SlideShare a Scribd company logo

Computer Forensics.pptx

Download as PPTX, PDF
H
Happyness Mkumbo

The presentation provides an overview of digital/computer forensics. It defines key concepts like digital evidence and the forensic process. The objectives are to introduce forensic concepts, understand investigation goals and tools, and how forensics is used for cybercrime. The presentation outlines include topics like rationale for forensics, the investigator's role, comparing cybercrime and evidence, challenges, and open-source tools available in Kali Linux.

Business
1 of 36
Class Presentation Course: ICSE 7101- Cyber Security Topic: Forensics Student: Happiness Lenard
COMPUTER/DIGITAL FORENSICS 2
Objectives 1. To introduce learners with the understanding of Computer Forensics Concepts 2. Understand key goal of Computer/Cyber Forensic 3. Acquire an understanding of Cardinal rules of Computer forensics 4. Understand the digital evidence. 5. Understand Digital forensics processes 6. Study how cyber forensics is used in cybercrime investigations 7. Understand and use Investigation tools in Cyber forensic
Learning Outcomes At the end of the course the learner should be able to: 1. Computer Forensics Concepts 2. Understand key goals of Computer Forensics 3. Understand of Cardinal rules of Computer forensics 4. Comprehend the digital evidence mean with the base term Forensics science 5. Understand how cyber forensics is used in cybercrime investigations. 6. Appreciate and apply different Investigation tools in Cyber forensics.
Outlines 1. Introduction 2. Rationale of Computer Forensics 3. The key role of the investigator 4. Cyber crime vs Digital Evidence 5. Chain of Custody 6. Computer Forensics Processes 7. Computer Forensics tools 8. Challenges
Introduction(1/2) • Forensics science is very old compared to Computer forensics, since it was discovered over 100 years passed on the fingerprint record. • This is the science, that involves scientific tests and techniques used in connection with the detection of crime. • Refer to scientific techniques used to explore wrong doings collect, preserve, and analyze scientific evidence during the course of an investigation
Introduction(2/2) • Different Categories of Forensic Science are:- • Forensic Accounting / Auditing • Computer /Digital/Cyber Forensics • Forensic Archaeology • Forensic Dentistry • Forensic Entomology • Forensic Graphology • Forensic Pathology • Forensic Psychology • Forensic Toxicology etc
Computer Forensics(1/2) • Computer forensics is a field of technology that uses investigative techniques to identify and store evidence from a computer device, that is admissible in the court of law. • Digital Forensic Research Workshop has defined digital forensics as “The use of scientifically derived and proven methods toward the preservation, validation, identification, analysis, interpretation, documentation and presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events found to be criminal, or helping to anticipate unauthorized actions shown to be disruptive to planned operations.”
Computer Forensics(2/2) • Computer Forensics, Digital Forensics and Cyber Forensics are terms that are used interchangeably.
Rationale for Computer Forensics • With the digital revolution, the increase in digital crimes is inevitable. • People who use electronic devices leave behind different footprints, traces and markings. These virtual or digital traces could be file fragments, activity logs, timestamps, metadata and so on • Computer Forensics is needed in:- oIdentifying the cause and possible intent of a cyber attack
Rationale for Computer Forensics oSafeguarding digital evidence used in the attack before it becomes obsolete oIncreasing security hygiene, retracing hacker steps, and finding hacker tools oSearching for data access/exfiltration oIdentifying the duration of unauthorized access on the network oGeolocating the logins and mapping them
Cybercrime(1/4) • Cybercrime is criminal activity done using computers and the Internet. It encompasses any criminal act dealing with computers and networks. • It also includes traditional crimes conducted through the Internet. For example; hate crimes, telemarketing, Internet fraud, identity theft, credit card account thefts are considered to be cyber crimes when the illegal activities are committed through the use of a computer and the Internet.
Cybercrime(2/4) • It includes anything from downloading illegal music files to stealing millions of dollars from online bank accounts etc. • Cybercrime also includes non-monetary offenses, such as creating and distributing viruses on other computers or posting confidential business information on the Internet.
Cybercrime(3/4) • The first noted computer crime happened in 1969 and 1970 when scholars burned computers at different universities. At the same period people were discovering techniques for gaining unauthorized access to large –time shared computers. • Therefore at this time it was the time where intrusion and fraud committed with the aid of computer were first to be extensively known as a new type of crime.
Cybercrime(4/4) Examples of Cyber Crime cases Investigated in Tanzania • Cyber Crimes Incidents in Financial Institutions of Tanzania available at https://www.researchgate.net/publication/275154064_Cyber_Crim es_Incidents_in_Financial_Institutions_of_Tanzania • Cybercrime and Criminal Investigation: challenges .Within The Tanzania Police Force Forensic Laboratory: available at http://scholar.mzumbe.ac.tz/bitstream/handle/11192.1/2405/MPA_JO HN%20MAYUNGA_2013.pdf?sequence=1
Digital Evidence(1/4) • Digital evidence is defined as “any information of probative (proof) value that is either stored or transmitted in a digital form”. • It includes files stored on computer hard drive, digital video, digital audio, network packets transmitted over local area network, etc • Depending on what facts the digital evidence is supposed to prove, it can fall into different classes of evidence.
Digital Evidence(2/4) • Digital images or software presented in court to prove the fact of possession are real evidence. • E-mail messages presented as proof of their content are documentary evidence. • Log files, file time stamps, all sorts of system information used to reconstruct sequence of events are circumstantial evidence. • Digital documents notarized using digital signature may fall into testimony category.
Digital Evidence(3/4) There are list of frameworks involved in essentially recognizing a piece of digital evidence:- • Physical context: it is required to be recognizable in its physical form, that is it should reside on a specific piece of media. • Logical context: It must be discoverable as to its logical position, that is where does it reside relative to the file system • Legal context The evidence is require to be in the correct context to read its meaning. This requires to look at the machine language.eg American Standard code for Information Interchange.(ASCII)
Digital Evidence(4/4) Understanding the digital path of the evidence Source: Bajaj, K.( 2014) “ Cyber Security: Understanding Cyber Crimes, Computer Forensics and Legal Perspectives ”
