Uploaded bynewbie2019
PDF, PPTX2,282 views

Digital forensic principles and procedure

This document provides an overview of digital forensics principles and procedures. It discusses key guidelines for digital forensic investigations from organizations like ACPO and NIJ. The core principles of digital forensics are outlined, including that investigators should not alter original data and must have the skills to explain their examination process. The document also categorizes different types of digital forensics like computer, mobile, and audio/video forensics. The typical processes in a digital investigation are identified as identification, preservation, analysis, documentation, and presentation. Evidence can come from various electronic sources like computers, phones, and storage devices.

Embed presentation

Download as PDF, PPTX
DIGITAL FORENSICS : PRINCIPLES AND PROCEDURES S1 Teknologi Informasi UNIVERSITAS TEKNOKRAT INDONESIA Maret 2022 Bandarlampung By : Jupriyadi
OUTLINE Reference in acting correctly and procedurally in carrying out investigation of computer crime 01 03 Basic Principles of Digital Forensic 02 04 Digital Forensics Classification Skill Required and Challenges Faced By Digital Forensic
Reference in acting correctly and procedurally in carrying out investigation of computer crime
Digital Forensic Investigation Guidelines  Good Practice Guide for Computer-Based Electronic Evidence -> ACPO (Association of Chief Police Officers)  Forensic Examination of Digital Evidence: Guide for Law Enforcement -> National Institute of Justice  Electronic Crime Scene Investigation: A Guide for First Responders -> National Institute of Justice  Global Guidelines For Digital Forensics Laboratories -> Interpol  .....
Basic Principles of Digital Forensic (ACPO, p4) 1. No action taken by law enforcement agencies or their agents should change data held on a computer or storage media which may subsequently be relied upon in court. 2. In circumstances where a person finds it necessary to access original data held on a computer or on storage media, that person must be competent to do so and be able to give evidence explaining the relevance and the implications of their actions. 3. An audit trail or other record of all processes applied to computer-based electronic evidence should be created and preserved. An independent third party should be able to examine those processes and achieve the same result. 4. The person in charge of the investigation (the case officer) has overall responsibility for ensuring that the law and these principles are adhered to.
Digital Forensics Classification • Computer Forensics • Mobile Forensics • Audio Forensics • Video Forensics • Image Forensics • Cyber Forensics Source : Muhammad Nuh Al Azhar Digital Forensic : Practical Guidelines for Computer Investigation Other : • Network Forensics • Database Forensics • Wireless Forensics • Malware Forensics • Mobile Phone Forensics • Memory Forensics
Digital Forensic Processes
Broad Process Steps : 1. Identification 2. Preservation 3. Analysis 4. Documentation 5. Presentation
IDENTIFICATION  The first step in the forensic process: What evidence is present Where it is stored and How it is stored  Electronic stores can be: Person computers Mobile phones PDAs Smart cards  Key parameters in identification Type of information Format
PRESERVATION  Isolate, secure and preserve the state of physical and digital evidence  This includes preventing people from using the digital device or allowing other electromagnetic devices to be used within an affected radius
ANALYSIS  Determine significance, reconstruct fragments of data and draw conclusions based on evicence found  It may take several iterations of examination and analysis to support a crime theory
DOCUMENTATION  A record of all visible data must be created, which helps in recreating the scene and reviewing it any time  Involves proper documentation of the crime scene along with photographing, sketching and crime-scene mapping
PRESENTATION  Summarize and provide explanation of conclusions  This should be written in a layperson’s terms using abstracted terminologies  All abstracted terminologies should reference the specific details
 7) Router, switch, hub  8) Kamera video, cctv  9) Kamera digital  10) Digital recorder  11) Music/video player, dan lain-lain ELECTRONIC EVIDENCE 1) Komputer PC, laptop/notebook, netbook, tablet 2) Handphone, smartphone 3) Flashdisk/thumb drive 4) Floppydisk 5) Harddisk 6) CD/DVD 7) Router, switch, hub 8) Kamera video, cctv 9) Kamera digital 10) Digital recorder 11) Music/video player, etc....
 7) Router, switch, hub  8) Kamera video, cctv  9) Kamera digital  10) Digital recorder  11) Music/video player, dan lain-lain DIGITAL EVIDENCE  Logical file  Deleted file  Lost fil  File slack  Log file  Encrypted file  Steganography file  Office file  Audio file  Video file  Image file  Email  SMS (Short Message Service)  MMS (Multimedia Message Service)  Call logs  Etc...
TERIMAKASIH

