGERPRINGTS
tHE GENERATION AND USE OF TLS FINGERPRINGTSortdx
 
Cryptography
CryptographyCryptography
CryptographyPPT4U
 
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...zachdwg
 
Checksum 101
Checksum 101Checksum 101
Checksum 101Ross Spencer
 
Cryptography
CryptographyCryptography
CryptographyPragun Shah
 
Cryptography
CryptographyCryptography
CryptographyTêjäçhoudhary Maddineni
 
On Physical Web models
On Physical Web modelsOn Physical Web models
On Physical Web modelsColdbeans Software
 
DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...
DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...
DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...Splend
 
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...EC-Council
 
Advanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsAdvanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsSloan Carne
 
2020-03-03 Privacy and the Ethical Educator
2020-03-03 Privacy and the Ethical Educator2020-03-03 Privacy and the Ethical Educator
2020-03-03 Privacy and the Ethical EducatorFrederick Lane
 
2020-02-25 Cybertraps and Cyberethics for Educators
2020-02-25 Cybertraps and Cyberethics for Educators2020-02-25 Cybertraps and Cyberethics for Educators
2020-02-25 Cybertraps and Cyberethics for EducatorsFrederick Lane
 

More Related Content

Similar to 2013-10-18 Computer Forensics and Hash Values

CompTIASecPLUS-Part6 - UnlimitedEdited.pptx
CompTIASecPLUS-Part6 - UnlimitedEdited.pptxCompTIASecPLUS-Part6 - UnlimitedEdited.pptx
CompTIASecPLUS-Part6 - UnlimitedEdited.pptxmohedkhadar60
 
Strategies for integrating semantic and blockchain technologies
Strategies for integrating semantic and blockchain technologiesStrategies for integrating semantic and blockchain technologies
Strategies for integrating semantic and blockchain technologiesHéctor Ugarte
 
Ch 12: Cryptography
Ch 12: CryptographyCh 12: Cryptography
Ch 12: CryptographySam Bowne
 
Hunting on the cheap
Hunting on the cheapHunting on the cheap
Hunting on the cheapAnjum Ahuja
 
Hunting on the Cheap
Hunting on the CheapHunting on the Cheap
Hunting on the CheapEndgameInc
 
Sullivan randomness-infiltrate 2014
Sullivan randomness-infiltrate 2014Sullivan randomness-infiltrate 2014
Sullivan randomness-infiltrate 2014Cloudflare
 
CNIT 123 12: Cryptography
CNIT 123 12: CryptographyCNIT 123 12: Cryptography
CNIT 123 12: CryptographySam Bowne
 
Applying Machine Learning to Network Security Monitoring - BayThreat 2013
Applying Machine Learning to Network Security Monitoring - BayThreat 2013Applying Machine Learning to Network Security Monitoring - BayThreat 2013
Applying Machine Learning to Network Security Monitoring - BayThreat 2013Alex Pinto
 
International collaborative efforts to share threat data in a vetted member c...
International collaborative efforts to share threat data in a vetted member c...International collaborative efforts to share threat data in a vetted member c...
International collaborative efforts to share threat data in a vetted member c...CODE BLUE
 
tHE GENERATION AND USE OF TLS FINGERPRINGTS
tHE GENERATION AND USE OF TLS FINGERPRINGTStHE GENERATION AND USE OF TLS FINGERPRINGTS
tHE GENERATION AND USE OF TLS FINGERPRINGTSortdx
 
Cryptography
CryptographyCryptography
CryptographyPPT4U
 
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...zachdwg
 
DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...
DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...
DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...Splend
 
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...EC-Council
 
Advanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsAdvanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsSloan Carne
 

Similar to 2013-10-18 Computer Forensics and Hash Values (20)

CompTIASecPLUS-Part6 - UnlimitedEdited.pptx
CompTIASecPLUS-Part6 - UnlimitedEdited.pptxCompTIASecPLUS-Part6 - UnlimitedEdited.pptx
CompTIASecPLUS-Part6 - UnlimitedEdited.pptx
 
