SlideShare a Scribd company logo

Digital investigation

Download as PPTX, PDF
U
unnilala11

power point presentation regarding figital investigation tools

Education
1 of 15
M24CDE Computer Law Digital Investigation M24CDE 1
Nature of computer-based electronic evidence • Computer-based electronic evidence is information and data of investigative value that is stored on or transmitted by a computer. As such, this evidence is latent evidence in the same sense that fingerprints or DNA evidence is latent. • In its natural state, we cannot see what is contained in the physical object that holds our evidence. Equipment and software are required to make the evidence available. Testimony may be required to explain the examination and any process limitations.
Nature of computer-based electronic evidence • Computer-based electronic evidence is, by its very nature, fragile. It can be altered, damaged, or destroyed by improper handling or improper examination. For this reason, special precautions should be taken to document, collect, preserve and examine this type of evidence. Failure to do so may render it unusable or lead to an inaccurate conclusion.
Devices subjected to Digital Investigation • Desktop and Laptop Computers • Personal Organisers (PDAs) • Main unit: usually the box to which the monitor and keyboard are attached • Monitor, keyboard and mouse • Leads • Power supply units and batteries • Hard disks not fitted inside the computer • Dongles • Modems (some contain phone numbers)
Devices subjected to Digital Investigation • External drives and other external devices • Wireless network cards, Modems, Routers • Digital cameras • Floppy disks • Back up tapes • Jaz/Zip cartridges • CDs,DVDs • PCMCIA cards • Memory sticks, memory cards • USB/firewire connected devices
Home networks & wireless technology • Switches, hubs, routers, firewalls (or devices which combine all three). • Embedded network cards (e.g. Intel Centrino). • Access Points. • Printers and digital cameras. • Bluetooth devices – PDAs, mobile phones, dongles etc. • Hard drives both wired and wireless. • Wireless networks – cannot be controlled in the same way as a traditionally cabled solution and are potentially accessible by anyone within radio range.
Other Digital Devices • Mobile telephones. • Telephone e-mailers. • Pagers. • Internet-capable digital • Land line telephones. TVs • Answering machines. • Media PC • Facsimile machines. • Satellite receivers • Dictating machines. • HD recorders • Digital cameras • Next generation games consoles
Considerations • To assist in the examination of the equipment, seize: – Manuals of computer and software. – Anything that may contain a password. – Encryption keys. – Security keys – required to physically open computer equipment and media storage boxes.
Association of Chief Police Officers (ACPO) Guidelines • Principle 1: – No action taken by law enforcement agencies or their agents should change data held on a computer or storage media which may subsequently be relied upon in court. • Principle 2: – In exceptional circumstances, where a person finds it necessary to access original data held on a computer or on storage media, that person must be competent to do so and be able to give evidence explaining the relevance and the implications of their actions.
APCO Guidelines • Principle 3: – An audit trail or other record of all processes applied to computer based electronic evidence should be created and preserved. An independent third party should be able to examine those processes and achieve the same result. • Principle 4: – The person in charge of the investigation (the case officer) has overall responsibility for ensuring that the law and these principles are adhered to
Computer Misuse Act 1990 (UK Wide) • S1 Unauthorised Access To Computer Material • S2 Unauthorised Access With Intent to Commit Other Offence • S3 Unauthorised Acts with Intent to Impair Operation • S3A Making, Supplying or Obtaining Article for Use in S1 or S3 offences • S10 Saving For Certain Law Enforcement Powers • S14 Search Warrants • S17 Interpretation M24CDE 11
The Police & Criminal Evidence Act 1984 • S8 Search Warrant • S19 General Power of Seizure • S20 Extension of Powers of Seizure to Computerised Information • S21 Access and Copying • S22 Retention • S78 Exclusion of Unfair Evidence M24CDE 12
Criminal Justice & Police Act 2001 (England, Wales & NI.) • S50 (re search and seizure – bulk items) • S50 (1) – Where a person is lawfully on premises carrying out a search and it is not practicable to determine at the time if an item found is something that he is entitled to seize, or if the contents of an item are things that he is entitled to seize, the item can be taken away for this to be determined. There must be reasonable grounds for believing the item may be something for which there was authorisation M24CDE to search. 13
Criminal Justice & Police Act 2001 (England, Wales & NI.) • S50 (2) – Where a person is lawfully on premises and an item for which there is a power to seize is found, but it is contained within an item for which there would ordinarily be no power to seize and it is not practicable to separate them at the time, both items can be seized.
Investigation Process • Identification • Acquisition • Preservation • Search • Analysis • Reconstruction • Presentation M24CDE 15