More Related Content

PDF
Digital Forensic: Brief Intro & Research Challenge
byAung Thu Rha Hein
 
PDF
05 Duplication and Preservation of Digital evidence - Notes
byKranthi
 
PPT
Introduction to computer forensic
byOnline
 
PPTX
Digital forensic tools
byParsons Corporation
 
PDF
06 Computer Image Verification and Authentication - Notes
byKranthi
 
PDF
Cyber Forensics Module 2
byManu Mathew Cherian
 
PPT
Cyber forensic standard operating procedures
bySoumen Debgupta
 
PDF
Network Forensic
bySujeet Kumar
 
Digital Forensic: Brief Intro & Research Challenge
byAung Thu Rha Hein
 
05 Duplication and Preservation of Digital evidence - Notes
byKranthi
 
Introduction to computer forensic
byOnline
 
Digital forensic tools
byParsons Corporation
 
06 Computer Image Verification and Authentication - Notes
byKranthi
 
Cyber Forensics Module 2
byManu Mathew Cherian
 
Cyber forensic standard operating procedures
bySoumen Debgupta
 
Network Forensic
bySujeet Kumar
 

What's hot

PPT
Digital Forensic
byCleverence Kombe
 
PPTX
Mobile Forensics
byabdullah roomi
 
PPTX
Digital forensics
byvishnuv43
 
PPTX
mobile forensic.pptx
byAmbuj Kumar
 
PPTX
Mobile Forensics
byprimeteacher32
 
PPTX
Digital Forensic ppt
bySuchita Rawat
 
PPT
Digital Evidence - the defence, prosecution, & the court
byCell Site Analysis (CSA)
 
PPTX
Computer forensics toolkit
byMilap Oza
 
PPTX
Analysis of digital evidence
byrakesh mishra
 
PPTX
Digital Evidence by Raghu Khimani
byDr Raghu Khimani
 
PPTX
Cybercrime investigation
byProf. (Dr.) Tabrez Ahmad
 
PDF
Incident response methodology
byPiyush Jain
 
PDF
Digital Evidence in Computer Forensic Investigations
byFilip Maertens
 
PPTX
Computer forensic ppt
byPriya Manik
 
PDF
Search & Seizure of Electronic Evidence by Pelorus Technologies
byurjarathi
 
PDF
Email Forensics
byGol D Roger
 
PPTX
Mobile forensic
byDINESH KAMBLE
 
PPTX
Digital Forensics
byMithileysh Sathiyanarayanan
 
PDF
Forensic/Investigation report writing techniques
byGodwin Emmanuel Oyedokun MBA MSc PhD FCA FCTI FCNA CFE FFAR
 
PPT
Data recovery
byMir Majid
 
Digital Forensic
byCleverence Kombe
 
Mobile Forensics
byabdullah roomi
 
Digital forensics
byvishnuv43
 
mobile forensic.pptx
byAmbuj Kumar
 
Mobile Forensics
byprimeteacher32
 
Digital Forensic ppt
bySuchita Rawat
 
Digital Evidence - the defence, prosecution, & the court
byCell Site Analysis (CSA)
 
Computer forensics toolkit
byMilap Oza
 
Analysis of digital evidence
byrakesh mishra
 
Digital Evidence by Raghu Khimani
byDr Raghu Khimani
 
Cybercrime investigation
byProf. (Dr.) Tabrez Ahmad
 
Incident response methodology
byPiyush Jain
 
Digital Evidence in Computer Forensic Investigations
byFilip Maertens
 
Computer forensic ppt
byPriya Manik
 
Search & Seizure of Electronic Evidence by Pelorus Technologies
byurjarathi
 
Email Forensics
byGol D Roger
 
Mobile forensic
byDINESH KAMBLE
 
Digital Forensics
byMithileysh Sathiyanarayanan
 
Forensic/Investigation report writing techniques
byGodwin Emmanuel Oyedokun MBA MSc PhD FCA FCTI FCNA CFE FFAR
 
Data recovery
byMir Majid
 

Similar to Digital forensic principles and procedure

PDF
Fundamental digital forensik
bynewbie2019
 
PPT
Lecture2 Introduction to Digital Forensics.ppt
bySurajgroupsvideo
 
PPTX
3170725_Unit-1.pptx
byYashPatel132112
 
PPTX
Cyber crime - and digital device.pptx
byAlAsad4
 
PDF
Digital forensic
byChandan Sah
 
DOCX
Digital forensics Steps
bygamemaker762
 
DOCX
What is Digital Forensics.docx
byAliAshraf68199
 
PPTX
ppt for Module 5 cybersecuirty_023501.pptx
byMayuraD1
 
PPTX
unit 5 understanding computer forensics.pptx
byDimple Relekar
 
PPTX
Cyber forensic investigation & Analysis
byAnshul Tayal
 
PPTX
Best Cyber Crime Investigation Service Provider | Fornsec Solutions
byFORnSECSolutions
 