The Chain of Custody (1) • Chain of custody refer the sequential(in order)documentation path that shows the appropriation, trusteeship, control, transfer, investigation and nature of evidence ,physical or electronic. • Generally the idea of the chain of custody is to ensure that the evidence is not altered/damaged. • The chain of custody wants that from the time the evidence is gathered, every transfer of the evidence from one person to another person need to be recorded as it helps to provide the truth that no anyone has accessed the evidence
The Chain of Custody (2) • It is encouraged to keep the number of evidences transfer as small as possible. • In larger views evidence comprises everything that is used to demonstrate or shows the truth of a claim. • The main reason of documenting the chain of custody is to establish that the supposed evidence is, truly, connected to the supposed crime. • The aim is to establish the Integrity of the evidence.
Computer Forensics Process(1) Source: Bajaj, K., 2014” . Cyber Security: Understanding Cyber Crimes, Computer Forensics And Legal Perspectives ” Computer Forensic Life Cycle
In summary, the digital forensics process involves the following steps:- 1. Identification It is the first step in the forensic process. The identification process mainly includes things like what evidence is present, where it is stored, and lastly, how it is stored (in which format). Electronic storage media can be personal computers, Mobile phones, PDAs, etc. 2. Preservation In this phase, data is isolated, secured, and preserved. It includes preventing people from using the digital device so that digital evidence is not tampered with. Computer Forensics Process(2)
Computer Forensics Process(3) 3. Analysis In this step, investigation agents reconstruct fragments of data and draw conclusions based on evidence found. However, it might take numerous iterations of examination to support a specific crime theory. 4. Documentation In this process, a record of all the visible data must be created. It helps in recreating the crime scene and reviewing it. It Involves proper documentation of the crime scene along with photographing, sketching, and crime-scene mapping. .
Computer Forensics Process(4) 5. Presentation In this last step, the process of summarization and explanation of conclusions is done. However, it should be written in a layperson’s terms using abstracted terminologies. All abstracted terminologies should reference the specific details
Computer Forensic Tools • There are Commercial and Open Source Tools. • The National Institute of Standards and Technology (NIST) has developed a Computer Forensics Tool Testing (CFTT) program that tests digital forensic tools and makes all findings available to the public. • More information on testing tools can be found via https://www.dhs.gov/science-and-technology/nist-cftt-reports.
Open Source Tools The Kali Linux • Kali Linux is a Certified EC-Council Instructor (CEI) for the Certified Ethical Hacker (CEH) software for the above mentioned professional courses. • This operating system is usually the star of the class due to its many impressive. Pushed security programs, ranging from scanning and reconnaissance tools to advanced exploitation tools and reporting tools. • Kali Linux can be used as a live-response forensic tool as it contains many of the tools required for full investigations.
Open Source Tools(1) Source: (Parasram,2020) Digital Forensics with kali Linux Kali Linux live view mode for forensics in bootable DVD or Flash drive
Open Source Tools(2) Screenshot showing computer forensic tools available in Kali Linux
Commercial forensics tools(1) 1. Belkasoft Evidence Center (EC) 2020 • Belkasoft EC is an automated incident response and forensic tool that is capable of analyzing acquired images of memory dumps, virtual machines, and cloud and mobile backups, as well as physical and logical drives. • The tool is also capable of recovering, and analyzing information from: Office documents, Browser activity and information, Email and Social media activity, Mobile applications, Messenger applications (WhatsApp, Facebook Messenger, and even BlackBerry Messenger) Website: https://belkasoft.com/ or https://belkasoft.com/get
Commercial forensics tools(2) 2. AccessData Forensic Toolkit (FTK) • This tool is used worldwide by professionally by forensic investigators and law enforcement agencies worldwide to accomplish the following: • Indexing of data, to allow faster and easier searching and analysis, Password cracking and file decryption, Automated analysis, Ability to perform customized data carving, Advanced data recovery • Website: https://accessdata.com/product- download/forensic-toolkit-ftk-internationalversion-7-0-0
Commercial forensics tools(3) 3. EnCase Forensic • This tool is used internationally by professionals and law enforcement agencies for almost two decades. • EnCase gives solution on incident response, e-discovery, and endpoint and mobile forensics.Below are the output provided: Website: https://www.guidancesoftware.com/encase- forensic
Challenges in computer Forensics(1) • Anonymity of digital information Digital information generated, stored, and transmitted between computing devices does not bear any physical imprints connecting it to the individual who caused its generation. Unless the information is a recording from external sensors capable of perceiving individualizing characteristics (e.g. speech recording, video, or photographs) or was generated using some secret known to a single person (e.g. digital signature) there is nothing intrinsic linking digits to a person.
Computer forensics challenges (2) Danger of damaged information • Like many other types of evidential material, digital information stored on magnetic and optical media can be damaged by a variety of causes. Dampness, strong magnetic fields, ultraviolet radiation, and incompetent use of storage devices and examination tools are some of the possibilities. • A single bit change may cause dramatic change in its interpretation.. • To minimise the impact of this problem, typical storage devices use checksumming and similar means allowing them to reasonably reliably detect accidental information damage.
Other Challenges • The increase of PC’s and extensive use of internet access • Easy availability of hacking tools • Lack of physical evidence makes prosecution difficult. • The large amount of storage space into Terabytes that makes this investigation job difficult. • Any technological changes require an upgrade or changes to solutions.
Bibliography • Bajaj, K. (2014). Cyber Security: Understanding Cyber Crimes, Computer Forensics And Legal Perspectives (2 ed.). Hoboken: John Wiley &Sons Asia Pte L.t.d. • Britz, M. T. (2016). Computer Forensics and Cyber Crime and Introduction (2 ed.). Repro: Repro Knowledge Cast L.t.d. • Mark Merkow, J. B. (2016). Information Security Principles and Practices (2 ed.). Repro: Ripro knowledge cast L.t.d. • Pande, J. (2017). Introduction to Cybersecurity (1 ed.). Haldwani: Uttarakhand Open University. • Parasram, S. V. (2020). Digital Forensics with Kali Linux . Birmingham-Mumbai: Packt Publishing . • https://online.norwich.edu/academic-programs/resources/5-steps-for- conducting-computer-forensics-investigations(Improve it)