Recommended

Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1Manu Mathew Cherian
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber ForensicsKathirvel Ayyaswamy
 
Network forensic
Network forensicNetwork forensic
Network forensicManjushree Mashal
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidencerakesh mishra
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenesprimeteacher32
 
04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - Notes04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - NotesKranthi
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensicspranjal dutta
 

Recommended

Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1Manu Mathew Cherian
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber ForensicsKathirvel Ayyaswamy
 
Network forensic
Network forensicNetwork forensic
Network forensicManjushree Mashal
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidencerakesh mishra
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenesprimeteacher32
 
04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - Notes04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - NotesKranthi
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensicspranjal dutta
 
Incident response process
Incident response processIncident response process
Incident response processBhupeshkumar Nanhe
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeAung Thu Rha Hein
 
Digital Forensic
Digital ForensicDigital Forensic
Digital ForensicCleverence Kombe
 
A brief Intro to Digital Forensics
A brief Intro to Digital ForensicsA brief Intro to Digital Forensics
A brief Intro to Digital ForensicsManik Bhola
 
Linux forensics
Linux forensicsLinux forensics
Linux forensicsSantosh Khadsare
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics OverviewYansi Keim
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsdeaneal
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
Fundamental digital forensik
Fundamental digital forensikFundamental digital forensik
Fundamental digital forensiknewbie2019
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2Manu Mathew Cherian
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsMithileysh Sathiyanarayanan
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsVidoushi B-Somrah
 
Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDr Raghu Khimani
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic toolsSonu Sunaliya
 
Privacy and Data Security
Privacy and Data SecurityPrivacy and Data Security
Privacy and Data SecurityWilmerHale
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - NotesKranthi
 
Digital forensic principles and procedure
Digital forensic principles and procedureDigital forensic principles and procedure
Digital forensic principles and procedurenewbie2019
 
E-mail Investigation
E-mail InvestigationE-mail Investigation
E-mail Investigationedwardbel
 
Cyber forensics ppt
Cyber forensics pptCyber forensics ppt
Cyber forensics pptRoshiniVijayakumar1
 
Digital&computforensic
Digital&computforensicDigital&computforensic
Digital&computforensicRahul Badekar
 
Computer Forensics (1).pptx
Computer Forensics (1).pptxComputer Forensics (1).pptx
Computer Forensics (1).pptxGautam708801
 

More Related Content

What's hot

Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeAung Thu Rha Hein
 
A brief Intro to Digital Forensics
A brief Intro to Digital ForensicsA brief Intro to Digital Forensics
A brief Intro to Digital ForensicsManik Bhola
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics OverviewYansi Keim
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsdeaneal
 
Fundamental digital forensik
Fundamental digital forensikFundamental digital forensik
Fundamental digital forensiknewbie2019
 
Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDr Raghu Khimani
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic toolsSonu Sunaliya
 
Privacy and Data Security
Privacy and Data SecurityPrivacy and Data Security
Privacy and Data SecurityWilmerHale
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - NotesKranthi
 
Digital forensic principles and procedure
Digital forensic principles and procedureDigital forensic principles and procedure
Digital forensic principles and procedurenewbie2019
 
E-mail Investigation
E-mail InvestigationE-mail Investigation
E-mail Investigationedwardbel
 

What's hot (20)

Incident response process
Incident response processIncident response process
Incident response process
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research Challenge
 
Digital Forensic
Digital ForensicDigital Forensic
Digital Forensic
 
A brief Intro to Digital Forensics
A brief Intro to Digital ForensicsA brief Intro to Digital Forensics
A brief Intro to Digital Forensics
 
Linux forensics
Linux forensicsLinux forensics
Linux forensics
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics Overview
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
 
Fundamental digital forensik
Fundamental digital forensikFundamental digital forensik
Fundamental digital forensik
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu Khimani
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic tools
 
Privacy and Data Security
Privacy and Data SecurityPrivacy and Data Security
Privacy and Data Security
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes
 
Digital forensic principles and procedure
Digital forensic principles and procedureDigital forensic principles and procedure
Digital forensic principles and procedure
 
E-mail Investigation
E-mail InvestigationE-mail Investigation
E-mail Investigation
 
Cyber forensics ppt
Cyber forensics pptCyber forensics ppt
Cyber forensics ppt
 

Similar to Digital investigation

Digital&computforensic
Digital&computforensicDigital&computforensic
Digital&computforensicRahul Badekar
 
Computer Forensics (1).pptx
Computer Forensics (1).pptxComputer Forensics (1).pptx
Computer Forensics (1).pptxGautam708801
 
