SlideShare a Scribd company logo

Cyber forensic investigation & Analysis

Download as PPTX, PDF
Anshul Tayal
Anshul Tayal

An - Overview of Digital Forensic Investigation, It's Processes and Procedures with list of tools we can use to accomplish the goal.

Education
1 of 20
“Cyber Forensic Investigation & Analysis” Session By: Anshul Tayal
Outline • Introduction What is Digital Forensics? Branches of Digital Forensics. Objectives of Digital Forensics. Difference between Cyber Forensics and Cyber Security. • Digital Evidence Rules for Digital Evidence. Handling Digital Evidence. • Process of Digital Forensic Investigation. • Things You Should Remember 2
Introduction • What is digital forensics? Digital Forensics or Cyber Forensics is the process of detecting, and analyzing the attacks that jeopardizes the Confidentiality, Integrity, and Availability of an IT System. 3
Continued… • Branches of Digital Forensics There are four main branches of digital forensics – o Computer Forensics. o Network Forensics. o Mobile Device Forensics. o Database Forensics. o Cloud Forensics o Email and Social Media Forensics o Malware Forensics etc. 4
Continued… • Objectives of Digital Forensics The main objective of Digital Forensics is to find out the answer of these three mysterious questions - What? Why? And How? To gather Digital Evidences to ensure, that the answers you have found for above questions are correct and you can present them in the court. 5
Digital Evidences Digital evidence is any information or data of value to an investigation that is stored on, received by, or transmitted by an electronic device. Text messages, emails, pictures, videos, and internet searches are some of the most common types of digital evidence. 6
Continued… • Rules for Digital Evidence Admissible- Must be able to be used in court or elsewhere. Authentic- Evidence must be relevant to the case. Complete- Must not lack any information. Reliable- No question about authenticity. Believable- Clear, easy to understand, and believable by a jury. 7
Continued… • Handling Digital Evidence o No possible evidence should be damaged, destroyed, or otherwise compromised by the procedures used to search the computer. o Preventing viruses from being introduced to a computer during the analysis process. o Extracted / relevant evidence is properly handled and protected from later mechanical or electromagnetic damage. o Establishing and maintaining a continuing chain of custody. o Limiting the amount of time business operations are affected. 8
Process of Digital Forensic Investigation The investigative process encompasses- 9 Fig. 1 Digital Forensic Investigation Process
Continued… 10 • Identification In the Identification phase these processes took place- 1. Event/Crime Detection. 2. Complaints. 3. Approach Formulation. 4. Case Analysis.
Continued… 11 • Preservation In the Preservation phase these processes took place- 1. Crime Scene Preservation. 2. Chain of Custody. 3. Client permission Form. 4. Case Management. 5. Time Sync.
Demonstration 12
Continued… 13 • Collection In the Collection phase these processes took place- 1. Preservation. 2. Acquire. 3. Recognize and Collect Evidence. 4. Data Preservation.
Demonstration 14
Continued… • Examination In the Examination phase these processes took place- 1. Preservation. 2. Filtering. 3. Pattern Matching. 4. Data Recovery (Hidden Data). 5. Data Extraction. 15
Continued… • Analysis In the Analysis phase these processes took place- 1. Preservation. 2. Determine Significance. 3. Validation. 4. Find the Link. 5. Draw Conclusion. 16
Demonstration 17
Continued… • Presentation/Reporting In the Reporting phase these processes took place- 1. Documentation. 2. Expert Testimony. 3. Recommended Countermeasures. 4. Statistical Interpretation. 18
Things You Should Remember! 1. Avoid changing date/time stamps (of files for example)or changing data itself. 2. Overwriting of unallocated space (which can happen on re-boot for example). 3. Always calculate/generate hash value of each information/data, collected during the investigation. 19
Cyber forensic investigation & Analysis

Recommended

Incident response process
Incident response processIncident response process
Incident response process
Bhupeshkumar Nanhe
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidence
rakesh mishra
 
Lect 5 computer forensics
Lect 5 computer forensicsLect 5 computer forensics
Lect 5 computer forensics
Kabul Education University
 
Data recovery
Data recoveryData recovery
Data recovery
Mir Majid
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
Vidoushi B-Somrah
 
Collecting and preserving digital evidence
Collecting and preserving digital evidenceCollecting and preserving digital evidence
Collecting and preserving digital evidence
Online
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensics
primeteacher32
 
Data Acquisition
Data AcquisitionData Acquisition
Data Acquisition
primeteacher32
 