Strategies for integrating semantic and blockchain technologies
Strategies for integrating semantic and blockchain technologiesStrategies for integrating semantic and blockchain technologies
Strategies for integrating semantic and blockchain technologies
 
Ch 12: Cryptography
Ch 12: CryptographyCh 12: Cryptography
Ch 12: Cryptography
 
Hunting on the cheap
Hunting on the cheapHunting on the cheap
Hunting on the cheap
 
Hunting on the Cheap
Hunting on the CheapHunting on the Cheap
Hunting on the Cheap
 
Sullivan randomness-infiltrate 2014
Sullivan randomness-infiltrate 2014Sullivan randomness-infiltrate 2014
Sullivan randomness-infiltrate 2014
 
Cryptography
CryptographyCryptography
Cryptography
 
CNIT 123 12: Cryptography
CNIT 123 12: CryptographyCNIT 123 12: Cryptography
CNIT 123 12: Cryptography
 
Applying Machine Learning to Network Security Monitoring - BayThreat 2013
Applying Machine Learning to Network Security Monitoring - BayThreat 2013Applying Machine Learning to Network Security Monitoring - BayThreat 2013
Applying Machine Learning to Network Security Monitoring - BayThreat 2013
 
International collaborative efforts to share threat data in a vetted member c...
International collaborative efforts to share threat data in a vetted member c...International collaborative efforts to share threat data in a vetted member c...
International collaborative efforts to share threat data in a vetted member c...
 
tHE GENERATION AND USE OF TLS FINGERPRINGTS
tHE GENERATION AND USE OF TLS FINGERPRINGTStHE GENERATION AND USE OF TLS FINGERPRINGTS
tHE GENERATION AND USE OF TLS FINGERPRINGTS
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
 
Checksum 101
Checksum 101Checksum 101
Checksum 101
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
On Physical Web models
On Physical Web modelsOn Physical Web models
On Physical Web models
 
DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...
DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...
DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...
 
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
 
Advanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsAdvanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU Investigators
 

More from Frederick Lane

2020-03-03 Privacy and the Ethical Educator
2020-03-03 Privacy and the Ethical Educator2020-03-03 Privacy and the Ethical Educator
2020-03-03 Privacy and the Ethical EducatorFrederick Lane
 
2020-02-25 Cybertraps and Cyberethics for Educators
2020-02-25 Cybertraps and Cyberethics for Educators2020-02-25 Cybertraps and Cyberethics for Educators
2020-02-25 Cybertraps and Cyberethics for EducatorsFrederick Lane
 
2020-02-24 Cultivating a Culture of Cybersecurity
2020-02-24 Cultivating a Culture of Cybersecurity2020-02-24 Cultivating a Culture of Cybersecurity
2020-02-24 Cultivating a Culture of CybersecurityFrederick Lane
 
2020-02-23 Cybersecurity Audits for Tech Directors
2020-02-23 Cybersecurity Audits for Tech Directors2020-02-23 Cybersecurity Audits for Tech Directors
2020-02-23 Cybersecurity Audits for Tech DirectorsFrederick Lane
 
2020-02-22 The Rise of the Digital Mob
2020-02-22 The Rise of the Digital Mob2020-02-22 The Rise of the Digital Mob
2020-02-22 The Rise of the Digital MobFrederick Lane
 
2020-02-14 Using Video Games as a Motivational Tool
2020-02-14 Using Video Games as a Motivational Tool2020-02-14 Using Video Games as a Motivational Tool
2020-02-14 Using Video Games as a Motivational ToolFrederick Lane
 
2020-02-14 The Perils of Social Media
2020-02-14 The Perils of Social Media2020-02-14 The Perils of Social Media
2020-02-14 The Perils of Social MediaFrederick Lane
 
2020-02-14 Cybertraps for Educators
2020-02-14 Cybertraps for Educators2020-02-14 Cybertraps for Educators
2020-02-14 Cybertraps for EducatorsFrederick Lane
 
