SlideShare a Scribd company logo

Cyber Forensics & Challenges

Deepak Kumar (D3)
Deepak Kumar (D3)

Introductory of Cyber Forensics, Standards and Challenges. About chain of custody and forensics trends.

Education
1 of 23
Download to read offline
DISCLAIMER The issues addressed in this presentation may be controversial. This is for educational and awareness purposes only. Do not attempt to violate the law with anything contained here. Neither the author of this material, nor anyone else affiliated in any way, is liable for your actions. Some information from the internet and some of personal experience; doesn’t want to hurt anybody, and please give Feedback  D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE FORENSICS CHALLENGES
AGENDA FORENSIC GUIDELINES CHAIN OF CUSTODY FORENSICS CHALLENGES ANTI-FORENSICS WHAT IS FORENSICS STEPS OF FORENSICS TOOLS & QUESTIONS DIGITAL FORENSICS TRENDS GOOD THINGS IN FORENSICS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE FORENSICS CHALLENGES
SO WHAT IS 4N6 ? IF THE COMPANY HACKED WHAT'S YOUR FIRST REACTION ?
YOU MEAN • Almost Just Doing Data Extraction & Reporting • Working On Tools • Good In Malware Analysis • Data Recovery From Storage Media • Running Certain Script Programming • Rooting / Jailbreak Mobile Phones • …. FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
Science for the examination and analysis of digital trace evidence.
FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
DIGITAL FORENSICS STANDARDS & GUIDELINES • NIST: National Institute of Standard Technology (CFTT, NSRL, CFReDS) • NIJ: National Institute of Justice (Several Standards, National Criminal Justice Reference Service) • IOCE: International Organization on Computer Evidence • ASCLD/LAB: American Society of Crime Laboratory Directors/Laboratory Accreditation Board • ASTM: E2678 standard; Guide for Education & Training • ISO SC 27 CS1: 17025 General requirements for the competence of testing and calibration laboratories • AES: Audio Engineering Society (Authentication of Analog tape) • SWGDE & SWGIT: Scientific Working Group on Digital Evidence & Scientific Working Group on Imaging Technology • ACPO: Association of Chief Police Officers • DSCI Manual India (Not specific standards but Manual) FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE CHAIN OF CUSTODY Lack of integrity in the process of custody and, absence of appropriate documentation in this regard, will not only be detrimental to the cyber crime investigation, during trial but also, expose the IOs to criminal liability under Section 72 of the ITAA2008
STANDARDS + TOOLS + _______ = FORENSICS
FORENSIC CHALLENGES FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
WHICH CYBER SECURITY THREAT ARE YOU "MOST" CONCERNED ABOUT? • Social Engineering • Malware • Data Breach • Insiders • Ddos • Noobs • Welcome ______To Add Your Option FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
BIGGEST CHALLENGES IN DIGI FORENSICS • Encryption • Cloud Forensics • Triage • Legal Challenges • Growth In Digital Crimes • Lack Of Resource • Cross-border Cooperation • Latest Emerging Technologies • Lack Of Intelligence • New Application Artifacts • SSD Forensics • Fileless Malware APT FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
ANTI-FORENSICS AWESOME FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE • Basic Tactics • Data Hidings/ Steg • Deleting Data • Cracked Craps VPN Proxy • Shells (SIEM web logs) • Renaming Datafile • Changing Attributes etc • Misinformation / Honeypot • Tail, ToR • Live OS • Hacked WiFi • Fileless Malwares/Overflow Exploit • Bypassing Concept • DoD Standards etc BLOWSOME
WHAT ARE THESE WHAT IS HAPPENING EXECUTED APPLICATIONS SYSTEM TRAY?
GOOD THINGS OF TECHNOLOGY FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE DEEP-WEB / REDDITLEAD (SOCIAL NETWORKING) MOBILE FORENSICS IOT / Sync COOKIES INTELLIGENCE
GOOD THINGS OF TECHNOLOGY (Cont) FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE CTI COMMUNITIES OPEN-SOURCE INTELLIGENCE / GIT GOOGLE And The best : Social Engineering
If you search for "how do I delete my web history" , and I find it in your web history, you have failed FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
Don’t believe marketing hype "oh, we spent $$$ in $Vendor product, so we are safe" Any "tool", regardless of the price, is still a "tool" FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
IMAGE FORENSICS FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
SOME BEST TOOLS Commercial/Proprietary • Mobile Forensics : UFED, Oxygen, Santoku • Composite: EnCase, FTK, NUIX, Belkasoft, CyberCheck, Magnet Axiom, OSForensic • Writeblocker/Imager : Tableau, Ad Triage, FTK Imager, Encase Imager, DD Opensource/GPL • Volatility, Nirsoft, GRR, DFF, Autopsy TSK, Regripper, Caine Distro, Wireshark, JTR, Xplico, Networkminer, Splunk, Arsenal image mounter, HashMyFiles, Sysinternal, Mimikatz, Metasploit, Git (Tools) For more list : https://d3pakblog.wordpress.com/2016/12/27/computer-forensic-tools/ Career: https://d3pakblog.wordpress.com/2017/07/16/forensics-as-career/ FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
D3pak@Protonmail.com Resources : www.D3pakblog.wordpress.com FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE PARSING GOING ON QUESTIONS