Recommended

Incident response process
Incident response processIncident response process
Incident response process
Bhupeshkumar Nanhe
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidence
rakesh mishra
 
Lect 5 computer forensics
Lect 5 computer forensicsLect 5 computer forensics
Lect 5 computer forensics
Kabul Education University
 
Data recovery
Data recoveryData recovery
Data recovery
Mir Majid
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
Vidoushi B-Somrah
 
Collecting and preserving digital evidence
Collecting and preserving digital evidenceCollecting and preserving digital evidence
Collecting and preserving digital evidence
Online
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensics
primeteacher32
 
Data Acquisition
Data AcquisitionData Acquisition
Data Acquisition
primeteacher32
 
Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu Khimani
Dr Raghu Khimani
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic tools
Parsons Corporation
 
Preserving and recovering digital evidence
Preserving and recovering digital evidencePreserving and recovering digital evidence
Preserving and recovering digital evidence
Online
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensics
anupriti
 
Mobile Forensics
Mobile Forensics Mobile Forensics
Mobile Forensics
abdullah roomi
 
Expert Testimony - Gangs
Expert Testimony - GangsExpert Testimony - Gangs
Expert Testimony - Gangs
Carter F. Smith, J.D., Ph.D.
 
Computer Forensics ppt
Computer Forensics pptComputer Forensics ppt
Computer Forensics ppt
OECLIB Odisha Electronics Control Library
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensic
Online
 
Autopsy Digital forensics tool
Autopsy Digital forensics toolAutopsy Digital forensics tool
Autopsy Digital forensics tool
Sreekanth Narendran
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
yash sawarkar
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
Roberto Ellis
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
Vikas Jain
 
Forensic imaging
Forensic imagingForensic imaging
Forensic imaging
DINESH KAMBLE
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics Overview
Yansi Keim
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptx
Ambuj Kumar
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2
Manu Mathew Cherian
 
First Responder Officer in Cyber Crime
First Responder Officer in Cyber CrimeFirst Responder Officer in Cyber Crime
First Responder Officer in Cyber Crime
Applied Forensic Research Sciences
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
Mithileysh Sathiyanarayanan
 
Data recovery with a view of digital forensics
Data recovery with a view of digital forensics Data recovery with a view of digital forensics
Data recovery with a view of digital forensics
Ahmed Hashad
 
La importancia del manejo de la evidencia digital
La importancia del manejo de la evidencia digitalLa importancia del manejo de la evidencia digital
La importancia del manejo de la evidencia digital
Hacking Bolivia
 
Computer Forensics.pptx
Computer Forensics.pptxComputer Forensics.pptx
Computer Forensics.pptx
Happyness Mkumbo
 
What is Digital Forensics.docx
What is Digital Forensics.docxWhat is Digital Forensics.docx
What is Digital Forensics.docx
AliAshraf68199
 

More Related Content

What's hot

Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu Khimani
Dr Raghu Khimani
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic tools
Parsons Corporation
 
Preserving and recovering digital evidence
Preserving and recovering digital evidencePreserving and recovering digital evidence
Preserving and recovering digital evidence
Online
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensics
anupriti
 
Mobile Forensics
Mobile Forensics Mobile Forensics
Mobile Forensics
abdullah roomi
 
Expert Testimony - Gangs
Expert Testimony - GangsExpert Testimony - Gangs
Expert Testimony - Gangs
Carter F. Smith, J.D., Ph.D.
 
Computer Forensics ppt
Computer Forensics pptComputer Forensics ppt
Computer Forensics ppt
OECLIB Odisha Electronics Control Library
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensic
Online
 
Autopsy Digital forensics tool
Autopsy Digital forensics toolAutopsy Digital forensics tool
Autopsy Digital forensics tool
Sreekanth Narendran
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
yash sawarkar
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
Roberto Ellis
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
Vikas Jain
 
Forensic imaging
Forensic imagingForensic imaging
Forensic imaging
DINESH KAMBLE
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics Overview
Yansi Keim
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptx
Ambuj Kumar
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2
Manu Mathew Cherian
 
First Responder Officer in Cyber Crime
First Responder Officer in Cyber CrimeFirst Responder Officer in Cyber Crime
First Responder Officer in Cyber Crime
Applied Forensic Research Sciences
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
Mithileysh Sathiyanarayanan
 
Data recovery with a view of digital forensics
Data recovery with a view of digital forensics Data recovery with a view of digital forensics
Data recovery with a view of digital forensics
Ahmed Hashad
 