PPTX
Unit 4 -Digital Forensic Chapter for MSBTE engineering students
bygboy4529248
 
PPTX
Network and computer forensics
byJohnson Ubah
 
PPTX
3170725_Unit-1.pptx
byBhagyasriPatel2
 
PDF
digital forensics-9 of cyber security.pdf
byAdyakantaSahoo
 
PPTX
cujgh fhgtfh frtrtfh fghfh xtyh hapter-3.pptx
byShubhangi Kirange
 
PPTX
digitalforensicpptlatest28-230522192202-1d9b832e (1).pptx
byMoshoodKareemOlawale
 
PPTX
Cyber forensics 02 mit-2014
byMuzzammil Wani
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
byImranKhan423233
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
byImranKhan423233
 
Fundamental digital forensik
bynewbie2019
 
Lecture2 Introduction to Digital Forensics.ppt
bySurajgroupsvideo
 
3170725_Unit-1.pptx
byYashPatel132112
 
Cyber crime - and digital device.pptx
byAlAsad4
 
Digital forensic
byChandan Sah
 
Digital forensics Steps
bygamemaker762
 
What is Digital Forensics.docx
byAliAshraf68199
 
ppt for Module 5 cybersecuirty_023501.pptx
byMayuraD1
 
unit 5 understanding computer forensics.pptx
byDimple Relekar
 
Cyber forensic investigation & Analysis
byAnshul Tayal
 
Best Cyber Crime Investigation Service Provider | Fornsec Solutions
byFORnSECSolutions
 
Unit 4 -Digital Forensic Chapter for MSBTE engineering students
bygboy4529248
 
Network and computer forensics
byJohnson Ubah
 
3170725_Unit-1.pptx
byBhagyasriPatel2
 
digital forensics-9 of cyber security.pdf
byAdyakantaSahoo
 
cujgh fhgtfh frtrtfh fghfh xtyh hapter-3.pptx
byShubhangi Kirange
 
digitalforensicpptlatest28-230522192202-1d9b832e (1).pptx
byMoshoodKareemOlawale
 
Cyber forensics 02 mit-2014
byMuzzammil Wani
 
Understanding_Digital_Forensics_Presentation.pptx
byImranKhan423233
 
Understanding_Digital_Forensics_Presentation.pptx
byImranKhan423233
 

More from newbie2019

PDF
Chapter 12 iso 27001 awareness
bynewbie2019
 
PDF
Vulnerability threat and attack
bynewbie2019
 
PDF
Chapter 4 vulnerability threat and attack
bynewbie2019
 
PDF
Pendahuluan it forensik
bynewbie2019
 
PDF
Nist.sp.800 37r2
bynewbie2019
 
PDF
Chapter 6 information hiding (steganography)
bynewbie2019
 
PDF
Chapter 15 incident handling
bynewbie2019
 
PDF
Fundamentals of information systems security ( pdf drive ) chapter 1
bynewbie2019
 
PDF
C02
bynewbie2019
 
PDF
NIST Framework for Information System
bynewbie2019
 
PDF
Pertemuan 7 cryptography
bynewbie2019
 
PDF
Chapter 10 security standart
bynewbie2019
 
PDF
CCNA RSE Routing concept
bynewbie2019
 
PDF
Chapter 3 security principals
bynewbie2019
 
PDF
Chapter 2 konsep dasar keamanan
bynewbie2019
 
PDF
Chapter 8 cryptography lanjutan
bynewbie2019
 
PDF
Chapter 14 sql injection
bynewbie2019
 
PDF
Chapter 13 web security
bynewbie2019
 
PDF
Chapter 1 introduction
bynewbie2019
 
PPT
Chapter 1 introduction
bynewbie2019
 
Chapter 12 iso 27001 awareness
bynewbie2019
 
Vulnerability threat and attack
bynewbie2019
 
Chapter 4 vulnerability threat and attack
bynewbie2019
 
Pendahuluan it forensik
bynewbie2019
 
Nist.sp.800 37r2
bynewbie2019
 
Chapter 6 information hiding (steganography)
bynewbie2019
 
Chapter 15 incident handling
bynewbie2019
 
Fundamentals of information systems security ( pdf drive ) chapter 1
bynewbie2019
 