Recommended

Introduction to Information Security
Introduction to Information Security Introduction to Information Security
Introduction to Information Security Shreedevi Tharanidharan
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
ControlScan, Inc.
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security Presentation
PraphullaShrestha1
 
Network forensic
Network forensicNetwork forensic
Network forensic
Manjushree Mashal
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic toolsSonu Sunaliya
 
Cyber Security in Society
Cyber Security in SocietyCyber Security in Society
Cyber Security in Society
Rubal Sagwal
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention system
Nikhil Raj
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to security
Mostafa Elgamala
 

Recommended

Introduction to Information Security
Introduction to Information Security Introduction to Information Security
Introduction to Information Security Shreedevi Tharanidharan
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
ControlScan, Inc.
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security Presentation
PraphullaShrestha1
 
Network forensic
Network forensicNetwork forensic
Network forensic
Manjushree Mashal
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic toolsSonu Sunaliya
 
Cyber Security in Society
Cyber Security in SocietyCyber Security in Society
Cyber Security in Society
Rubal Sagwal
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention system
Nikhil Raj
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to security
Mostafa Elgamala
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
shindept123
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
shaympariyar
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITY
Ahmed Moussa
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
Kathirvel Ayyaswamy
 
Malware- Types, Detection and Future
Malware- Types, Detection and FutureMalware- Types, Detection and Future
Malware- Types, Detection and Future
karanwayne
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics Overview
Yansi Keim
 
Cyber Law And Ethics
Cyber Law And EthicsCyber Law And Ethics
Cyber Law And Ethics
Madhushree Shettigar
 
Cyber Space
Cyber SpaceCyber Space
Cyber Space
Kashif Latif
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
Somya Johri
 
Introduction to cybercrime
Introduction to cybercrime Introduction to cybercrime
Introduction to cybercrime
Anjana Ks
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
Sweta Kumari Barnwal
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentation
Parab Mishra
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & prevention
PriSim
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip Spoofing
Roushan Jha
 
Dos attack
Dos attackDos attack
Dos attack
Manjushree Mashal
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
Chitra Mudunuru
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
Sanjay Kumar
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internet
Rohan Bharadwaj
 
The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering
OWASP Foundation
 
Review on Cyber Forensics - Copy.pptx
Review on Cyber Forensics - Copy.pptxReview on Cyber Forensics - Copy.pptx
Review on Cyber Forensics - Copy.pptx
VaishnaviBorse8
 
Review on Computer Forensic
Review on Computer ForensicReview on Computer Forensic
Review on Computer Forensic
Editor IJCTER
 

More Related Content

What's hot

Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
shindept123
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
shaympariyar
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITY
Ahmed Moussa
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
Kathirvel Ayyaswamy
 
Malware- Types, Detection and Future
Malware- Types, Detection and FutureMalware- Types, Detection and Future
Malware- Types, Detection and Future
karanwayne
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics Overview
Yansi Keim
 
Cyber Law And Ethics
Cyber Law And EthicsCyber Law And Ethics
Cyber Law And Ethics
Madhushree Shettigar
 
Cyber Space
Cyber SpaceCyber Space
Cyber Space
Kashif Latif
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
Somya Johri
 