La importancia del manejo de la evidencia digital
La importancia del manejo de la evidencia digitalLa importancia del manejo de la evidencia digital
La importancia del manejo de la evidencia digital
Hacking Bolivia
 

What's hot (20)

Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu Khimani
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic tools
 
Preserving and recovering digital evidence
Preserving and recovering digital evidencePreserving and recovering digital evidence
Preserving and recovering digital evidence
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensics
 
Mobile Forensics
Mobile Forensics Mobile Forensics
Mobile Forensics
 
Expert Testimony - Gangs
Expert Testimony - GangsExpert Testimony - Gangs
Expert Testimony - Gangs
 
Computer Forensics ppt
Computer Forensics pptComputer Forensics ppt
Computer Forensics ppt
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensic
 
Autopsy Digital forensics tool
Autopsy Digital forensics toolAutopsy Digital forensics tool
Autopsy Digital forensics tool
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Forensic imaging
Forensic imagingForensic imaging
Forensic imaging
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics Overview
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptx
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2
 
First Responder Officer in Cyber Crime
First Responder Officer in Cyber CrimeFirst Responder Officer in Cyber Crime
First Responder Officer in Cyber Crime
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Data recovery with a view of digital forensics
Data recovery with a view of digital forensics Data recovery with a view of digital forensics
Data recovery with a view of digital forensics
 
La importancia del manejo de la evidencia digital
La importancia del manejo de la evidencia digitalLa importancia del manejo de la evidencia digital
La importancia del manejo de la evidencia digital
 

Similar to Cyber forensic investigation & Analysis

Computer Forensics.pptx
Computer Forensics.pptxComputer Forensics.pptx
Computer Forensics.pptx
Happyness Mkumbo
 
What is Digital Forensics.docx
What is Digital Forensics.docxWhat is Digital Forensics.docx
What is Digital Forensics.docx
AliAshraf68199
 
The Scope of Cyber Forensic.pptx
The Scope of Cyber Forensic.pptxThe Scope of Cyber Forensic.pptx
The Scope of Cyber Forensic.pptx
Applied Forensic Research Sciences
 
Scope of Cyber forensics
Scope of Cyber forensicsScope of Cyber forensics
Scope of Cyber forensics
Applied Forensic Research Sciences
 
Fundamental digital forensik
Fundamental digital forensikFundamental digital forensik
Fundamental digital forensik
newbie2019
 
Digital forensic
Digital forensicDigital forensic
Digital forensic
Chandan Sah
 
Digital Forensic
Digital ForensicDigital Forensic
Digital Forensic
Cleverence Kombe
 
Network and computer forensics
Network and computer forensicsNetwork and computer forensics
Network and computer forensics
Johnson Ubah
 
CYBERFORENSICS
CYBERFORENSICSCYBERFORENSICS
CYBERFORENSICS
Dr. Prashant Vats
 
Cyber forensics and auditing
Cyber forensics and auditingCyber forensics and auditing
Cyber forensics and auditing
Sweta Kumari Barnwal
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1
Manu Mathew Cherian
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
APNIC
 
Uncover important digital evidence with digital forensic tools
Uncover important digital evidence with digital forensic toolsUncover important digital evidence with digital forensic tools
Uncover important digital evidence with digital forensic tools
Paraben Corporation
 
CS426_forensics.ppt
CS426_forensics.pptCS426_forensics.ppt
CS426_forensics.ppt
Faiz430036
 
reserach paper on Study Of Digital Forensics Process.docx
reserach paper on Study Of Digital Forensics Process.docxreserach paper on Study Of Digital Forensics Process.docx
reserach paper on Study Of Digital Forensics Process.docx
NavneetSaluja5
 
Cyber evidence at crime scene
Cyber evidence at crime sceneCyber evidence at crime scene
Cyber evidence at crime scene
Applied Forensic Research Sciences
 
Digital Forensics Assignment One UEL and Unicaf
Digital Forensics Assignment One UEL and UnicafDigital Forensics Assignment One UEL and Unicaf
Digital Forensics Assignment One UEL and Unicaf
DamaineFranklinMScBE
 
Lecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.pptLecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.ppt
Surajgroupsvideo
 
FORENSIC COMPUTING MODELS: TECHNICAL OVERVIEW
FORENSIC COMPUTING MODELS: TECHNICAL OVERVIEWFORENSIC COMPUTING MODELS: TECHNICAL OVERVIEW
FORENSIC COMPUTING MODELS: TECHNICAL OVERVIEW
cscpconf
 
