Digital forensics is the application of science to solve legal problems involving digital evidence. It has emerged since the 1980s as computer crimes have grown. There are challenges to reliability such as standards, controls, and new technologies like cloud and solid state drives. Case studies demonstrate how digital evidence can solve old cases, as with the BTK killer through metadata on a word document. The field faces ongoing challenges but continued research supports its validity in courts of law.
Computer forensics is a very important branch of computer science in relation to computer and Internet related crimes. Earlier, computers were only used to produce data but now it has expanded to all devices related to digital data. The goal of Computer forensics is to perform crime investigations by using evidence from digital data to find who was the responsible for that particular crime.
For better research and investigation, developers have created many computer forensics tools. Police departments and investigation agencies select the tools based on various factors including budget and available experts on the team.
Digital forensics is the scientific examination and analysis of data held on or retrieved from, computer storage media in such a way that the information can be used as evidence in a court of law.
Computer forensics is a very important branch of computer science in relation to computer and Internet related crimes. Earlier, computers were only used to produce data but now it has expanded to all devices related to digital data. The goal of Computer forensics is to perform crime investigations by using evidence from digital data to find who was the responsible for that particular crime.
For better research and investigation, developers have created many computer forensics tools. Police departments and investigation agencies select the tools based on various factors including budget and available experts on the team.
Digital forensics is the scientific examination and analysis of data held on or retrieved from, computer storage media in such a way that the information can be used as evidence in a court of law.
This is a draft presentation of the 2nd video of the course "Digital forensics with Kali Linux" published by Packt Publishing in May 2017: https://www.packtpub.com/networking-and-servers/digital-forensics-kali-linux
In this presentation, we introduce digital forensics and cover the fundamental concepts that should be learned to fully understand the hands-on part of the course. The first part of the video gives a definition of what digital forensics is, explains which application areas it has and the various sub-branches in which is divided.
The second part covers the different steps of digital forensics: assessment, acquisition, analysis and reporting.
Next, the video explains important concepts like Locard’s principle, order of volatility and chain of custody.
Finally, there is a comparison between commercial and open source tools.
Ultimately, in a forensic examination, we are investigating the action of a Person
Almost every event or action on a system is the result of a user either doing something
Many events change the state of the Operating System (OS)
OS Forensics helps understand how system changes correlate to events resulting from the action of somebody in the real world
The presentation is all about computer forensics. the process , the tools and its features and some example scenarios.. It will give you a great insight into the computer forensics
Types of Computer Forensics Technology, Types of Military Computer Forensic Technology, Types of Law Enforcement, Computer Forensic Technology, Types of Business Computer Forensic Technology, Specialized Forensics Techniques, Hidden Data and How to Find It, Spyware and Adware, Encryption Methods and Vulnerabilities, Protecting Data from Being Compromised Internet Tracing Methods, Security and Wireless Technologies, Avoiding Pitfalls with Firewalls Biometric Security Systems
Introduction to Cyber forensics: Information Security Investigations, Corporate Cyber Forensics, Scientific method in forensic analysis, investigating large scale Data breach cases.
Analyzing Malicious software.
Digital Forensics is the use of scientifically derived and proven methods toward the preservation, collection, validation, identification, analysis, interpretation, documentation, and presentation of digital evidence derived from digital devices.
This is a draft presentation of the 2nd video of the course "Digital forensics with Kali Linux" published by Packt Publishing in May 2017: https://www.packtpub.com/networking-and-servers/digital-forensics-kali-linux
In this presentation, we introduce digital forensics and cover the fundamental concepts that should be learned to fully understand the hands-on part of the course. The first part of the video gives a definition of what digital forensics is, explains which application areas it has and the various sub-branches in which is divided.
The second part covers the different steps of digital forensics: assessment, acquisition, analysis and reporting.
Next, the video explains important concepts like Locard’s principle, order of volatility and chain of custody.
Finally, there is a comparison between commercial and open source tools.