Introduction to cybercrime
Introduction to cybercrime Introduction to cybercrime
Introduction to cybercrime
Anjana Ks
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
Sweta Kumari Barnwal
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentation
Parab Mishra
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & prevention
PriSim
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip Spoofing
Roushan Jha
 
Dos attack
Dos attackDos attack
Dos attack
Manjushree Mashal
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
Chitra Mudunuru
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
Sanjay Kumar
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internet
Rohan Bharadwaj
 
The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering
OWASP Foundation
 

What's hot (20)

Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITY
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 
Malware- Types, Detection and Future
Malware- Types, Detection and FutureMalware- Types, Detection and Future
Malware- Types, Detection and Future
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics Overview
 
Cyber Law And Ethics
Cyber Law And EthicsCyber Law And Ethics
Cyber Law And Ethics
 
Cyber Space
Cyber SpaceCyber Space
Cyber Space
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
 
Introduction to cybercrime
Introduction to cybercrime Introduction to cybercrime
Introduction to cybercrime
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentation
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & prevention
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip Spoofing
 
Dos attack
Dos attackDos attack
Dos attack
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internet
 
The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering
 

Similar to Computer Forensics.pptx

Review on Cyber Forensics - Copy.pptx
Review on Cyber Forensics - Copy.pptxReview on Cyber Forensics - Copy.pptx
Review on Cyber Forensics - Copy.pptx
VaishnaviBorse8
 
Review on Computer Forensic
Review on Computer ForensicReview on Computer Forensic
Review on Computer Forensic
Editor IJCTER
 
What is Digital Forensics.docx
What is Digital Forensics.docxWhat is Digital Forensics.docx
What is Digital Forensics.docx
AliAshraf68199
 
Post-Genesis Digital Forensics Investigation
Post-Genesis Digital Forensics InvestigationPost-Genesis Digital Forensics Investigation
Post-Genesis Digital Forensics Investigation
Universitas Pembangunan Panca Budi
 
Cyber evidence at crime scene
Cyber evidence at crime sceneCyber evidence at crime scene
Cyber evidence at crime scene
Applied Forensic Research Sciences
 
Digital forensics Steps
Digital forensics StepsDigital forensics Steps
Digital forensics Steps
gamemaker762
 
3170725_Unit-1.pptx
3170725_Unit-1.pptx3170725_Unit-1.pptx
3170725_Unit-1.pptx
YashPatel132112
 
Fundamental digital forensik
Fundamental digital forensikFundamental digital forensik
Fundamental digital forensik
newbie2019
 
The Scope of Cyber Forensic.pptx
The Scope of Cyber Forensic.pptxThe Scope of Cyber Forensic.pptx
The Scope of Cyber Forensic.pptx
Applied Forensic Research Sciences
 
Scope of Cyber forensics
Scope of Cyber forensicsScope of Cyber forensics
Scope of Cyber forensics
Applied Forensic Research Sciences
 
Lecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.pptLecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.ppt
Surajgroupsvideo
 
Network and computer forensics
Network and computer forensicsNetwork and computer forensics
Network and computer forensics
Johnson Ubah
 
3170725_Unit-1.pptx
3170725_Unit-1.pptx3170725_Unit-1.pptx
3170725_Unit-1.pptx
BhagyasriPatel2
 
Computer Forensic: A Reactive Strategy for Fighting Computer Crime
Computer Forensic: A Reactive Strategy for Fighting Computer CrimeComputer Forensic: A Reactive Strategy for Fighting Computer Crime
Computer Forensic: A Reactive Strategy for Fighting Computer Crime
CSCJournals
 
Anti-Forensic Techniques and Its Impact on Digital Forensic
Anti-Forensic Techniques and Its Impact on Digital ForensicAnti-Forensic Techniques and Its Impact on Digital Forensic
Anti-Forensic Techniques and Its Impact on Digital Forensic
IRJET Journal
 
Cyber Forensics|Digital Forensics|Cyber Crime-2023
Cyber Forensics|Digital Forensics|Cyber Crime-2023Cyber Forensics|Digital Forensics|Cyber Crime-2023
Cyber Forensics|Digital Forensics|Cyber Crime-2023
Cyber Security Experts
 
Lessons v on fraud awareness (digital forensics)
Lessons v on fraud awareness (digital forensics)Lessons v on fraud awareness (digital forensics)
Lessons v on fraud awareness (digital forensics)
CA.Kolluru Narayanarao
 
Lessons v on fraud awareness (digital forensics) [autosaved]
Lessons v on fraud awareness (digital forensics) [autosaved]Lessons v on fraud awareness (digital forensics) [autosaved]
Lessons v on fraud awareness (digital forensics) [autosaved]
Kolluru N Rao
 
Systematic Digital Forensic Investigation Model
Systematic Digital Forensic Investigation ModelSystematic Digital Forensic Investigation Model
Systematic Digital Forensic Investigation Model
CSCJournals
 
CYBERFORENSICS
CYBERFORENSICSCYBERFORENSICS
CYBERFORENSICS
Dr. Prashant Vats
 

Similar to Computer Forensics.pptx (20)