2020-02-14 Understanding the 4Ps: Personal, Private, Public, and Professional
2020-02-14 Understanding the 4Ps: Personal, Private, Public, and Professional2020-02-14 Understanding the 4Ps: Personal, Private, Public, and Professional
2020-02-14 Understanding the 4Ps: Personal, Private, Public, and ProfessionalFrederick Lane
 
2020-02-13 Teaching Cyberethics to Prospective Teachers
2020-02-13 Teaching Cyberethics to Prospective Teachers2020-02-13 Teaching Cyberethics to Prospective Teachers
2020-02-13 Teaching Cyberethics to Prospective TeachersFrederick Lane
 
2020-02-13 Cyberethics and the MCEE
2020-02-13 Cyberethics and the MCEE2020-02-13 Cyberethics and the MCEE
2020-02-13 Cyberethics and the MCEEFrederick Lane
 
2020-02-13 Teaching Cyberethics to Prospective Teachers
2020-02-13 Teaching Cyberethics to Prospective Teachers2020-02-13 Teaching Cyberethics to Prospective Teachers
2020-02-13 Teaching Cyberethics to Prospective TeachersFrederick Lane
 
2020-02-13 Can You Legislate Cyberethics?
2020-02-13 Can You Legislate Cyberethics?2020-02-13 Can You Legislate Cyberethics?
2020-02-13 Can You Legislate Cyberethics?Frederick Lane
 
2020-02-12 Cybertraps for HR Professionals
2020-02-12 Cybertraps for HR Professionals2020-02-12 Cybertraps for HR Professionals
2020-02-12 Cybertraps for HR ProfessionalsFrederick Lane
 
2020-02-11 Cyberethics and the MCEE
2020-02-11 Cyberethics and the MCEE2020-02-11 Cyberethics and the MCEE
2020-02-11 Cyberethics and the MCEEFrederick Lane
 
2020-02-10 Teaching Cyberethics to Prospective Teachers
2020-02-10 Teaching Cyberethics to Prospective Teachers2020-02-10 Teaching Cyberethics to Prospective Teachers
2020-02-10 Teaching Cyberethics to Prospective TeachersFrederick Lane
 
2020-02-10 Cyberethics and the MCEE
2020-02-10 Cyberethics and the MCEE2020-02-10 Cyberethics and the MCEE
2020-02-10 Cyberethics and the MCEEFrederick Lane
 
2020-01-29 Politics and the Ethical Educator: How to Survive the 2020 Electio...
2020-01-29 Politics and the Ethical Educator: How to Survive the 2020 Electio...2020-01-29 Politics and the Ethical Educator: How to Survive the 2020 Electio...
2020-01-29 Politics and the Ethical Educator: How to Survive the 2020 Electio...Frederick Lane
 
2019-06-24 Humans and Social Media: Cyberrisks, Cybertraps & Cybersecurity
2019-06-24 Humans and Social Media: Cyberrisks, Cybertraps & Cybersecurity2019-06-24 Humans and Social Media: Cyberrisks, Cybertraps & Cybersecurity
2019-06-24 Humans and Social Media: Cyberrisks, Cybertraps & CybersecurityFrederick Lane
 
2019-06-25 Cybertraps for Educators: Don't Get Caught
2019-06-25 Cybertraps for Educators: Don't Get Caught2019-06-25 Cybertraps for Educators: Don't Get Caught
2019-06-25 Cybertraps for Educators: Don't Get CaughtFrederick Lane
 

More from Frederick Lane (20)

2020-03-03 Privacy and the Ethical Educator
2020-03-03 Privacy and the Ethical Educator2020-03-03 Privacy and the Ethical Educator
2020-03-03 Privacy and the Ethical Educator
 
2020-02-25 Cybertraps and Cyberethics for Educators
2020-02-25 Cybertraps and Cyberethics for Educators2020-02-25 Cybertraps and Cyberethics for Educators
2020-02-25 Cybertraps and Cyberethics for Educators
 
2020-02-24 Cultivating a Culture of Cybersecurity
2020-02-24 Cultivating a Culture of Cybersecurity2020-02-24 Cultivating a Culture of Cybersecurity
2020-02-24 Cultivating a Culture of Cybersecurity
 