Ultimately, in a forensic examination, we are investigating the action of a Person
Almost every event or action on a system is the result of a user either doing something
Many events change the state of the Operating System (OS)
OS Forensics helps understand how system changes correlate to events resulting from the action of somebody in the real world
The presentation is all about computer forensics. the process , the tools and its features and some example scenarios.. It will give you a great insight into the computer forensics
Types of Computer Forensics Technology, Types of Military Computer Forensic Technology, Types of Law Enforcement, Computer Forensic Technology, Types of Business Computer Forensic Technology, Specialized Forensics Techniques, Hidden Data and How to Find It, Spyware and Adware, Encryption Methods and Vulnerabilities, Protecting Data from Being Compromised Internet Tracing Methods, Security and Wireless Technologies, Avoiding Pitfalls with Firewalls Biometric Security Systems
Introduction to Cyber forensics: Information Security Investigations, Corporate Cyber Forensics, Scientific method in forensic analysis, investigating large scale Data breach cases.
Analyzing Malicious software.
Digital Forensics is the use of scientifically derived and proven methods toward the preservation, collection, validation, identification, analysis, interpretation, documentation, and presentation of digital evidence derived from digital devices.
Cloud Breach - Forensics Audit Planning
The goal of this presentation is to assist IT Risk and Security professionals with adding Cloud computing forensics to their Incident Response team.
It should assist them with understanding the technical ways of capturing forensic data from cloud service providers using security controls that incorporate and integrate logging, chain of evidence, virtualization and cloud security architecture
A 1-day short course developed for visiting guests from Tecsup on network forensics, prepared in a day : ]
The requirements/constraints were 5-7 hours of content and that the target audience had very little forensic or networking knowledge. [For that reason, flow analysis was not included as an exercise, discussion of network monitoring solutions was limited, and the focus was on end-node forensics, not networking devices/appliances themselves]
Presentazione per il corso di Reti di Calcolatori all'Università Ca' Foscari di Venezia, anno accademico 2012-2013.
Il link nell'ultima slide è stato disattivato, quello corretto per la relazione in PDF è:
https://www.dropbox.com/s/w78uwpsm7xm1yr1/RelazioneNetworkForensics.pdf
Think network forensics is just for security? Not with today’s 10G (and tomorrow’s 40G/100G) traffic, not to mention new 802.11ac wireless networks with multi-gigabit data rates. Data is traversing these networks so quickly that detailed, real-time analysis is at best a challenge. Network forensics provides key real-time statistics while saving a complete, packet-level recording of all network activity. You don’t need to worry about capturing the problem – your network forensics solution already has, allowing you to go back in time and analyze any network, application, or security condition.
Cloud Forensics...this presentation shows you the current state of progress and challenges that stand today in the world of CLOUD FORENSICS.Based on lots of Google search and whites by Josiah Dykstra and Alan Sherman.The presentation builds right from basics and compares the conflicting requirements between traditional and Clod Forensics.
Draft current state of digital forensic and data science Damir Delija
In this presentation we will introduce current state of digital forensics, its positioning in general IT security and relations with data science and data analyses. Many strong links exist among this technical and scientific fields, usually this links are not taken into consideration. For data owners, forensic researchers and investigators this connections and data views presents additional hidden values.
Legal Research in the Age of Cloud ComputingNeal Axton
This presentation discusses the impact of the mass communication technologies including the Internet and Cloud Computing on the practice of law and legal research. This presentation was given the Advanced Legal Research class at William Mitchell College of Law in St. Paul, Minnesota of August 23, 2013 by Neal R. Axton, JD, MLIS.
Forensic science is a scientific method of gathering and examining information about the past which is then used in the court of law. Digital Forensics is the use of scientifically derived and proven methods toward the preservation, collection, validation, identification, analysis, interpretation, documentation, and presentation of digital evidence derived from digital devices for the purpose of facilitation or furthering the reconstruction of events found to be criminal, or helping to anticipate unauthorized actions shown to be disruptive to planned operations.
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...ahmad abdelhafeez
The goal of this paper is to compare between different classifiers or multi-classifiers fusion with respect to accuracy in discovering breast cancer for four different data sets. We present an implementation among various classification techniques which represent the most known algorithms in this field on four different datasets of breast cancer two for diagnosis and two for prognosis. We present a fusion between classifiers to get the best multi-classifier fusion approach to each data set individually. By using confusion matrix to get classification accuracy which built in 10-fold cross validation technique. Also, using fusion majority voting (the mode of the classifier output). The experimental results show that no classification technique is better than the other if used for all datasets, since the classification task is affected by the type of dataset. By using multi-classifiers fusion the results show that accuracy improved in three datasets out of four.