Recommended

Computer forensics and Investigation
Computer forensics and InvestigationComputer forensics and Investigation
Computer forensics and InvestigationNeha Raju k
 
Cybercrime investigation
Cybercrime investigationCybercrime investigation
Cybercrime investigationProf. (Dr.) Tabrez Ahmad
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1Manu Mathew Cherian
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsyash sawarkar
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeAung Thu Rha Hein
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Computer Forensics ppt
Computer Forensics pptComputer Forensics ppt
Computer Forensics pptOECLIB Odisha Electronics Control Library
 
Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021Amrit Chhetri
 

Recommended

Computer forensics and Investigation
Computer forensics and InvestigationComputer forensics and Investigation
Computer forensics and InvestigationNeha Raju k
 
Cybercrime investigation
Cybercrime investigationCybercrime investigation
Cybercrime investigationProf. (Dr.) Tabrez Ahmad
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1Manu Mathew Cherian
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsyash sawarkar
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeAung Thu Rha Hein
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Computer Forensics ppt
Computer Forensics pptComputer Forensics ppt
Computer Forensics pptOECLIB Odisha Electronics Control Library
 
Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021Amrit Chhetri
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics OverviewYansi Keim
 
Network Forensics Intro
Network Forensics IntroNetwork Forensics Intro
Network Forensics IntroJake K.
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 
Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Sagar Rahurkar
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensicsprimeteacher32
 
E-mail Investigation
E-mail InvestigationE-mail Investigation
E-mail Investigationedwardbel
 
Technical Challenges in Cyber Forensics
Technical Challenges in Cyber ForensicsTechnical Challenges in Cyber Forensics
Technical Challenges in Cyber ForensicsOllie Whitehouse
 
Cyber Security Vulnerabilities
Cyber Security VulnerabilitiesCyber Security Vulnerabilities
Cyber Security VulnerabilitiesSiemplify
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsVikas Jain
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsRamesh Ogania
 
Digital forensic principles and procedure
Digital forensic principles and procedureDigital forensic principles and procedure
Digital forensic principles and procedurenewbie2019
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system gaurav koriya
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber ForensicsKathirvel Ayyaswamy
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
Digital Forensic ppt
Digital Forensic pptDigital Forensic ppt
Digital Forensic pptSuchita Rawat
 
Internet of Things Forensics
Internet of Things ForensicsInternet of Things Forensics
Internet of Things ForensicsAakashjit Bhattacharya
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention systemNikhil Raj
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodologyPiyush Jain
 
Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 
Cyber Forensics
Cyber Forensics Cyber Forensics
Cyber Forensics Deepak Kumar (D3)
 