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
IGN MANTRA
 

Similar to Cyber forensic investigation & Analysis (20)

Computer Forensics.pptx
Computer Forensics.pptxComputer Forensics.pptx
Computer Forensics.pptx
 
What is Digital Forensics.docx
What is Digital Forensics.docxWhat is Digital Forensics.docx
What is Digital Forensics.docx
 
The Scope of Cyber Forensic.pptx
The Scope of Cyber Forensic.pptxThe Scope of Cyber Forensic.pptx
The Scope of Cyber Forensic.pptx
 
Scope of Cyber forensics
Scope of Cyber forensicsScope of Cyber forensics
Scope of Cyber forensics
 
Fundamental digital forensik
Fundamental digital forensikFundamental digital forensik
Fundamental digital forensik
 
Digital forensic
Digital forensicDigital forensic
Digital forensic
 
Digital Forensic
Digital ForensicDigital Forensic
Digital Forensic
 
Network and computer forensics
Network and computer forensicsNetwork and computer forensics
Network and computer forensics
 
CYBERFORENSICS
CYBERFORENSICSCYBERFORENSICS
CYBERFORENSICS
 
Cyber forensics and auditing
Cyber forensics and auditingCyber forensics and auditing
Cyber forensics and auditing
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
 
Uncover important digital evidence with digital forensic tools
Uncover important digital evidence with digital forensic toolsUncover important digital evidence with digital forensic tools
Uncover important digital evidence with digital forensic tools
 
CS426_forensics.ppt
CS426_forensics.pptCS426_forensics.ppt
CS426_forensics.ppt
 
reserach paper on Study Of Digital Forensics Process.docx
reserach paper on Study Of Digital Forensics Process.docxreserach paper on Study Of Digital Forensics Process.docx
reserach paper on Study Of Digital Forensics Process.docx
 
Cyber evidence at crime scene
Cyber evidence at crime sceneCyber evidence at crime scene
Cyber evidence at crime scene
 
Digital Forensics Assignment One UEL and Unicaf
Digital Forensics Assignment One UEL and UnicafDigital Forensics Assignment One UEL and Unicaf
Digital Forensics Assignment One UEL and Unicaf
 
Lecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.pptLecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.ppt
 
FORENSIC COMPUTING MODELS: TECHNICAL OVERVIEW
FORENSIC COMPUTING MODELS: TECHNICAL OVERVIEWFORENSIC COMPUTING MODELS: TECHNICAL OVERVIEW
FORENSIC COMPUTING MODELS: TECHNICAL OVERVIEW
 
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
 

Recently uploaded

How to Fix the Import Error in the Odoo 17
How to Fix the Import Error in the Odoo 17How to Fix the Import Error in the Odoo 17
How to Fix the Import Error in the Odoo 17
Celine George
 
RHEOLOGY Physical pharmaceutics-II notes for B.pharm 4th sem students
RHEOLOGY Physical pharmaceutics-II notes for B.pharm 4th sem studentsRHEOLOGY Physical pharmaceutics-II notes for B.pharm 4th sem students
RHEOLOGY Physical pharmaceutics-II notes for B.pharm 4th sem students
Himanshu Rai
 
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
National Information Standards Organization (NISO)
 
Life upper-Intermediate B2 Workbook for student
Life upper-Intermediate B2 Workbook for studentLife upper-Intermediate B2 Workbook for student
Life upper-Intermediate B2 Workbook for student
NgcHiNguyn25
 
How to Create a More Engaging and Human Online Learning Experience
How to Create a More Engaging and Human Online Learning Experience How to Create a More Engaging and Human Online Learning Experience
How to Create a More Engaging and Human Online Learning Experience
Wahiba Chair Training & Consulting
 
Cognitive Development Adolescence Psychology
Cognitive Development Adolescence PsychologyCognitive Development Adolescence Psychology
Cognitive Development Adolescence Psychology
paigestewart1632
 
How to Make a Field Mandatory in Odoo 17
How to Make a Field Mandatory in Odoo 17How to Make a Field Mandatory in Odoo 17
How to Make a Field Mandatory in Odoo 17
Celine George
 
How to Setup Warehouse & Location in Odoo 17 Inventory
How to Setup Warehouse & Location in Odoo 17 InventoryHow to Setup Warehouse & Location in Odoo 17 Inventory
How to Setup Warehouse & Location in Odoo 17 Inventory
Celine George
 