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...ahmad abdelhafeez
Abstract- The goal of this paper is to compare between different classifiers or multi-classifiers fusion with respect to accuracy in discovering breast cancer for four different data sets. We present an implementation among various classification techniques which represent the most known algorithms in this field on four different datasets of breast cancer two for diagnosis and two for prognosis. We present a fusion between classifiers to get the best multi-classifier fusion approach to each data set individually. By using confusion matrix to get classification accuracy which built in 10-fold cross validation technique. Also, using fusion majority voting (the mode of the classifier output). The experimental results show that no classification technique is better than the other if used for all datasets, since the classification task is affected by the type of dataset. By using multi-classifiers fusion the results show that accuracy improved in three datasets out of four.
Cosmetic shop management system project report.pdfKamal Acharya
Buying new cosmetic products is difficult. It can even be scary for those who have sensitive skin and are prone to skin trouble. The information needed to alleviate this problem is on the back of each product, but it's thought to interpret those ingredient lists unless you have a background in chemistry.
Instead of buying and hoping for the best, we can use data science to help us predict which products may be good fits for us. It includes various function programs to do the above mentioned tasks.
Data file handling has been effectively used in the program.
The automated cosmetic shop management system should deal with the automation of general workflow and administration process of the shop. The main processes of the system focus on customer's request where the system is able to search the most appropriate products and deliver it to the customers. It should help the employees to quickly identify the list of cosmetic product that have reached the minimum quantity and also keep a track of expired date for each cosmetic product. It should help the employees to find the rack number in which the product is placed.It is also Faster and more efficient way.
About
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Technical Specifications
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
Key Features
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface
• Compatible with MAFI CCR system
• Copatiable with IDM8000 CCR
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
Application
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)MdTanvirMahtab2
This presentation is about the working procedure of Shahjalal Fertilizer Company Limited (SFCL). A Govt. owned Company of Bangladesh Chemical Industries Corporation under Ministry of Industries.
Immunizing Image Classifiers Against Localized Adversary Attacksgerogepatton
This paper addresses the vulnerability of deep learning models, particularly convolutional neural networks
(CNN)s, to adversarial attacks and presents a proactive training technique designed to counter them. We
introduce a novel volumization algorithm, which transforms 2D images into 3D volumetric representations.
When combined with 3D convolution and deep curriculum learning optimization (CLO), itsignificantly improves
the immunity of models against localized universal attacks by up to 40%. We evaluate our proposed approach
using contemporary CNN architectures and the modified Canadian Institute for Advanced Research (CIFAR-10
and CIFAR-100) and ImageNet Large Scale Visual Recognition Challenge (ILSVRC12) datasets, showcasing
accuracy improvements over previous techniques. The results indicate that the combination of the volumetric
input and curriculum learning holds significant promise for mitigating adversarial attacks without necessitating
adversary training.
Event Management System Vb Net Project Report.pdfKamal Acharya
In present era, the scopes of information technology growing with a very fast .We do not see any are untouched from this industry. The scope of information technology has become wider includes: Business and industry. Household Business, Communication, Education, Entertainment, Science, Medicine, Engineering, Distance Learning, Weather Forecasting. Carrier Searching and so on.
My project named “Event Management System” is software that store and maintained all events coordinated in college. It also helpful to print related reports. My project will help to record the events coordinated by faculties with their Name, Event subject, date & details in an efficient & effective ways.
In my system we have to make a system by which a user can record all events coordinated by a particular faculty. In our proposed system some more featured are added which differs it from the existing system such as security.