Best Cyber Crime Investigation Service Provider | Fornsec Solutions
Best Cyber Crime Investigation Service Provider | Fornsec SolutionsBest Cyber Crime Investigation Service Provider | Fornsec Solutions
Best Cyber Crime Investigation Service Provider | Fornsec SolutionsFORnSECSolutions
 
Most promising cyber forensic solution providers from india forn sec solut...
Most promising cyber forensic solution providers from india forn sec solut...Most promising cyber forensic solution providers from india forn sec solut...
Most promising cyber forensic solution providers from india forn sec solut...FORnSECSolutions
 
CS426_forensics.ppt
CS426_forensics.pptCS426_forensics.ppt
CS426_forensics.pptFaiz430036
 
Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 
Handling digital crime scene
Handling digital crime sceneHandling digital crime scene
Handling digital crime sceneSKMohamedKasim
 
Akcomputerforensics 130222081008-phpapp02-140809110602-phpapp02
Akcomputerforensics 130222081008-phpapp02-140809110602-phpapp02Akcomputerforensics 130222081008-phpapp02-140809110602-phpapp02
Akcomputerforensics 130222081008-phpapp02-140809110602-phpapp02satyabwati
 
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdfGnanavi2
 
Investigating Cooridinated Data Exfiltration
Investigating Cooridinated Data ExfiltrationInvestigating Cooridinated Data Exfiltration
Investigating Cooridinated Data ExfiltrationAndrew Case
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsAlchemist095
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 
Mobile_Forensics- General Introduction & Software.pptx
Mobile_Forensics- General Introduction & Software.pptxMobile_Forensics- General Introduction & Software.pptx
Mobile_Forensics- General Introduction & Software.pptxgouriuplenchwar63
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014Muzzammil Wani
 
Digital forensic
Digital forensicDigital forensic
Digital forensicChandan Sah
 

Similar to Digital investigation (20)

Digital&computforensic
Digital&computforensicDigital&computforensic
Digital&computforensic
 
Computer Forensics (1).pptx
Computer Forensics (1).pptxComputer Forensics (1).pptx
Computer Forensics (1).pptx
 
Best Cyber Crime Investigation Service Provider | Fornsec Solutions
Best Cyber Crime Investigation Service Provider | Fornsec SolutionsBest Cyber Crime Investigation Service Provider | Fornsec Solutions
Best Cyber Crime Investigation Service Provider | Fornsec Solutions
 
Most promising cyber forensic solution providers from india forn sec solut...
Most promising cyber forensic solution providers from india forn sec solut...Most promising cyber forensic solution providers from india forn sec solut...
Most promising cyber forensic solution providers from india forn sec solut...
 
CS426_forensics.ppt
CS426_forensics.pptCS426_forensics.ppt
CS426_forensics.ppt
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
 
Handling digital crime scene
Handling digital crime sceneHandling digital crime scene
Handling digital crime scene
 
Akcomputerforensics 130222081008-phpapp02-140809110602-phpapp02
Akcomputerforensics 130222081008-phpapp02-140809110602-phpapp02Akcomputerforensics 130222081008-phpapp02-140809110602-phpapp02
Akcomputerforensics 130222081008-phpapp02-140809110602-phpapp02
 
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
 
Computer Forensic
Computer ForensicComputer Forensic
Computer Forensic
 
Investigating Cooridinated Data Exfiltration
Investigating Cooridinated Data ExfiltrationInvestigating Cooridinated Data Exfiltration
Investigating Cooridinated Data Exfiltration
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptx
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Mobile_Forensics- General Introduction & Software.pptx
Mobile_Forensics- General Introduction & Software.pptxMobile_Forensics- General Introduction & Software.pptx
Mobile_Forensics- General Introduction & Software.pptx
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensic
 
Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014
 
Digital forensic
Digital forensicDigital forensic
Digital forensic
 
Computer Forensics ppt
Computer Forensics pptComputer Forensics ppt
Computer Forensics ppt
 

Recently uploaded

18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
MICROBIOLOGY biochemical test detailed.pptx
MICROBIOLOGY biochemical test detailed.pptxMICROBIOLOGY biochemical test detailed.pptx
MICROBIOLOGY biochemical test detailed.pptxabhijeetpadhi001
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxEyham Joco
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupJonathanParaisoCruz
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.arsicmarija21
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementmkooblal
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 

Recently uploaded (20)

18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
MICROBIOLOGY biochemical test detailed.pptx
MICROBIOLOGY biochemical test detailed.pptxMICROBIOLOGY biochemical test detailed.pptx
MICROBIOLOGY biochemical test detailed.pptx
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized Group
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of management
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 