Cyber Threat Intel : Overview
Cyber Threat Intel : OverviewCyber Threat Intel : Overview
Cyber Threat Intel : OverviewDeepak Kumar (D3)
 

More Related Content

What's hot

Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics OverviewYansi Keim
 
Network Forensics Intro
Network Forensics IntroNetwork Forensics Intro
Network Forensics IntroJake K.
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 
Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Sagar Rahurkar
 
E-mail Investigation
E-mail InvestigationE-mail Investigation
E-mail Investigationedwardbel
 
Technical Challenges in Cyber Forensics
Technical Challenges in Cyber ForensicsTechnical Challenges in Cyber Forensics
Technical Challenges in Cyber ForensicsOllie Whitehouse
 
Cyber Security Vulnerabilities
Cyber Security VulnerabilitiesCyber Security Vulnerabilities
Cyber Security VulnerabilitiesSiemplify
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsVikas Jain
 
Digital forensic principles and procedure
Digital forensic principles and procedureDigital forensic principles and procedure
Digital forensic principles and procedurenewbie2019
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system gaurav koriya
 
Digital Forensic ppt
Digital Forensic pptDigital Forensic ppt
Digital Forensic pptSuchita Rawat
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention systemNikhil Raj
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodologyPiyush Jain
 
Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 

What's hot (20)

Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics Overview
 
Network Forensics Intro
Network Forensics IntroNetwork Forensics Intro
Network Forensics Intro
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptx
 
Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensics
 
E-mail Investigation
E-mail InvestigationE-mail Investigation
E-mail Investigation
 
Technical Challenges in Cyber Forensics
Technical Challenges in Cyber ForensicsTechnical Challenges in Cyber Forensics
Technical Challenges in Cyber Forensics
 
Cyber Security Vulnerabilities
Cyber Security VulnerabilitiesCyber Security Vulnerabilities
Cyber Security Vulnerabilities
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Digital forensic principles and procedure
Digital forensic principles and procedureDigital forensic principles and procedure
Digital forensic principles and procedure
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
 
Digital Forensic ppt
Digital Forensic pptDigital Forensic ppt
Digital Forensic ppt
 
Internet of Things Forensics
Internet of Things ForensicsInternet of Things Forensics
Internet of Things Forensics
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensics
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention system
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodology
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
 

Similar to Cyber Forensics & Challenges

Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsIBM Security
 
50 Shades of RED: Stories from the “Playroom” from CONFidence 2014
50 Shades of RED: Stories from the “Playroom” from CONFidence 201450 Shades of RED: Stories from the “Playroom” from CONFidence 2014
50 Shades of RED: Stories from the “Playroom” from CONFidence 2014Chris Nickerson
 
Cyber_Security_CyberPact.pdf
Cyber_Security_CyberPact.pdfCyber_Security_CyberPact.pdf
Cyber_Security_CyberPact.pdfNaveenKumar470500
 
2015 Cyber Security
2015 Cyber Security2015 Cyber Security
2015 Cyber SecurityAllen Zhang
 
[Webinar] Building a Product Security Incident Response Team: Learnings from ...
[Webinar] Building a Product Security Incident Response Team: Learnings from ...[Webinar] Building a Product Security Incident Response Team: Learnings from ...
[Webinar] Building a Product Security Incident Response Team: Learnings from ...bugcrowd
 
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...Andris Soroka
 
What CISOs should know about SAP security
What CISOs should know about SAP securityWhat CISOs should know about SAP security
What CISOs should know about SAP securityERPScan
 
Securing Your Digital Files from Legal Threats
Securing Your Digital Files from Legal ThreatsSecuring Your Digital Files from Legal Threats
Securing Your Digital Files from Legal ThreatsAbbie Hosta
 
ICT and Cybersecurity for Lawyers August 2021
ICT and Cybersecurity for Lawyers August 2021ICT and Cybersecurity for Lawyers August 2021
ICT and Cybersecurity for Lawyers August 2021Doug Newdick
 