COLLEGE BUS MANAGEMENT SYSTEM PROJECT REPORT.pdfKamal Acharya
The College Bus Management system is completely developed by Visual Basic .NET Version. The application is connect with most secured database language MS SQL Server. The application is develop by using best combination of front-end and back-end languages. The application is totally design like flat user interface. This flat user interface is more attractive user interface in 2017. The application is gives more important to the system functionality. The application is to manage the student’s details, driver’s details, bus details, bus route details, bus fees details and more. The application has only one unit for admin. The admin can manage the entire application. The admin can login into the application by using username and password of the admin. The application is develop for big and small colleges. It is more user friendly for non-computer person. Even they can easily learn how to manage the application within hours. The application is more secure by the admin. The system will give an effective output for the VB.Net and SQL Server given as input to the system. The compiled java program given as input to the system, after scanning the program will generate different reports. The application generates the report for users. The admin can view and download the report of the data. The application deliver the excel format reports. Because, excel formatted reports is very easy to understand the income and expense of the college bus. This application is mainly develop for windows operating system users. In 2017, 73% of people enterprises are using windows operating system. So the application will easily install for all the windows operating system users. The application-developed size is very low. The application consumes very low space in disk. Therefore, the user can allocate very minimum local disk space for this application.
Automobile Management System Project Report.pdfKamal Acharya
The proposed project is developed to manage the automobile in the automobile dealer company. The main module in this project is login, automobile management, customer management, sales, complaints and reports. The first module is the login. The automobile showroom owner should login to the project for usage. The username and password are verified and if it is correct, next form opens. If the username and password are not correct, it shows the error message.
When a customer search for a automobile, if the automobile is available, they will be taken to a page that shows the details of the automobile including automobile name, automobile ID, quantity, price etc. “Automobile Management System” is useful for maintaining automobiles, customers effectively and hence helps for establishing good relation between customer and automobile organization. It contains various customized modules for effectively maintaining automobiles and stock information accurately and safely.
When the automobile is sold to the customer, stock will be reduced automatically. When a new purchase is made, stock will be increased automatically. While selecting automobiles for sale, the proposed software will automatically check for total number of available stock of that particular item, if the total stock of that particular item is less than 5, software will notify the user to purchase the particular item.
Also when the user tries to sale items which are not in stock, the system will prompt the user that the stock is not enough. Customers of this system can search for a automobile; can purchase a automobile easily by selecting fast. On the other hand the stock of automobiles can be maintained perfectly by the automobile shop manager overcoming the drawbacks of existing system.
Courier management system project report.pdfKamal Acharya
It is now-a-days very important for the people to send or receive articles like imported furniture, electronic items, gifts, business goods and the like. People depend vastly on different transport systems which mostly use the manual way of receiving and delivering the articles. There is no way to track the articles till they are received and there is no way to let the customer know what happened in transit, once he booked some articles. In such a situation, we need a system which completely computerizes the cargo activities including time to time tracking of the articles sent. This need is fulfilled by Courier Management System software which is online software for the cargo management people that enables them to receive the goods from a source and send them to a required destination and track their status from time to time.
Final project report on grocery store management system..pdfKamal Acharya
In today’s fast-changing business environment, it’s extremely important to be able to respond to client needs in the most effective and timely manner. If your customers wish to see your business online and have instant access to your products or services.
Online Grocery Store is an e-commerce website, which retails various grocery products. This project allows viewing various products available enables registered users to purchase desired products instantly using Paytm, UPI payment processor (Instant Pay) and also can place order by using Cash on Delivery (Pay Later) option. This project provides an easy access to Administrators and Managers to view orders placed using Pay Later and Instant Pay options.
In order to develop an e-commerce website, a number of Technologies must be studied and understood. These include multi-tiered architecture, server and client-side scripting techniques, implementation technologies, programming language (such as PHP, HTML, CSS, JavaScript) and MySQL relational databases. This is a project with the objective to develop a basic website where a consumer is provided with a shopping cart website and also to know about the technologies used to develop such a website.
This document will discuss each of the underlying technologies to create and implement an e- commerce website.
Democratizing Fuzzing at Scale by Abhishek Aryaabh.arya
Presented at NUS: Fuzzing and Software Security Summer School 2024
This keynote talks about the democratization of fuzzing at scale, highlighting the collaboration between open source communities, academia, and industry to advance the field of fuzzing. It delves into the history of fuzzing, the development of scalable fuzzing platforms, and the empowerment of community-driven research. The talk will further discuss recent advancements leveraging AI/ML and offer insights into the future evolution of the fuzzing landscape.