Digital investigation

  • 1. M24CDE Computer Law Digital Investigation M24CDE 1
  • 2. Nature of computer-based electronic evidence • Computer-based electronic evidence is information and data of investigative value that is stored on or transmitted by a computer. As such, this evidence is latent evidence in the same sense that fingerprints or DNA evidence is latent. • In its natural state, we cannot see what is contained in the physical object that holds our evidence. Equipment and software are required to make the evidence available. Testimony may be required to explain the examination and any process limitations.
  • 3. Nature of computer-based electronic evidence • Computer-based electronic evidence is, by its very nature, fragile. It can be altered, damaged, or destroyed by improper handling or improper examination. For this reason, special precautions should be taken to document, collect, preserve and examine this type of evidence. Failure to do so may render it unusable or lead to an inaccurate conclusion.
  • 4. Devices subjected to Digital Investigation • Desktop and Laptop Computers • Personal Organisers (PDAs) • Main unit: usually the box to which the monitor and keyboard are attached • Monitor, keyboard and mouse • Leads • Power supply units and batteries • Hard disks not fitted inside the computer • Dongles • Modems (some contain phone numbers)
  • 5. Devices subjected to Digital Investigation • External drives and other external devices • Wireless network cards, Modems, Routers • Digital cameras • Floppy disks • Back up tapes • Jaz/Zip cartridges • CDs,DVDs • PCMCIA cards • Memory sticks, memory cards • USB/firewire connected devices
  • 6. Home networks & wireless technology • Switches, hubs, routers, firewalls (or devices which combine all three). • Embedded network cards (e.g. Intel Centrino). • Access Points. • Printers and digital cameras. • Bluetooth devices – PDAs, mobile phones, dongles etc. • Hard drives both wired and wireless. • Wireless networks – cannot be controlled in the same way as a traditionally cabled solution and are potentially accessible by anyone within radio range.
  • 7. Other Digital Devices • Mobile telephones. • Telephone e-mailers. • Pagers. • Internet-capable digital • Land line telephones. TVs • Answering machines. • Media PC • Facsimile machines. • Satellite receivers • Dictating machines. • HD recorders • Digital cameras • Next generation games consoles
  • 8. Considerations • To assist in the examination of the equipment, seize: – Manuals of computer and software. – Anything that may contain a password. – Encryption keys. – Security keys – required to physically open computer equipment and media storage boxes.
  • 9. Association of Chief Police Officers (ACPO) Guidelines • Principle 1: – No action taken by law enforcement agencies or their agents should change data held on a computer or storage media which may subsequently be relied upon in court. • Principle 2: – In exceptional circumstances, where a person finds it necessary to access original data held on a computer or on storage media, that person must be competent to do so and be able to give evidence explaining the relevance and the implications of their actions.
  • 10. APCO Guidelines • Principle 3: – An audit trail or other record of all processes applied to computer based electronic evidence should be created and preserved. An independent third party should be able to examine those processes and achieve the same result. • Principle 4: – The person in charge of the investigation (the case officer) has overall responsibility for ensuring that the law and these principles are adhered to
  • 11. Computer Misuse Act 1990 (UK Wide) • S1 Unauthorised Access To Computer Material • S2 Unauthorised Access With Intent to Commit Other Offence • S3 Unauthorised Acts with Intent to Impair Operation • S3A Making, Supplying or Obtaining Article for Use in S1 or S3 offences • S10 Saving For Certain Law Enforcement Powers • S14 Search Warrants • S17 Interpretation M24CDE 11
  • 12. The Police & Criminal Evidence Act 1984 • S8 Search Warrant • S19 General Power of Seizure • S20 Extension of Powers of Seizure to Computerised Information • S21 Access and Copying • S22 Retention • S78 Exclusion of Unfair Evidence M24CDE 12
  • 13. Criminal Justice & Police Act 2001 (England, Wales & NI.) • S50 (re search and seizure – bulk items) • S50 (1) – Where a person is lawfully on premises carrying out a search and it is not practicable to determine at the time if an item found is something that he is entitled to seize, or if the contents of an item are things that he is entitled to seize, the item can be taken away for this to be determined. There must be reasonable grounds for believing the item may be something for which there was authorisation M24CDE to search. 13
  • 14. Criminal Justice & Police Act 2001 (England, Wales & NI.) • S50 (2) – Where a person is lawfully on premises and an item for which there is a power to seize is found, but it is contained within an item for which there would ordinarily be no power to seize and it is not practicable to separate them at the time, both items can be seized.
  • 15. Investigation Process • Identification • Acquisition • Preservation • Search • Analysis • Reconstruction • Presentation M24CDE 15