Review on Cyber Forensics - Copy.pptx
Review on Cyber Forensics - Copy.pptxReview on Cyber Forensics - Copy.pptx
Review on Cyber Forensics - Copy.pptx
 
Review on Computer Forensic
Review on Computer ForensicReview on Computer Forensic
Review on Computer Forensic
 
What is Digital Forensics.docx
What is Digital Forensics.docxWhat is Digital Forensics.docx
What is Digital Forensics.docx
 
Post-Genesis Digital Forensics Investigation
Post-Genesis Digital Forensics InvestigationPost-Genesis Digital Forensics Investigation
Post-Genesis Digital Forensics Investigation
 
Cyber evidence at crime scene
Cyber evidence at crime sceneCyber evidence at crime scene
Cyber evidence at crime scene
 
Digital forensics Steps
Digital forensics StepsDigital forensics Steps
Digital forensics Steps
 
3170725_Unit-1.pptx
3170725_Unit-1.pptx3170725_Unit-1.pptx
3170725_Unit-1.pptx
 
Fundamental digital forensik
Fundamental digital forensikFundamental digital forensik
Fundamental digital forensik
 
The Scope of Cyber Forensic.pptx
The Scope of Cyber Forensic.pptxThe Scope of Cyber Forensic.pptx
The Scope of Cyber Forensic.pptx
 
Scope of Cyber forensics
Scope of Cyber forensicsScope of Cyber forensics
Scope of Cyber forensics
 
Lecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.pptLecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.ppt
 
Network and computer forensics
Network and computer forensicsNetwork and computer forensics
Network and computer forensics
 
3170725_Unit-1.pptx
3170725_Unit-1.pptx3170725_Unit-1.pptx
3170725_Unit-1.pptx
 
Computer Forensic: A Reactive Strategy for Fighting Computer Crime
Computer Forensic: A Reactive Strategy for Fighting Computer CrimeComputer Forensic: A Reactive Strategy for Fighting Computer Crime
Computer Forensic: A Reactive Strategy for Fighting Computer Crime
 
Anti-Forensic Techniques and Its Impact on Digital Forensic
Anti-Forensic Techniques and Its Impact on Digital ForensicAnti-Forensic Techniques and Its Impact on Digital Forensic
Anti-Forensic Techniques and Its Impact on Digital Forensic
 
Cyber Forensics|Digital Forensics|Cyber Crime-2023
Cyber Forensics|Digital Forensics|Cyber Crime-2023Cyber Forensics|Digital Forensics|Cyber Crime-2023
Cyber Forensics|Digital Forensics|Cyber Crime-2023
 
Lessons v on fraud awareness (digital forensics)
Lessons v on fraud awareness (digital forensics)Lessons v on fraud awareness (digital forensics)
Lessons v on fraud awareness (digital forensics)
 
Lessons v on fraud awareness (digital forensics) [autosaved]
Lessons v on fraud awareness (digital forensics) [autosaved]Lessons v on fraud awareness (digital forensics) [autosaved]
Lessons v on fraud awareness (digital forensics) [autosaved]
 
Systematic Digital Forensic Investigation Model
Systematic Digital Forensic Investigation ModelSystematic Digital Forensic Investigation Model
Systematic Digital Forensic Investigation Model
 
CYBERFORENSICS
CYBERFORENSICSCYBERFORENSICS
CYBERFORENSICS
 

Recently uploaded

Sustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & EconomySustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & Economy
Operational Excellence Consulting
 
Premium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern BusinessesPremium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern Businesses
SynapseIndia
 
The effects of customers service quality and online reviews on customer loyal...
The effects of customers service quality and online reviews on customer loyal...The effects of customers service quality and online reviews on customer loyal...
The effects of customers service quality and online reviews on customer loyal...
balatucanapplelovely
 
Exploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social DreamingExploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social Dreaming
Nicola Wreford-Howard
 
VAT Registration Outlined In UAE: Benefits and Requirements
VAT Registration Outlined In UAE: Benefits and RequirementsVAT Registration Outlined In UAE: Benefits and Requirements
VAT Registration Outlined In UAE: Benefits and Requirements
uae taxgpt
 
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
BBPMedia1
 
Business Valuation Principles for Entrepreneurs
Business Valuation Principles for EntrepreneursBusiness Valuation Principles for Entrepreneurs
Business Valuation Principles for Entrepreneurs
Ben Wann
 
Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111
zoyaansari11365
 
Skye Residences | Extended Stay Residences Near Toronto Airport
Skye Residences | Extended Stay Residences Near Toronto AirportSkye Residences | Extended Stay Residences Near Toronto Airport
Skye Residences | Extended Stay Residences Near Toronto Airport
marketingjdass
 
20240425_ TJ Communications Credentials_compressed.pdf
20240425_ TJ Communications Credentials_compressed.pdf20240425_ TJ Communications Credentials_compressed.pdf
20240425_ TJ Communications Credentials_compressed.pdf
tjcomstrang
 
The-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic managementThe-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic management
Bojamma2
 
Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptx
Cynthia Clay
 
ENTREPRENEURSHIP TRAINING.ppt for graduating class (1).ppt
ENTREPRENEURSHIP TRAINING.ppt for graduating class (1).pptENTREPRENEURSHIP TRAINING.ppt for graduating class (1).ppt
ENTREPRENEURSHIP TRAINING.ppt for graduating class (1).ppt
zechu97
 
anas about venice for grade 6f about venice
anas about venice for grade 6f about veniceanas about venice for grade 6f about venice
anas about venice for grade 6f about venice
anasabutalha2013
 
Unveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdfUnveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdf
Sam H
 
FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134
LR1709MUSIC
 
Memorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.pptMemorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.ppt
seri bangash
 
Kseniya Leshchenko: Shared development support service model as the way to ma...
Kseniya Leshchenko: Shared development support service model as the way to ma...Kseniya Leshchenko: Shared development support service model as the way to ma...
Kseniya Leshchenko: Shared development support service model as the way to ma...
Lviv Startup Club
 
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s DholeraTata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Avirahi City Dholera
 
Attending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learnersAttending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learners
Erika906060
 

Recently uploaded (20)

Sustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & EconomySustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & Economy
 
Premium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern BusinessesPremium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern Businesses
 
The effects of customers service quality and online reviews on customer loyal...
The effects of customers service quality and online reviews on customer loyal...The effects of customers service quality and online reviews on customer loyal...
The effects of customers service quality and online reviews on customer loyal...
 
Exploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social DreamingExploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social Dreaming
 
VAT Registration Outlined In UAE: Benefits and Requirements
VAT Registration Outlined In UAE: Benefits and RequirementsVAT Registration Outlined In UAE: Benefits and Requirements
VAT Registration Outlined In UAE: Benefits and Requirements
 
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
 
Business Valuation Principles for Entrepreneurs
Business Valuation Principles for EntrepreneursBusiness Valuation Principles for Entrepreneurs
Business Valuation Principles for Entrepreneurs
 
Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111
 
Skye Residences | Extended Stay Residences Near Toronto Airport
Skye Residences | Extended Stay Residences Near Toronto AirportSkye Residences | Extended Stay Residences Near Toronto Airport
Skye Residences | Extended Stay Residences Near Toronto Airport
 
20240425_ TJ Communications Credentials_compressed.pdf
20240425_ TJ Communications Credentials_compressed.pdf20240425_ TJ Communications Credentials_compressed.pdf
20240425_ TJ Communications Credentials_compressed.pdf
 
The-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic managementThe-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic management
 
Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptx
 
ENTREPRENEURSHIP TRAINING.ppt for graduating class (1).ppt
ENTREPRENEURSHIP TRAINING.ppt for graduating class (1).pptENTREPRENEURSHIP TRAINING.ppt for graduating class (1).ppt
ENTREPRENEURSHIP TRAINING.ppt for graduating class (1).ppt
 
anas about venice for grade 6f about venice
anas about venice for grade 6f about veniceanas about venice for grade 6f about venice
anas about venice for grade 6f about venice
 
Unveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdfUnveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdf
 
FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134
 
Memorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.pptMemorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.ppt
 
Kseniya Leshchenko: Shared development support service model as the way to ma...
Kseniya Leshchenko: Shared development support service model as the way to ma...Kseniya Leshchenko: Shared development support service model as the way to ma...
Kseniya Leshchenko: Shared development support service model as the way to ma...
 
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s DholeraTata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
 
Attending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learnersAttending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learners
 