Welcome to WIPAC Monthly the magazine brought to you by the LinkedIn Group Water Industry Process Automation & Control.
In this month's edition, along with this month's industry news to celebrate the 13 years since the group was created we have articles including
A case study of the used of Advanced Process Control at the Wastewater Treatment works at Lleida in Spain
A look back on an article on smart wastewater networks in order to see how the industry has measured up in the interim around the adoption of Digital Transformation in the Water Industry.
2. Outline
• Introduction
• Categories
• History
• Review
• Types of computer crimes and investigations.
• Anti-forensics
• Future Challenges
• Real life cases
• Conclusion
• References
3. Introduction
• Your computer will betray you.
• Change is inevitable.
• digital forensics is still in its infancy.
4. Introduction – cntd’
According to a study by University of California – Berkeley
in 2001. It was found that 93% of all new information at
that time was created entirely in digital format.
5. What?
• Forensics is the application of science to solve a legal problem.
• Digital Forensics is the preservation, identification, extraction, interpretation and
documentation of computer evidence which can be used in the court of law.
• In Forensic Magazine, Ken Zatyko defined digital forensics this way:
“The application of computer science and investigative procedures for a legal purpose
involving the analysis of digital evidence after proper search authority, chain of custody,
validation with mathematics, use of validated tools, repeatability, reporting, and possible
expert presentation.”
7. History
• The field started to emerge in the 1980’s.
• Since the late 1970s the amount of crime involving computers has been growing very
quickly, creating a need for constantly developing forensic tools and practices.
• The first computer crimes were recognized in the 1978 Florida Computer Crimes Act, which
included legislation against the unauthorized modification or deletion of data on a computer
system.
• In the 1980’s, the federal laws began to incorporate computer offences and Canada was the
first country to pass legislation in 1983.
• Starting 2000, in response to the need for standardization, various bodies and agencies have
published guidelines for digital forensics.
• Many of the early members were computer hobbyists and became responsible for the field's
initial research and direction.
• One of the first practical (or at least publicized) examples of digital forensics was Cliff
Stoll's pursuit of hacker Markus Hess in 1986.
8. Review – Why and Who?
• Why? - Due to the growth in computer crime law
enforcement agencies began establishing specialized
groups to handle the technical aspects of investigations.
• Who? - Criminal Prosecutors & law enforcement
agencies, Insurance Companies, Private Corporations.
10. Types of Computer Crimes and
Investigations
• Types of Computer Crimes:
Computer based crimes.
Computer facilitated crimes.
• Types of Investigations:
Criminal forensics.
Intelligence gathering.
civil litigation – Also known as Electronic discovery (eDiscovery).
Intrusion investigation.
administrative matters.
11. Conditions of Reliability
• The “conditions of reliability” are generally the same for
most jurisdictions and it was stated that electronic copies
of data are admissible provided that:
They were from the indicated source.
They were acquired using proven tools and techniques.
They have not been altered since the time of acquisition.
12. Challenges – Digital Forensics
• Digital evidence accepted into court.
• Costs.
• Presents the potential for exposing privileged documents.
• Legal practitioners must have extensive computer
knowledge.
13. Locard’s Exchange Principle
• “Wherever he steps, whatever he touches, whatever he
leaves, even unconsciously, will serve as a silent witness
against him. Not only his fingerprints or his footprints,
but his hair, the fibers from his clothes, the glass he
breaks, the tool mark he leaves, the paint he scratches,
the blood or semen he deposits or collects. All of these
and more, bear mute witness against him. This is
evidence that does not forget. It is not confused by the
excitement of the moment. It is not absent because
human witnesses are. It is factual evidence. Physical
evidence cannot be wrong, it cannot perjure itself, it
cannot be wholly absent. Only human failure to find it,
study and understand it, can diminish its value.”
• It can be interpreted as follows: In the physical world,
when perpetrators enter or leave a crime scene, they will
leave something behind and take something with them.
Examples include DNA, latent prints, hair, and fibers
14. Locard’s Analogy for
Digital Forensics
• Registry keys and log files can serve as the digital equivalent
to hair and fiber.