Main Java[All of the Base Concepts}.docx
Main Java[All of the Base Concepts}.docxMain Java[All of the Base Concepts}.docx
Main Java[All of the Base Concepts}.docx
adhitya5119
 
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Dr. Vinod Kumar Kanvaria
 
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdfবাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
eBook.com.bd (প্রয়োজনীয় বাংলা বই)
 
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
Nguyen Thanh Tu Collection
 
Liberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdfLiberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdf
WaniBasim
 
PCOS corelations and management through Ayurveda.
PCOS corelations and management through Ayurveda.PCOS corelations and management through Ayurveda.
PCOS corelations and management through Ayurveda.
Dr. Shivangi Singh Parihar
 
Reimagining Your Library Space: How to Increase the Vibes in Your Library No ...
Reimagining Your Library Space: How to Increase the Vibes in Your Library No ...Reimagining Your Library Space: How to Increase the Vibes in Your Library No ...
Reimagining Your Library Space: How to Increase the Vibes in Your Library No ...
Diana Rendina
 
Film vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movieFilm vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movie
Nicholas Montgomery
 
How to Add Chatter in the odoo 17 ERP Module
How to Add Chatter in the odoo 17 ERP ModuleHow to Add Chatter in the odoo 17 ERP Module
How to Add Chatter in the odoo 17 ERP Module
Celine George
 
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
PECB
 
Hindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdfHindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdf
Dr. Mulla Adam Ali
 
ANATOMY AND BIOMECHANICS OF HIP JOINT.pdf
ANATOMY AND BIOMECHANICS OF HIP JOINT.pdfANATOMY AND BIOMECHANICS OF HIP JOINT.pdf
ANATOMY AND BIOMECHANICS OF HIP JOINT.pdf
Priyankaranawat4
 

Recently uploaded (20)

How to Fix the Import Error in the Odoo 17
How to Fix the Import Error in the Odoo 17How to Fix the Import Error in the Odoo 17
How to Fix the Import Error in the Odoo 17
 
RHEOLOGY Physical pharmaceutics-II notes for B.pharm 4th sem students
RHEOLOGY Physical pharmaceutics-II notes for B.pharm 4th sem studentsRHEOLOGY Physical pharmaceutics-II notes for B.pharm 4th sem students
RHEOLOGY Physical pharmaceutics-II notes for B.pharm 4th sem students
 
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
 
Life upper-Intermediate B2 Workbook for student
Life upper-Intermediate B2 Workbook for studentLife upper-Intermediate B2 Workbook for student
Life upper-Intermediate B2 Workbook for student
 
How to Create a More Engaging and Human Online Learning Experience
How to Create a More Engaging and Human Online Learning Experience How to Create a More Engaging and Human Online Learning Experience
How to Create a More Engaging and Human Online Learning Experience
 
Cognitive Development Adolescence Psychology
Cognitive Development Adolescence PsychologyCognitive Development Adolescence Psychology
Cognitive Development Adolescence Psychology
 
How to Make a Field Mandatory in Odoo 17
How to Make a Field Mandatory in Odoo 17How to Make a Field Mandatory in Odoo 17
How to Make a Field Mandatory in Odoo 17
 
How to Setup Warehouse & Location in Odoo 17 Inventory
How to Setup Warehouse & Location in Odoo 17 InventoryHow to Setup Warehouse & Location in Odoo 17 Inventory
How to Setup Warehouse & Location in Odoo 17 Inventory
 
Main Java[All of the Base Concepts}.docx
Main Java[All of the Base Concepts}.docxMain Java[All of the Base Concepts}.docx
Main Java[All of the Base Concepts}.docx
 
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
 
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdfবাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
 
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
 
Liberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdfLiberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdf
 
PCOS corelations and management through Ayurveda.
PCOS corelations and management through Ayurveda.PCOS corelations and management through Ayurveda.
PCOS corelations and management through Ayurveda.
 
Reimagining Your Library Space: How to Increase the Vibes in Your Library No ...
Reimagining Your Library Space: How to Increase the Vibes in Your Library No ...Reimagining Your Library Space: How to Increase the Vibes in Your Library No ...
Reimagining Your Library Space: How to Increase the Vibes in Your Library No ...
 