Computer Forensics.pptx

  • 1. Class Presentation Course: ICSE 7101- Cyber Security Topic: Forensics Student: Happiness Lenard
  • 3. Objectives 1. To introduce learners with the understanding of Computer Forensics Concepts 2. Understand key goal of Computer/Cyber Forensic 3. Acquire an understanding of Cardinal rules of Computer forensics 4. Understand the digital evidence. 5. Understand Digital forensics processes 6. Study how cyber forensics is used in cybercrime investigations 7. Understand and use Investigation tools in Cyber forensic
  • 4. Learning Outcomes At the end of the course the learner should be able to: 1. Computer Forensics Concepts 2. Understand key goals of Computer Forensics 3. Understand of Cardinal rules of Computer forensics 4. Comprehend the digital evidence mean with the base term Forensics science 5. Understand how cyber forensics is used in cybercrime investigations. 6. Appreciate and apply different Investigation tools in Cyber forensics.
  • 5. Outlines 1. Introduction 2. Rationale of Computer Forensics 3. The key role of the investigator 4. Cyber crime vs Digital Evidence 5. Chain of Custody 6. Computer Forensics Processes 7. Computer Forensics tools 8. Challenges
  • 6. Introduction(1/2) • Forensics science is very old compared to Computer forensics, since it was discovered over 100 years passed on the fingerprint record. • This is the science, that involves scientific tests and techniques used in connection with the detection of crime. • Refer to scientific techniques used to explore wrong doings collect, preserve, and analyze scientific evidence during the course of an investigation
  • 7. Introduction(2/2) • Different Categories of Forensic Science are:- • Forensic Accounting / Auditing • Computer /Digital/Cyber Forensics • Forensic Archaeology • Forensic Dentistry • Forensic Entomology • Forensic Graphology • Forensic Pathology • Forensic Psychology • Forensic Toxicology etc
  • 8. Computer Forensics(1/2) • Computer forensics is a field of technology that uses investigative techniques to identify and store evidence from a computer device, that is admissible in the court of law. • Digital Forensic Research Workshop has defined digital forensics as “The use of scientifically derived and proven methods toward the preservation, validation, identification, analysis, interpretation, documentation and presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events found to be criminal, or helping to anticipate unauthorized actions shown to be disruptive to planned operations.”
  • 9. Computer Forensics(2/2) • Computer Forensics, Digital Forensics and Cyber Forensics are terms that are used interchangeably.
  • 10. Rationale for Computer Forensics • With the digital revolution, the increase in digital crimes is inevitable. • People who use electronic devices leave behind different footprints, traces and markings. These virtual or digital traces could be file fragments, activity logs, timestamps, metadata and so on • Computer Forensics is needed in:- oIdentifying the cause and possible intent of a cyber attack
  • 11. Rationale for Computer Forensics oSafeguarding digital evidence used in the attack before it becomes obsolete oIncreasing security hygiene, retracing hacker steps, and finding hacker tools oSearching for data access/exfiltration oIdentifying the duration of unauthorized access on the network oGeolocating the logins and mapping them
  • 12. Cybercrime(1/4) • Cybercrime is criminal activity done using computers and the Internet. It encompasses any criminal act dealing with computers and networks. • It also includes traditional crimes conducted through the Internet. For example; hate crimes, telemarketing, Internet fraud, identity theft, credit card account thefts are considered to be cyber crimes when the illegal activities are committed through the use of a computer and the Internet.
  • 13. Cybercrime(2/4) • It includes anything from downloading illegal music files to stealing millions of dollars from online bank accounts etc. • Cybercrime also includes non-monetary offenses, such as creating and distributing viruses on other computers or posting confidential business information on the Internet.
  • 14. Cybercrime(3/4) • The first noted computer crime happened in 1969 and 1970 when scholars burned computers at different universities. At the same period people were discovering techniques for gaining unauthorized access to large –time shared computers. • Therefore at this time it was the time where intrusion and fraud committed with the aid of computer were first to be extensively known as a new type of crime.
  • 15. Cybercrime(4/4) Examples of Cyber Crime cases Investigated in Tanzania • Cyber Crimes Incidents in Financial Institutions of Tanzania available at https://www.researchgate.net/publication/275154064_Cyber_Crim es_Incidents_in_Financial_Institutions_of_Tanzania • Cybercrime and Criminal Investigation: challenges .Within The Tanzania Police Force Forensic Laboratory: available at http://scholar.mzumbe.ac.tz/bitstream/handle/11192.1/2405/MPA_JO HN%20MAYUNGA_2013.pdf?sequence=1
  • 16. Digital Evidence(1/4) • Digital evidence is defined as “any information of probative (proof) value that is either stored or transmitted in a digital form”. • It includes files stored on computer hard drive, digital video, digital audio, network packets transmitted over local area network, etc • Depending on what facts the digital evidence is supposed to prove, it can fall into different classes of evidence.
  • 17. Digital Evidence(2/4) • Digital images or software presented in court to prove the fact of possession are real evidence. • E-mail messages presented as proof of their content are documentary evidence. • Log files, file time stamps, all sorts of system information used to reconstruct sequence of events are circumstantial evidence. • Digital documents notarized using digital signature may fall into testimony category.
  • 18. Digital Evidence(3/4) There are list of frameworks involved in essentially recognizing a piece of digital evidence:- • Physical context: it is required to be recognizable in its physical form, that is it should reside on a specific piece of media. • Logical context: It must be discoverable as to its logical position, that is where does it reside relative to the file system • Legal context The evidence is require to be in the correct context to read its meaning. This requires to look at the machine language.eg American Standard code for Information Interchange.(ASCII)
  • 19. Digital Evidence(4/4) Understanding the digital path of the evidence Source: Bajaj, K.( 2014) “ Cyber Security: Understanding Cyber Crimes, Computer Forensics and Legal Perspectives ”
  • 20. The Chain of Custody (1) • Chain of custody refer the sequential(in order)documentation path that shows the appropriation, trusteeship, control, transfer, investigation and nature of evidence ,physical or electronic. • Generally the idea of the chain of custody is to ensure that the evidence is not altered/damaged. • The chain of custody wants that from the time the evidence is gathered, every transfer of the evidence from one person to another person need to be recorded as it helps to provide the truth that no anyone has accessed the evidence