C02
bynewbie2019
 
NIST Framework for Information System
bynewbie2019
 
Pertemuan 7 cryptography
bynewbie2019
 
Chapter 10 security standart
bynewbie2019
 
CCNA RSE Routing concept
bynewbie2019
 
Chapter 3 security principals
bynewbie2019
 
Chapter 2 konsep dasar keamanan
bynewbie2019
 
Chapter 8 cryptography lanjutan
bynewbie2019
 
Chapter 14 sql injection
bynewbie2019
 
Chapter 13 web security
bynewbie2019
 
Chapter 1 introduction
bynewbie2019
 
Chapter 1 introduction
bynewbie2019
 

Recently uploaded

PPTX
CHAPTER NO. 05 BIOLOGICAL SOURCE,CHEMICAL CONSTITUENTS AND THERAPEUTIC EFFICA...
byGanu Gavade
 
PPTX
3. Off-season and protected cultivation of vegetable crops.pptx
byUmeshTimilsina1
 
PPTX
L5 DRG Pulsed Radiofrequency ablation.pptx
bySandeep Margan
 
PPTX
GEL ELECTROPHORESIS by Avi
byAVIJIT SARKAR
 
PPT
Clotting time - Practical - Hematology Physiology
bykishorkumar396
 
PPTX
Haemolytic_Anaemia_UG_MBBS_Haemolysis_haemolysis
byDibyajyoti Prusty
 
PPTX
What are the Custom lot_serial number in Odoo 19
byCeline George
 
PDF
Teaching and Learning (BD1TL) - B.Ed TNTEU
byDr Raja Mohammed T
 
PPTX
4. Nursery raising of vegetable crops.pptx
byUmeshTimilsina1
 
PPTX
Aplastic_Anaemia_PA17.1_Presentation.pptx
byDibyajyoti Prusty
 
PDF
Renewable Energy Resources Unit 2 Easy notes (EduShine Classes).pdf
byaaquib913
 
PDF
W.B. Yeats: The Visionary & The Observer A Comprehensive Study of 'The Second...
bykrutivyas2005
 
PPT
Blood Grouping.ppt - Hematology -Physiology
bykishorkumar396
 
PDF
India Cybercrime Threats & Response 2025: Digital Arrests, 1930 Helpline & Ze...
bySanjay Rathod
 
PPTX
1. Importance, scope and constraints of vegetable and spice crop production i...
byUmeshTimilsina1
 
PPTX
Details Study of Joints (articulation).pptx
byAshish Umale
 
PPTX
Introduction to Mendelian inheritance.pptx
bypramodphirke1
 
PPTX
Cultivation practice of Root vegetables.pptx
byUmeshTimilsina1
 
PPTX
Cultivation Practice of Major Cole crops in Nepal.pptx
byUmeshTimilsina1
 
PPTX
Cultivation practice of Cucumber, Pumpkin and summer squash in Nepal.pptx
byUmeshTimilsina1
 
CHAPTER NO. 05 BIOLOGICAL SOURCE,CHEMICAL CONSTITUENTS AND THERAPEUTIC EFFICA...
byGanu Gavade
 
3. Off-season and protected cultivation of vegetable crops.pptx
byUmeshTimilsina1
 
L5 DRG Pulsed Radiofrequency ablation.pptx
bySandeep Margan
 
GEL ELECTROPHORESIS by Avi
byAVIJIT SARKAR
 
Clotting time - Practical - Hematology Physiology
bykishorkumar396
 
Haemolytic_Anaemia_UG_MBBS_Haemolysis_haemolysis
byDibyajyoti Prusty
 
What are the Custom lot_serial number in Odoo 19
byCeline George
 
Teaching and Learning (BD1TL) - B.Ed TNTEU
byDr Raja Mohammed T
 
4. Nursery raising of vegetable crops.pptx
byUmeshTimilsina1
 
Aplastic_Anaemia_PA17.1_Presentation.pptx
byDibyajyoti Prusty
 
Renewable Energy Resources Unit 2 Easy notes (EduShine Classes).pdf
byaaquib913
 
W.B. Yeats: The Visionary & The Observer A Comprehensive Study of 'The Second...
bykrutivyas2005
 
Blood Grouping.ppt - Hematology -Physiology
bykishorkumar396
 
India Cybercrime Threats & Response 2025: Digital Arrests, 1930 Helpline & Ze...
bySanjay Rathod
 