Film vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movieFilm vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movie
 
How to Add Chatter in the odoo 17 ERP Module
How to Add Chatter in the odoo 17 ERP ModuleHow to Add Chatter in the odoo 17 ERP Module
How to Add Chatter in the odoo 17 ERP Module
 
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
 
Hindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdfHindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdf
 
ANATOMY AND BIOMECHANICS OF HIP JOINT.pdf
ANATOMY AND BIOMECHANICS OF HIP JOINT.pdfANATOMY AND BIOMECHANICS OF HIP JOINT.pdf
ANATOMY AND BIOMECHANICS OF HIP JOINT.pdf
 

Cyber forensic investigation & Analysis

  • 1. “Cyber Forensic Investigation & Analysis” Session By: Anshul Tayal
  • 2. Outline • Introduction What is Digital Forensics? Branches of Digital Forensics. Objectives of Digital Forensics. Difference between Cyber Forensics and Cyber Security. • Digital Evidence Rules for Digital Evidence. Handling Digital Evidence. • Process of Digital Forensic Investigation. • Things You Should Remember 2
  • 3. Introduction • What is digital forensics? Digital Forensics or Cyber Forensics is the process of detecting, and analyzing the attacks that jeopardizes the Confidentiality, Integrity, and Availability of an IT System. 3
  • 4. Continued… • Branches of Digital Forensics There are four main branches of digital forensics – o Computer Forensics. o Network Forensics. o Mobile Device Forensics. o Database Forensics. o Cloud Forensics o Email and Social Media Forensics o Malware Forensics etc. 4
  • 5. Continued… • Objectives of Digital Forensics The main objective of Digital Forensics is to find out the answer of these three mysterious questions - What? Why? And How? To gather Digital Evidences to ensure, that the answers you have found for above questions are correct and you can present them in the court. 5
  • 6. Digital Evidences Digital evidence is any information or data of value to an investigation that is stored on, received by, or transmitted by an electronic device. Text messages, emails, pictures, videos, and internet searches are some of the most common types of digital evidence. 6
  • 7. Continued… • Rules for Digital Evidence Admissible- Must be able to be used in court or elsewhere. Authentic- Evidence must be relevant to the case. Complete- Must not lack any information. Reliable- No question about authenticity. Believable- Clear, easy to understand, and believable by a jury. 7
  • 8. Continued… • Handling Digital Evidence o No possible evidence should be damaged, destroyed, or otherwise compromised by the procedures used to search the computer. o Preventing viruses from being introduced to a computer during the analysis process. o Extracted / relevant evidence is properly handled and protected from later mechanical or electromagnetic damage. o Establishing and maintaining a continuing chain of custody. o Limiting the amount of time business operations are affected. 8
  • 9. Process of Digital Forensic Investigation The investigative process encompasses- 9 Fig. 1 Digital Forensic Investigation Process
  • 10. Continued… 10 • Identification In the Identification phase these processes took place- 1. Event/Crime Detection. 2. Complaints. 3. Approach Formulation. 4. Case Analysis.
  • 11. Continued… 11 • Preservation In the Preservation phase these processes took place- 1. Crime Scene Preservation. 2. Chain of Custody. 3. Client permission Form. 4. Case Management. 5. Time Sync.
  • 13. Continued… 13 • Collection In the Collection phase these processes took place- 1. Preservation. 2. Acquire. 3. Recognize and Collect Evidence. 4. Data Preservation.
  • 15. Continued… • Examination In the Examination phase these processes took place- 1. Preservation. 2. Filtering. 3. Pattern Matching. 4. Data Recovery (Hidden Data). 5. Data Extraction. 15
  • 16. Continued… • Analysis In the Analysis phase these processes took place- 1. Preservation. 2. Determine Significance. 3. Validation. 4. Find the Link. 5. Draw Conclusion. 16
  • 18. Continued… • Presentation/Reporting In the Reporting phase these processes took place- 1. Documentation. 2. Expert Testimony. 3. Recommended Countermeasures. 4. Statistical Interpretation. 18
  • 19. Things You Should Remember! 1. Avoid changing date/time stamps (of files for example)or changing data itself. 2. Overwriting of unallocated space (which can happen on re-boot for example). 3. Always calculate/generate hash value of each information/data, collected during the investigation. 19

Editor's Notes

  1. Confidentiality: The principle of Confidentiality specifies that only the sender and the intended receiver(s) should be able to access the contents of a message. Integrity: The principle of Integrity specifies the Correctness of Data. Availability: The principle of Availability states that resources should be available to authorizes parties at all times.
  2. Show all the Forms and Demonstrate Cryptool for calculating Hash and Write Blocker (Mannual)
  3. Demonstration of Website Acquisition, Memory Acquisition and HDD Acquisition
  4. Demonstrate Log Analysis