2020-02-23 Cybersecurity Audits for Tech Directors
2020-02-23 Cybersecurity Audits for Tech Directors2020-02-23 Cybersecurity Audits for Tech Directors
2020-02-23 Cybersecurity Audits for Tech Directors
 
2020-02-22 The Rise of the Digital Mob
2020-02-22 The Rise of the Digital Mob2020-02-22 The Rise of the Digital Mob
2020-02-22 The Rise of the Digital Mob
 
2020-02-14 Using Video Games as a Motivational Tool
2020-02-14 Using Video Games as a Motivational Tool2020-02-14 Using Video Games as a Motivational Tool
2020-02-14 Using Video Games as a Motivational Tool
 
2020-02-14 The Perils of Social Media
2020-02-14 The Perils of Social Media2020-02-14 The Perils of Social Media
2020-02-14 The Perils of Social Media
 
2020-02-14 Cybertraps for Educators
2020-02-14 Cybertraps for Educators2020-02-14 Cybertraps for Educators
2020-02-14 Cybertraps for Educators
 
2020-02-14 Understanding the 4Ps: Personal, Private, Public, and Professional
2020-02-14 Understanding the 4Ps: Personal, Private, Public, and Professional2020-02-14 Understanding the 4Ps: Personal, Private, Public, and Professional
2020-02-14 Understanding the 4Ps: Personal, Private, Public, and Professional
 
2020-02-13 Teaching Cyberethics to Prospective Teachers
2020-02-13 Teaching Cyberethics to Prospective Teachers2020-02-13 Teaching Cyberethics to Prospective Teachers
2020-02-13 Teaching Cyberethics to Prospective Teachers
 
2020-02-13 Cyberethics and the MCEE
2020-02-13 Cyberethics and the MCEE2020-02-13 Cyberethics and the MCEE
2020-02-13 Cyberethics and the MCEE
 
2020-02-13 Teaching Cyberethics to Prospective Teachers
2020-02-13 Teaching Cyberethics to Prospective Teachers2020-02-13 Teaching Cyberethics to Prospective Teachers
2020-02-13 Teaching Cyberethics to Prospective Teachers
 
2020-02-13 Can You Legislate Cyberethics?
2020-02-13 Can You Legislate Cyberethics?2020-02-13 Can You Legislate Cyberethics?
2020-02-13 Can You Legislate Cyberethics?
 
2020-02-12 Cybertraps for HR Professionals
2020-02-12 Cybertraps for HR Professionals2020-02-12 Cybertraps for HR Professionals
2020-02-12 Cybertraps for HR Professionals
 
2020-02-11 Cyberethics and the MCEE
2020-02-11 Cyberethics and the MCEE2020-02-11 Cyberethics and the MCEE
2020-02-11 Cyberethics and the MCEE
 
2020-02-10 Teaching Cyberethics to Prospective Teachers
2020-02-10 Teaching Cyberethics to Prospective Teachers2020-02-10 Teaching Cyberethics to Prospective Teachers
2020-02-10 Teaching Cyberethics to Prospective Teachers
 
2020-02-10 Cyberethics and the MCEE
2020-02-10 Cyberethics and the MCEE2020-02-10 Cyberethics and the MCEE
2020-02-10 Cyberethics and the MCEE
 
2020-01-29 Politics and the Ethical Educator: How to Survive the 2020 Electio...
2020-01-29 Politics and the Ethical Educator: How to Survive the 2020 Electio...2020-01-29 Politics and the Ethical Educator: How to Survive the 2020 Electio...
2020-01-29 Politics and the Ethical Educator: How to Survive the 2020 Electio...
 