1. Importance, scope and constraints of vegetable and spice crop production i...
byUmeshTimilsina1
 
Details Study of Joints (articulation).pptx
byAshish Umale
 
Introduction to Mendelian inheritance.pptx
bypramodphirke1
 
Cultivation practice of Root vegetables.pptx
byUmeshTimilsina1
 
Cultivation Practice of Major Cole crops in Nepal.pptx
byUmeshTimilsina1
 
Cultivation practice of Cucumber, Pumpkin and summer squash in Nepal.pptx
byUmeshTimilsina1
 

Digital forensic principles and procedure

  • 1.
    DIGITAL FORENSICS : PRINCIPLESAND PROCEDURES S1 Teknologi Informasi UNIVERSITAS TEKNOKRAT INDONESIA Maret 2022 Bandarlampung By : Jupriyadi
  • 2.
    OUTLINE Reference in actingcorrectly and procedurally in carrying out investigation of computer crime 01 03 Basic Principles of Digital Forensic 02 04 Digital Forensics Classification Skill Required and Challenges Faced By Digital Forensic
  • 3.
    Reference in actingcorrectly and procedurally in carrying out investigation of computer crime
  • 4.
    Digital Forensic InvestigationGuidelines  Good Practice Guide for Computer-Based Electronic Evidence -> ACPO (Association of Chief Police Officers)  Forensic Examination of Digital Evidence: Guide for Law Enforcement -> National Institute of Justice  Electronic Crime Scene Investigation: A Guide for First Responders -> National Institute of Justice  Global Guidelines For Digital Forensics Laboratories -> Interpol  .....
  • 5.
    Basic Principles ofDigital Forensic (ACPO, p4) 1. No action taken by law enforcement agencies or their agents should change data held on a computer or storage media which may subsequently be relied upon in court. 2. In circumstances where a person finds it necessary to access original data held on a computer or on storage media, that person must be competent to do so and be able to give evidence explaining the relevance and the implications of their actions. 3. An audit trail or other record of all processes applied to computer-based electronic evidence should be created and preserved. An independent third party should be able to examine those processes and achieve the same result. 4. The person in charge of the investigation (the case officer) has overall responsibility for ensuring that the law and these principles are adhered to.
  • 6.
    Digital Forensics Classification •Computer Forensics • Mobile Forensics • Audio Forensics • Video Forensics • Image Forensics • Cyber Forensics Source : Muhammad Nuh Al Azhar Digital Forensic : Practical Guidelines for Computer Investigation Other : • Network Forensics • Database Forensics • Wireless Forensics • Malware Forensics • Mobile Phone Forensics • Memory Forensics
  • 7.
  • 8.
    Broad Process Steps: 1. Identification 2. Preservation 3. Analysis 4. Documentation 5. Presentation
  • 9.
    IDENTIFICATION  The firststep in the forensic process: What evidence is present Where it is stored and How it is stored  Electronic stores can be: Person computers Mobile phones PDAs Smart cards  Key parameters in identification Type of information Format
  • 10.
    PRESERVATION  Isolate, secureand preserve the state of physical and digital evidence  This includes preventing people from using the digital device or allowing other electromagnetic devices to be used within an affected radius
  • 11.
    ANALYSIS  Determine significance,reconstruct fragments of data and draw conclusions based on evicence found  It may take several iterations of examination and analysis to support a crime theory
  • 12.
    DOCUMENTATION  A recordof all visible data must be created, which helps in recreating the scene and reviewing it any time  Involves proper documentation of the crime scene along with photographing, sketching and crime-scene mapping
  • 13.
    PRESENTATION  Summarize andprovide explanation of conclusions  This should be written in a layperson’s terms using abstracted terminologies  All abstracted terminologies should reference the specific details
  • 14.
     7) Router,switch, hub  8) Kamera video, cctv  9) Kamera digital  10) Digital recorder  11) Music/video player, dan lain-lain ELECTRONIC EVIDENCE 1) Komputer PC, laptop/notebook, netbook, tablet 2) Handphone, smartphone 3) Flashdisk/thumb drive 4) Floppydisk 5) Harddisk 6) CD/DVD 7) Router, switch, hub 8) Kamera video, cctv 9) Kamera digital 10) Digital recorder 11) Music/video player, etc....
  • 15.
     7) Router,switch, hub  8) Kamera video, cctv  9) Kamera digital  10) Digital recorder  11) Music/video player, dan lain-lain DIGITAL EVIDENCE  Logical file  Deleted file  Lost fil  File slack  Log file  Encrypted file  Steganography file  Office file  Audio file  Video file  Image file  Email  SMS (Short Message Service)  MMS (Multimedia Message Service)  Call logs  Etc...
  • 16.