SlideShare a Scribd company logo

L12. Digital Forensics BS.pptx

Download as PPTX, PDF
T
talhajann43

Abc

Technology
1 of 19
www.huawei.com Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Digital Forensics
Page 1 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Foreword  Today, computers are used the world over. The pervasiveness of computers has led to an ever-increasing number of computer-related court cases, such as electronic commerce disputes and cybercrimes. In the process of judging or handling disputes and criminal cases, a new form of litigation evidence has emerged, namely, digital evidence. The characteristics that distinguish digital evidence and digital forensics from traditional physical evidence and forensic methods pose new research topics in the field of law and computer science.  This document describes the digital forensic process.
Page 2 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Contents 1. Overview  Cybercrime  Overview of Digital Forensics 2. Digital Forensic Process
Page 3 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Cybercrime  Definition:  In violation of legal regulations, a bad actor deliberately:  Invades a computer information system or compromises the functionality of the system and its related data and applications  Produces or disseminates computer viruses  Affects the normal operation of a system or causes detrimental effects  Cybercrimes usually take two forms:  Use of computers to store information related to criminal activities  Direct use of computers as a crime tool to launch criminal activities
Page 4 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Characteristics of Cybercrimes  Over the past decade or so, the number of cybercrimes have risen year on year. Cybercrimes generally have the following characteristics: Professional means Complex and diverse motives Covert forms Transnational Huge potential damage Many members and lowering ages Characteristics of Cybercrimes
Page 5 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Cybercrime Motives  The motives of cybercrime are complicated and diverse. Trick Revenge Profit Prestige Political action Motives Idle and dull people with some skills who want to access all interested websites People who want to prove their competence and win respect and recognition from their counterparts Suspended, dismissed, demoted, or unjustly treated people who take revenge to cause maximum impact People who are learning about computers and networks perform misoperations or accidentally discover a vulnerability that may affect data People who are employed to intrude into a target system to steal or tamper with information for huge financial gains Destruction, theft of intelligence, and information warfare Ignorance
Page 6 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Forms of Cybercrime  Cybercrimes take various forms. Common forms are listed as follows: Trojan horse Hacker Backdoor DDoS Virus Worm Internal and external information leakage Cyber Crime Forms
Page 7 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Contents 1. Overview  Cybercrime  Overview of Digital Forensics 2. Digital Forensic Process
Page 8 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Overview of Digital Forensics  Digital evidence  Digital evidence is information stored or transmitted in binary form during the operation of a computer or computer system and is used in a court case.  Digital evidence is also known as electronic evidence and computer evidence. Digital evidence Text Graphs Images Animations Audios Videos
Page 9 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Sources of Digital Evidence  Common digital evidence in judicial practices falls into three categories:  Digital evidence related to modern communications technologies  Digital evidence related to other modern information technologies, such as broadcasting, television, and film  Digital evidence related to computer technologies or network technologies Communications • Mobile phone audio records • Chat history • Digital data • Fax data • TV series • Video • Movie Broadcasting, television, and film • Database operation record • Browser cache • Network monitoring traffic • Operating system logs Computer and network
Page 10 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Characteristics of Digital Evidence Digital evidence depends heavily on computer and storage technologies. Without high-tech equipment, digital evidence cannot be saved or transmitted. Digital evidence is not a single piece of data, images, or sound, but a combination of data, images, sounds, graphs, animations, and text. Digital evidence may be easily compromised during generation and transmission due to its dependence on electronic digital devices such as computers. This may damage or even prevent the use of the digital evidence. Attackers use hacker methods to invade computer systems and steal passwords in order to arbitrarily tamper with electronic data, making it difficult to validate evidence. Unlike traditional evidence, which can be directly seen, heard, or touched, digital evidence is stored in optical, electronic, or magnetic form on various types of electronic devices. Digital evidence can reflect a dynamic and continuous process that vividly reproduces the scene. Vulnerable and fragile Fabricated Characteristics of digital evidence