2019-06-24 Humans and Social Media: Cyberrisks, Cybertraps & Cybersecurity
2019-06-24 Humans and Social Media: Cyberrisks, Cybertraps & Cybersecurity2019-06-24 Humans and Social Media: Cyberrisks, Cybertraps & Cybersecurity
2019-06-24 Humans and Social Media: Cyberrisks, Cybertraps & Cybersecurity
 
2019-06-25 Cybertraps for Educators: Don't Get Caught
2019-06-25 Cybertraps for Educators: Don't Get Caught2019-06-25 Cybertraps for Educators: Don't Get Caught
2019-06-25 Cybertraps for Educators: Don't Get Caught
 

Recently uploaded

Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformWSO2
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingWSO2
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...caitlingebhard1
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseWSO2
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceIES VE
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaWSO2
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceWSO2
 

Recently uploaded (20)

Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern Enterprise
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational Performance
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governance
 

2013-10-18 Computer Forensics and Hash Values

  • 1. Computer Forensics: Images and Integrity Frederick S. Lane NHACDL Fall 2013 CLE Concord, NH 18 October 2013 www.FrederickLane.com www.ComputerForensicsDigest.com
  • 2. Background and Expertise • Attorney and Author of 7 Books • Computer Forensics Expert -- 15 years • Over 100 criminal cases • Lecturer on ComputerRelated Topics – 20+ years • Computer user (midframes, desktops, laptops) – 35+ years
  • 3. Lecture Overview • Not Your Mother’s Hash • The Role of Hash Values in Computer Forensics • The Growing Use of Hash Flags • P2P Investigations Using Hash Values
  • 4. Not Your Mother’s Hash • Cryptograhic Hash Values • Relatively Easy to Generate • Extremely Difficult to Determine Original Data from Hash Value • Extremely Difficult to Change Data without Changing Hash • Extremely Unlikely that Different Data Will Produce the Same Hash Value
  • 5. Types of Hash Alogirithms • Secure Hash Algorithm • Developed by NIST in 1995 • 40 characters long • Message Digest • Developed by Prof. Rivest in 1990 • 32 characters long • Photo DNA • Developed by Microsoft • Hash value based on histograms of multiple section of image
  • 6. Complex Explanation • The word DOG can be represented in different ways: • Binary: 010001000110111101100111 • Hexadecimal: 646f67 • A hash algorithm converts the hexadecimal value to a fixed-length hexadecimal string. • SHA-1: e49512524f47b4138d850c9d9d85972927281 da0 • MD5: 06d80eb0c50b49a509b49f2424e8c805
  • 7. Complex Explanation • Changing a single letter changes each value. • For instance, the word COG produces the following values: • Binary: 010000110110111101100111 • Hexadecimal: 436f67 • SHA-1: d3da816674b638d05caa672f60f381ff504e578c • MD5: 01e33197684afd628ccf82a5ae4fd6ad
  • 9. Evidence Integrity • Acquisition Hashes • Creation of Mirror Images • Verification of Accuracy of Mirror Images • Use of “Known File Filter” • Hashkeeper • National Software Reference Library • NCMEC CVIP Database
  • 10. Growing Use of Hash Flags • Child Protection and Sexual Predator Act of 1998 • 2008: ISPs Agree to Block Access to Known Sources of CP and to Scan for NCMEC Hash Values • SAFE Act: Requires ISPs and OSPs to Turn Over Subscriber Info If Known CP Is Identified
  • 11. P2P Hash Values • Basic Operation of Peer-toPeer Networks • • • • Decentralized Distribution Gnutella and eDonkey Client Software Hash Values Associated with Each File
  • 12. Automated P2P Searches • Peer Spectre or Nordic Mule Scans for IP Addresses of Devices Offering to Share Known CP Files • IP Addresses Are Stored by TLO in Child Protection System • Officers Conduct “Undercover” Investigations by Reviewing Spreadsheets of Hits in CPS
  • 13. Growing Defense Concerns • No Independent Examination of Proprietary Software • Very Little Information Regarding TLO or CPS • Peer Spectre May Generate False Hits Due to Normal Operation of P2P Clients • Search Warrant Affidavits Fail to Mention Role of TLO or CPS
  • 14. Computer Forensics: Images and Integrity Frederick S. Lane NHACDL Fall 2013 CLE Concord, NH 18 October 2013 www.FrederickLane.com www.ComputerForensicsDigest.com