Security as a top of mind issue for mobile application development
Security as a top of mind issue for mobile application developmentSecurity as a top of mind issue for mobile application development
Security as a top of mind issue for mobile application developmentȘtefan Popa
 
Digital Age-Preparing Yourself
Digital Age-Preparing YourselfDigital Age-Preparing Yourself
Digital Age-Preparing Yourselfjkl0202
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionShah Sheikh
 
Proactive Approach to OT incident response - HOUSECCON 2023
Proactive Approach to OT incident response - HOUSECCON 2023Proactive Approach to OT incident response - HOUSECCON 2023
Proactive Approach to OT incident response - HOUSECCON 2023Chris Sistrunk
 
Eliminate cyber-security threats using data analytics – Build a resilient ent...
Eliminate cyber-security threats using data analytics – Build a resilient ent...Eliminate cyber-security threats using data analytics – Build a resilient ent...
Eliminate cyber-security threats using data analytics – Build a resilient ent...Impetus Technologies
 

Similar to Cyber Forensics & Challenges (20)

Cyber Forensics
Cyber Forensics Cyber Forensics
Cyber Forensics
 
Cyber Threat Intel : Overview
Cyber Threat Intel : OverviewCyber Threat Intel : Overview
Cyber Threat Intel : Overview
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
 
Mobile Apps Security
Mobile Apps SecurityMobile Apps Security
Mobile Apps Security
 
50 Shades of RED: Stories from the “Playroom” from CONFidence 2014
50 Shades of RED: Stories from the “Playroom” from CONFidence 201450 Shades of RED: Stories from the “Playroom” from CONFidence 2014
50 Shades of RED: Stories from the “Playroom” from CONFidence 2014
 
Cyber_Security_CyberPact.pdf
Cyber_Security_CyberPact.pdfCyber_Security_CyberPact.pdf
Cyber_Security_CyberPact.pdf
 
Cyber_Security_CyberPact.pdf
Cyber_Security_CyberPact.pdfCyber_Security_CyberPact.pdf
Cyber_Security_CyberPact.pdf
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat Intelligence
 
2015 Cyber Security
2015 Cyber Security2015 Cyber Security
2015 Cyber Security
 
[Webinar] Building a Product Security Incident Response Team: Learnings from ...
[Webinar] Building a Product Security Incident Response Team: Learnings from ...[Webinar] Building a Product Security Incident Response Team: Learnings from ...
[Webinar] Building a Product Security Incident Response Team: Learnings from ...
 
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
 
What CISOs should know about SAP security
What CISOs should know about SAP securityWhat CISOs should know about SAP security
What CISOs should know about SAP security
 
Securing Your Digital Files from Legal Threats
Securing Your Digital Files from Legal ThreatsSecuring Your Digital Files from Legal Threats
Securing Your Digital Files from Legal Threats
 
BREACHED: Data Centric Security for SAP
BREACHED: Data Centric Security for SAPBREACHED: Data Centric Security for SAP
BREACHED: Data Centric Security for SAP
 
ICT and Cybersecurity for Lawyers August 2021
ICT and Cybersecurity for Lawyers August 2021ICT and Cybersecurity for Lawyers August 2021
ICT and Cybersecurity for Lawyers August 2021
 
Security as a top of mind issue for mobile application development
Security as a top of mind issue for mobile application developmentSecurity as a top of mind issue for mobile application development
Security as a top of mind issue for mobile application development
 
Digital Age-Preparing Yourself
Digital Age-Preparing YourselfDigital Age-Preparing Yourself
Digital Age-Preparing Yourself
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
 
Proactive Approach to OT incident response - HOUSECCON 2023
Proactive Approach to OT incident response - HOUSECCON 2023Proactive Approach to OT incident response - HOUSECCON 2023
Proactive Approach to OT incident response - HOUSECCON 2023
 
Eliminate cyber-security threats using data analytics – Build a resilient ent...
Eliminate cyber-security threats using data analytics – Build a resilient ent...Eliminate cyber-security threats using data analytics – Build a resilient ent...
Eliminate cyber-security threats using data analytics – Build a resilient ent...
 