• Like DNA, our ability to detect and analyze these artifacts
relies heavily on the technology available at the time.
• Viewing a device or incident through the “lens” of Locard’s
principle can be very helpful in locating and interpreting not
only physical but digital evidence as well.
15. The field of Anti-forensics
• To counter the relatively new forensic advances, anti-
forensic tools and techniques are cropping up in
significant numbers.
• They are being used by criminals, terrorists, and
corporate executives.
• Definition: “an approach to manipulate, erase, or
obfuscate digital data or to make its examination difficult,
time consuming, or virtually impossible”
16. Several Techniques for Anti-forensics
• Hiding Data:
Changing file names and extensions.
Burying files deep within seemingly unrelated directories.
Hiding files within files.
Encryption.
Steganography.
• Destroying Data:
Drive wiping
“Darik’s Boot and Nuke”
“DiskWipe”
“CBL Data Shredder”
“Webroot Window Washer”
“Evidence Eliminator”
17. Concerns about Data wiping
• From an evidentiary or
investigative perspective, the
presence or use of these
applications can serve as the next
best thing to the original
evidence.
• As Seen, some tales are left in the
registry
18. More concerns
• When looking at the
drive at the bit level,
a distinct repeating
pattern of data may
be seen. This is
completely different
from what would
normally be found
on a hard drive in
everyday use.
19. More concerns
• Some operating systems,
Apple OSX Lion for
example, ship with a
drive wiping utility
installed. Called Secure
Erase, this utility offers
multiple options for data
destruction.
20. Future Challenges and POR
• Standards and Controls:
Standards and controls are a fundamental part of scientific
analysis, including forensic science.
Its relevance to digital forensics is a matter of dispute.
Standard Control
A prepared sample that has
known properties that is used as
a control during forensic
analyses.
A test performed in parallel with
experimental samples that is
designed to demonstrate that a
procedure is working correctly
and the results are valid.
21. Future Challenges and POR
• Standards and Control – cntd’:
Two opinions exist.
John Barbra Scientific Working Group on Digital
Evidence
“In the end, closely following these
established scientific practices ensures
that any results gained are accurate,
reliable, and repeatable. He further
argued that without the use of standards
and controls, it would be “extremely
difficult or impossible to scientifically
assess the validity of the results obtained
from the analysis of the physical
evidence”
“Their position is that standards are being
used in digital forensics, but controls
are “not applicable in the computer forensics
sub-discipline”
SWGDE’s position centers on false
positives.
Tools and processes may miss evidence,
but they will never find evidence that
doesn’t exist.
22. Future Challenges and POR
• CLOUD FORENSICS
Technically: Deleted files on a magnetic drive remain on the disk
until they are overwritten. In the cloud, when a file is deleted the
mapping is removed immediately, usually within a matter of
seconds. This means that there is no remote access to the deleted
data.
Legally: Dealing with multiple jurisdictions can significantly
frustrate efforts to get to the relevant data
• SOLID STATE DRIVES (SSD)
• SPEED OF CHANGE
23. Case Scenarios – Case 1
Italian Case Law on Digital Evidence
• Digital evidence could be altered and can contain countless
pieces of information. The “Garlasco” case is a clear example
of this.
24. Case Scenarios – Case 2
BTK Killer
• The case of Dennis Rader, better known as the BTK killer.
• It was solved thirty years later with the help of digital forensics.
• He murdered ten people in Kansas from 1974 to 1991. Rader managed to avoid
capture for over thirty years until technology betrayed him.
• A floppy disk was received from the BTK killer.
• The disc contained a file named “Test A.rtf.” (The .rtf extension stands for “Rich
Text File”). A forensic exam of the file struck gold. The file’s metadata (the data
about the data) gave investigators the leads they had been waiting over thirty
years for. Aside from the “Date Created” (Thursday, February 10, 2005 6:05:34
PM) and the “Date Modified” (Monday, February 14, 2005 2:47:44 PM) were the
“Title” (Christ Lutheran Church) and “Last Saved By:” (Dennis).
25. Conclusion
• Digital Forensics field is an emerging field and it faces
lots of challenges that are still POR. However, the intense
research makes it viable to be taken into consideration in
house of court.