  • 21. The Chain of Custody (2) • It is encouraged to keep the number of evidences transfer as small as possible. • In larger views evidence comprises everything that is used to demonstrate or shows the truth of a claim. • The main reason of documenting the chain of custody is to establish that the supposed evidence is, truly, connected to the supposed crime. • The aim is to establish the Integrity of the evidence.
  • 22. Computer Forensics Process(1) Source: Bajaj, K., 2014” . Cyber Security: Understanding Cyber Crimes, Computer Forensics And Legal Perspectives ” Computer Forensic Life Cycle
  • 23. In summary, the digital forensics process involves the following steps:- 1. Identification It is the first step in the forensic process. The identification process mainly includes things like what evidence is present, where it is stored, and lastly, how it is stored (in which format). Electronic storage media can be personal computers, Mobile phones, PDAs, etc. 2. Preservation In this phase, data is isolated, secured, and preserved. It includes preventing people from using the digital device so that digital evidence is not tampered with. Computer Forensics Process(2)
  • 24. Computer Forensics Process(3) 3. Analysis In this step, investigation agents reconstruct fragments of data and draw conclusions based on evidence found. However, it might take numerous iterations of examination to support a specific crime theory. 4. Documentation In this process, a record of all the visible data must be created. It helps in recreating the crime scene and reviewing it. It Involves proper documentation of the crime scene along with photographing, sketching, and crime-scene mapping. .
  • 25. Computer Forensics Process(4) 5. Presentation In this last step, the process of summarization and explanation of conclusions is done. However, it should be written in a layperson’s terms using abstracted terminologies. All abstracted terminologies should reference the specific details
  • 26. Computer Forensic Tools • There are Commercial and Open Source Tools. • The National Institute of Standards and Technology (NIST) has developed a Computer Forensics Tool Testing (CFTT) program that tests digital forensic tools and makes all findings available to the public. • More information on testing tools can be found via https://www.dhs.gov/science-and-technology/nist-cftt-reports.
  • 27. Open Source Tools The Kali Linux • Kali Linux is a Certified EC-Council Instructor (CEI) for the Certified Ethical Hacker (CEH) software for the above mentioned professional courses. • This operating system is usually the star of the class due to its many impressive. Pushed security programs, ranging from scanning and reconnaissance tools to advanced exploitation tools and reporting tools. • Kali Linux can be used as a live-response forensic tool as it contains many of the tools required for full investigations.
  • 28. Open Source Tools(1) Source: (Parasram,2020) Digital Forensics with kali Linux Kali Linux live view mode for forensics in bootable DVD or Flash drive
  • 29. Open Source Tools(2) Screenshot showing computer forensic tools available in Kali Linux
  • 30. Commercial forensics tools(1) 1. Belkasoft Evidence Center (EC) 2020 • Belkasoft EC is an automated incident response and forensic tool that is capable of analyzing acquired images of memory dumps, virtual machines, and cloud and mobile backups, as well as physical and logical drives. • The tool is also capable of recovering, and analyzing information from: Office documents, Browser activity and information, Email and Social media activity, Mobile applications, Messenger applications (WhatsApp, Facebook Messenger, and even BlackBerry Messenger) Website: https://belkasoft.com/ or https://belkasoft.com/get
  • 31. Commercial forensics tools(2) 2. AccessData Forensic Toolkit (FTK) • This tool is used worldwide by professionally by forensic investigators and law enforcement agencies worldwide to accomplish the following: • Indexing of data, to allow faster and easier searching and analysis, Password cracking and file decryption, Automated analysis, Ability to perform customized data carving, Advanced data recovery • Website: https://accessdata.com/product- download/forensic-toolkit-ftk-internationalversion-7-0-0
  • 32. Commercial forensics tools(3) 3. EnCase Forensic • This tool is used internationally by professionals and law enforcement agencies for almost two decades. • EnCase gives solution on incident response, e-discovery, and endpoint and mobile forensics.Below are the output provided: Website: https://www.guidancesoftware.com/encase- forensic
  • 33. Challenges in computer Forensics(1) • Anonymity of digital information Digital information generated, stored, and transmitted between computing devices does not bear any physical imprints connecting it to the individual who caused its generation. Unless the information is a recording from external sensors capable of perceiving individualizing characteristics (e.g. speech recording, video, or photographs) or was generated using some secret known to a single person (e.g. digital signature) there is nothing intrinsic linking digits to a person.
  • 34. Computer forensics challenges (2) Danger of damaged information • Like many other types of evidential material, digital information stored on magnetic and optical media can be damaged by a variety of causes. Dampness, strong magnetic fields, ultraviolet radiation, and incompetent use of storage devices and examination tools are some of the possibilities. • A single bit change may cause dramatic change in its interpretation.. • To minimise the impact of this problem, typical storage devices use checksumming and similar means allowing them to reasonably reliably detect accidental information damage.
  • 35. Other Challenges • The increase of PC’s and extensive use of internet access • Easy availability of hacking tools • Lack of physical evidence makes prosecution difficult. • The large amount of storage space into Terabytes that makes this investigation job difficult. • Any technological changes require an upgrade or changes to solutions.
  • 36. Bibliography • Bajaj, K. (2014). Cyber Security: Understanding Cyber Crimes, Computer Forensics And Legal Perspectives (2 ed.). Hoboken: John Wiley &Sons Asia Pte L.t.d. • Britz, M. T. (2016). Computer Forensics and Cyber Crime and Introduction (2 ed.). Repro: Repro Knowledge Cast L.t.d. • Mark Merkow, J. B. (2016). Information Security Principles and Practices (2 ed.). Repro: Ripro knowledge cast L.t.d. • Pande, J. (2017). Introduction to Cybersecurity (1 ed.). Haldwani: Uttarakhand Open University. • Parasram, S. V. (2020). Digital Forensics with Kali Linux . Birmingham-Mumbai: Packt Publishing . • https://online.norwich.edu/academic-programs/resources/5-steps-for- conducting-computer-forensics-investigations(Improve it)