More from Deepak Kumar (D3)

Cyber Security India & Cyber Crime
Cyber Security India & Cyber CrimeCyber Security India & Cyber Crime
Cyber Security India & Cyber CrimeDeepak Kumar (D3)
 
How to social/official network
How to social/official networkHow to social/official network
How to social/official networkDeepak Kumar (D3)
 

More from Deepak Kumar (D3) (20)

Dark Web Forensics
Dark Web Forensics Dark Web Forensics
Dark Web Forensics
 
Cyber of things 2.0
Cyber of things 2.0Cyber of things 2.0
Cyber of things 2.0
 
THINK
THINKTHINK
THINK
 
Cyber Security Tips
Cyber Security TipsCyber Security Tips
Cyber Security Tips
 
CISSP INFORGRAPH MINDMAP
CISSP INFORGRAPH MINDMAPCISSP INFORGRAPH MINDMAP
CISSP INFORGRAPH MINDMAP
 
Cyber Crime Types & Tips
Cyber Crime Types & TipsCyber Crime Types & Tips
Cyber Crime Types & Tips
 
Cyber Security India & Cyber Crime
Cyber Security India & Cyber CrimeCyber Security India & Cyber Crime
Cyber Security India & Cyber Crime
 
21st Century Cyber Forensics
21st Century Cyber Forensics21st Century Cyber Forensics
21st Century Cyber Forensics
 
Phishing
PhishingPhishing
Phishing
 
IoT
IoTIoT
IoT
 
C3 Cyber
C3 CyberC3 Cyber
C3 Cyber
 
Bitcoin
BitcoinBitcoin
Bitcoin
 
Ransomware
Ransomware Ransomware
Ransomware
 
Success Mantra
Success MantraSuccess Mantra
Success Mantra
 
Facebook Security Tips
Facebook Security TipsFacebook Security Tips
Facebook Security Tips
 
DDOS
DDOS DDOS
DDOS
 
Registry Registrar Registrant
Registry Registrar RegistrantRegistry Registrar Registrant
Registry Registrar Registrant
 
Whatsapp
WhatsappWhatsapp
Whatsapp
 
How to social/official network
How to social/official networkHow to social/official network
How to social/official network
 
Sexting
SextingSexting
Sexting
 

Recently uploaded

microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 

Recently uploaded (20)

microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 

Cyber Forensics & Challenges

  • 1. DISCLAIMER The issues addressed in this presentation may be controversial. This is for educational and awareness purposes only. Do not attempt to violate the law with anything contained here. Neither the author of this material, nor anyone else affiliated in any way, is liable for your actions. Some information from the internet and some of personal experience; doesn’t want to hurt anybody, and please give Feedback  D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE FORENSICS CHALLENGES
  • 2. AGENDA FORENSIC GUIDELINES CHAIN OF CUSTODY FORENSICS CHALLENGES ANTI-FORENSICS WHAT IS FORENSICS STEPS OF FORENSICS TOOLS & QUESTIONS DIGITAL FORENSICS TRENDS GOOD THINGS IN FORENSICS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE FORENSICS CHALLENGES
  • 3. SO WHAT IS 4N6 ? IF THE COMPANY HACKED WHAT'S YOUR FIRST REACTION ?
  • 4. YOU MEAN • Almost Just Doing Data Extraction & Reporting • Working On Tools • Good In Malware Analysis • Data Recovery From Storage Media • Running Certain Script Programming • Rooting / Jailbreak Mobile Phones • …. FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
  • 5. FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
  • 6. Science for the examination and analysis of digital trace evidence.
  • 7. FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
  • 8. DIGITAL FORENSICS STANDARDS & GUIDELINES • NIST: National Institute of Standard Technology (CFTT, NSRL, CFReDS) • NIJ: National Institute of Justice (Several Standards, National Criminal Justice Reference Service) • IOCE: International Organization on Computer Evidence • ASCLD/LAB: American Society of Crime Laboratory Directors/Laboratory Accreditation Board • ASTM: E2678 standard; Guide for Education & Training • ISO SC 27 CS1: 17025 General requirements for the competence of testing and calibration laboratories • AES: Audio Engineering Society (Authentication of Analog tape) • SWGDE & SWGIT: Scientific Working Group on Digital Evidence & Scientific Working Group on Imaging Technology • ACPO: Association of Chief Police Officers • DSCI Manual India (Not specific standards but Manual) FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
  • 9. FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE CHAIN OF CUSTODY Lack of integrity in the process of custody and, absence of appropriate documentation in this regard, will not only be detrimental to the cyber crime investigation, during trial but also, expose the IOs to criminal liability under Section 72 of the ITAA2008
  • 10. STANDARDS + TOOLS + _______ = FORENSICS
  • 11. FORENSIC CHALLENGES FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
  • 12. WHICH CYBER SECURITY THREAT ARE YOU "MOST" CONCERNED ABOUT? • Social Engineering • Malware • Data Breach • Insiders • Ddos • Noobs • Welcome ______To Add Your Option FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
  • 13. BIGGEST CHALLENGES IN DIGI FORENSICS • Encryption • Cloud Forensics • Triage • Legal Challenges • Growth In Digital Crimes • Lack Of Resource • Cross-border Cooperation • Latest Emerging Technologies • Lack Of Intelligence • New Application Artifacts • SSD Forensics • Fileless Malware APT FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
  • 14. ANTI-FORENSICS AWESOME FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE • Basic Tactics • Data Hidings/ Steg • Deleting Data • Cracked Craps VPN Proxy • Shells (SIEM web logs) • Renaming Datafile • Changing Attributes etc • Misinformation / Honeypot • Tail, ToR • Live OS • Hacked WiFi • Fileless Malwares/Overflow Exploit • Bypassing Concept • DoD Standards etc BLOWSOME
  • 15. WHAT ARE THESE WHAT IS HAPPENING EXECUTED APPLICATIONS SYSTEM TRAY?
  • 16. GOOD THINGS OF TECHNOLOGY FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE DEEP-WEB / REDDITLEAD (SOCIAL NETWORKING) MOBILE FORENSICS IOT / Sync COOKIES INTELLIGENCE
  • 17. GOOD THINGS OF TECHNOLOGY (Cont) FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE CTI COMMUNITIES OPEN-SOURCE INTELLIGENCE / GIT GOOGLE And The best : Social Engineering
  • 18. If you search for "how do I delete my web history" , and I find it in your web history, you have failed FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
  • 19. FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
  • 20. Don’t believe marketing hype "oh, we spent $$$ in $Vendor product, so we are safe" Any "tool", regardless of the price, is still a "tool" FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
  • 21. IMAGE FORENSICS FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
  • 22. SOME BEST TOOLS Commercial/Proprietary • Mobile Forensics : UFED, Oxygen, Santoku • Composite: EnCase, FTK, NUIX, Belkasoft, CyberCheck, Magnet Axiom, OSForensic • Writeblocker/Imager : Tableau, Ad Triage, FTK Imager, Encase Imager, DD Opensource/GPL • Volatility, Nirsoft, GRR, DFF, Autopsy TSK, Regripper, Caine Distro, Wireshark, JTR, Xplico, Networkminer, Splunk, Arsenal image mounter, HashMyFiles, Sysinternal, Mimikatz, Metasploit, Git (Tools) For more list : https://d3pakblog.wordpress.com/2016/12/27/computer-forensic-tools/ Career: https://d3pakblog.wordpress.com/2017/07/16/forensics-as-career/ FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
  • 23. D3pak@Protonmail.com Resources : www.D3pakblog.wordpress.com FORENSICS CHALLENGES D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE PARSING GOING ON QUESTIONS