The document provides an overview of computer forensics, detailing its definition, history, objectives, and the various entities involved in its application, including law enforcement and investigative agencies. It covers the process of evidence identification, preservation, extraction, and interpretation, along with the necessary skills and equipment required. Additionally, the document highlights the challenges and disadvantages of computer forensics as well as the increasing importance of this field in modern society.

1. Computer Science
Presentation
PRESENTED TO: PROF. MUHAMMAD HAMID

2. In the name of Allah, Most Gracious & Most Merciful.

4.  Definition
 History of Computer Forensics
 Main Objectives
 Who uses Forensic Science
 Computer Crimes
 Tips for Computer Crimes
 Steps of Computer Forensics
 Forensic Science Laboratory
 Forensic Equipment’s
 Skills Required for Computer Forensics
 Disadvantages of Computer Forensics
 Conclusion

5. Definition
Forensic Science is the application of science
to criminal and civil laws and involves the
preservation, identification, extraction and
documentation for evidentiary and root cause
analysis.

6. History of Computer Forensics
• It is difficult to pinpoint when computer forensics history began.
• Most experts agree that the field of computer forensics began to evolve more
than 30 years ago.
• The field began in the United States, in large part, when law enforcement and
military investigators started seeing criminals get technical.

7. Main Objectives
Find Digital Evidences
Analyzing Evidences
Catching Criminals

8. Digital Evidence
• Definition
Digital evidence is defined as information and data of value to an
investigation that is stored on, received or transmitted by an electronic device.
•Properties
i. Admissible
ii. Authentic
iii. Complete
iv. Reliable
v. Believable

9. Where to Find It?
Computer
Devices
Visited Websites Encrypted
Memory Devices
Social Media

10. Analyzing Evidences
• Latent fingerprints and impressions which develops
latent fingerprints; analyzes and compares fingerprints,
footwear and tire impressions; and runs fingerprints
through the Automated Fingerprint Identification System.
• The trace evidence department runs GSR analysis,
and identifies and compares samples of soil, glass,
fibers and paint.

11. •The chemistry section conducts analysis and comparison of illicit drugs, explosives and
unknown chemicals.
•The computer crimes team recovers evidence from computers and performs computer
enhancement on audio or video evidence.
•The medical section include Serology and DNA,
which conducts body fluid analysis, including DNA
analysis for blood stains, semen and hair for
identification and comparison.

12. Catching Criminals
Following Forensic methods are used in catching criminals:
DNA Testing Fingerprinting Using GPS
CCTV
Operating
System
Face Sketch ID
System

14. Who Uses Forensic Science

15. Who
Uses
Forensic
Sciences
Digital
Forensic
Research
Information
Warfare
Critical
Infrastructure
Research
Business &
Industry
Military
Operations
Law
Enforcement
Courts

16. FBI
The Federal Bureau of Investigation is the domestic
intelligence and security service of the United States
and its principal federal law enforcement agency.
 FBI's focus is on stopping terrorism, corruption,
organized crime, cyber crime and civil rights
violations, as well as investigating serious crimes such
as major thefts or murders.

17. CID
Crime Investigation Department will assist and
support the district police either by taking up the
entire investigation of a case, or by sending one or
more of the specialist investigating officers or
civilian experts to the district Police, including visits
to scenes of crime, providing technical support and
criminal intelligence.

18. NAB
National Accountability Bureau is a federal
executive agency of the Government of Pakistan,
with the mandate to deal with corruption
prevention, raise public awareness, and enforce
of anti-corruption measures.
 The NAB has its headquarters in the federal
capital and has five regional offices in four
provinces.

19. Computer Crimes
Any Crime where computer is a tool, target, or both.

21. Tips for Computer Crimes
Use Antivirus software's
Uninstall unnecessary software
Maintain Backup
Check security settings
Never give your full name & address to strangers
Learn more about internet privacy

22. Steps of Computer
Forensics

23. Steps of Computer Forensics
Identification
Documentation
Preservation Extraction
Interpretation Presentation

24. Identification
Identify Evidence
Identify type of information available
Determine how best to retrieve it

25. Preservation
Preserve evidence with least amount of change
possible
Must be able to account for any change
Chain of custody

26. Extraction
Extraction refers to the recovery of data from
whatever media the data is stored on.

27. Documentation
It is important to precisely record location and
status of computers, storage media, other electronic
devices, and traditional evidence.

28. Interpretation
Interpretation is required to ensure the evidential
weight of recovered digital evidence is clear.

29. Presentation
 Evidence will be accepted in court on:
 Manner of presentation
 Qualification of the presenter
 Credibility of the process used to
preserve and analyze evidence

30. Forensic Science
Laboratory
A forensic science laboratory is a scientific
laboratory specializing in forensic science.

31. Forensic Laboratories in Pakistan
 NFSA (National Forensic Science Agency)
 The agency provides forensic services, training and guidance to Law Enforcement
Agencies (LEAs), Government departments and Forensic bodies.
 PFSA (Punjab Forensic Science Agency)
 Receives physical evidence from Law Enforcement Agencies on criminal and civil
cases and analyzing the forensic evidence.

32. Forensic
Laboratory
Equipment’s

33. Atomic Spectroscopy
Arc Spark Spectrometer (Spark Emission Spectrometer)
Atomic Absorption Auto-Samplers
Atomic Fluorescence Spectrometer (AFS)

34. Evidence Storage
Evidence Drying Cabinet
Laboratory and Industrial Freezers

35. Fingerprint Analysis
 Fingerprint Development Chamber
Fuming Chamber / Cyanoacrylate Fuming Chamber

36. DNAAnalysis
 Automated DNA Sequencer
 PCR Technology

37. Skills
Required For
Computer
Forensic
Application
PROGRAMMING OR
COMPUTER-RELATED
EXPERIENCE.
BROAD UNDERSTANDING
OF OPERATING SYSTEM &
APPLICATIONS.
STRONG ANALYTICAL
SKILLS.

38. Skills
(continued…)
STRONG
COMPUTER
SCIENCE
FUNDAMENTALS
.
STRONG
SYSTEM
ADMINISTRAT
IVE SKILLS.
KNOWLEDGE
OF THE LATEST
INTRUDER
TOOLS.

39. Skills
(continued…)
KNOWLEDGE OF THE
CRYPTOGRAPHY.
KNOWLEDGE OF THE
STEGANOGRAPHY.
STRONG UNDERSTANDING OF THE
RULES OF EVIDENCE & EVIDENCE
HANDLING.
ABILITY TO BE AN EXPERT
WITNESS IN A COURT OF LAW.

40. Disadvantages of
Computer Forensics
 Costs
Preserving electronic records & preserving
them is extremely costly.
 Presents the potential for exposing privileged
documents.
 Legal practitioners must have extensive
computer knowledge.

41. Conclusion
With computers becoming more and more involved in our everyday life, both
professionally and socially, there is a need for computer forensic. This field will
enable crucial electronic evidence to be found whether it was lost, deleted,
damaged or hidden, and used to prosecute individuals that believe they have
successfully beaten the system.
This Photo by Unknown Author is licensed under CC BY