Page 11 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Concept of Computer Forensics  Computer forensics is also known as digital forensics or electronic forensics.  Definition:  Computer forensics refers to the process of confirming, protecting, extracting, archiving, and presenting at a court digital evidence that exists in computers and related peripherals. This evidence must be reliable, persuasive, and acceptable by the court.
Page 12 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Regulations and Standards for Digital Forensics US Since the release of the Federal Rules of Evidence in 1976, a number of laws have emerged in the US to address the problems brought by digital evidence: Economic Espionage Act of 1976: deals with business secret thefts. Electronic Communications Privacy Act of 1986: deals with the eavesdropping of electronic communications Computer Security Act of 1987 (Public Law 100-235): deals with security problems in government computer systems. Early in February 2002, the IETF released the RFC 3227 Guidelines for Evidence Collection and Archiving. The ITU released the draft Digital Evidence Act and Understanding Cybercrime: A Guide for Developing Countries in April 2009 and Understanding Cybercrime: Phenomena, challenges and legal response in September 2012. IETF The Information Security Technical Committee of the International Organization for Standardization (ISO) released the Guidelines for identification, collection, acquisition and preservation of digital evidence in October 2012 (ISO/IEC27037: 2012) China The Electronic Data Identification Rules for Public Security Authorities issued in 2005 explicitly require that the electronic data appraisers of the public security organs should fulfill and comply with the industry standards and obligations stipulated in inspection and appraisal procedures. The Measures on Registration and Administration of Public Security Agency Authentication Institutes (order No. 83 of Ministry of Public Security) issued in 2006 explicitly incorporates the technical standards compliance of authentication institutes into the annual appraisal of public security registration and administration departments. The General Rules on the Procedures for Judicial Authentication (order No. 107 of the Ministry of Justice) issued in 2007 poses detailed requirements on the adoption of technical standards by appraisers. International Organization for Standardization (ISO)
Page 13 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Status and Trend of Digital Forensics Status Situation Trend Status 1. China/Pakistan was a late adopter of computers and therefore relevant laws and regulations are insufficient. 2. Academic research on cybercrimes mainly focuses on its characteristics, preventive measures, and impact on people. Forensics technologies are no longer sufficient to combat cybercrimes or to protect network and information security. 3. China/Pakistan must independently develop computer forensic tools and software that can meet its specific requirements and comprehensively check computers and network systems. Trend 1. Integration of other theories and technologies (such as AI, machine learning, neural network, data mining, and information security technologies) into forensic technologies 2. Specialization and automation of forensic tools 3. Sufficient information reserved during network protocol design for potential forensic activities
Page 14 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Contents 1. Overview of Digital Forensics 2. Digital Forensic Process
Page 15 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Principles of Digital Forensics Integrity Principles Collect evidence as soon as possible and ensure it is not damaged. Explain changes in evidence from when it is initially collected to when it is officially presented. The entire examination and forensic process must be supervised. Search all files in the target system, comprehensively analyze them, and provide necessary expert testimony. During forensic examination, protect target computer systems to avoid any change, data damage, or virus infection.
Page 16 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Digital Forensic Process  According to the characteristics of digital evidence, it is essential to collect evidence as soon as possible during digital forensics to ensure that it has not been damaged. Digital forensics usually involves the following steps: Protect the scene Obtain evidence Preserve evidence Verify evidence Analyze evidence Trace Present evidence
Page 17 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Summary  Overview of Digital Forensics  Cybercrime  Overview of Digital Forensics  Digital Forensic Process
Page 18 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Thank You www.huawei.com

Recommended

HCSCA101 Basic Concepts of Information Security.pptx
HCSCA101 Basic Concepts of Information Security.pptxHCSCA101 Basic Concepts of Information Security.pptx
HCSCA101 Basic Concepts of Information Security.pptxJordanKinobe1
 
SHAILENDRA.ppt
SHAILENDRA.pptSHAILENDRA.ppt
SHAILENDRA.pptShailendraPandey96
 
Information Technology and IT act
Information Technology and IT actInformation Technology and IT act
Information Technology and IT actDivesh Mewara
 
IT-Presentation.pptx
IT-Presentation.pptxIT-Presentation.pptx
IT-Presentation.pptxRobertBhattarai
 
Digital Forensics Market, Size, Global Forecast 2023-2028
Digital Forensics Market, Size, Global Forecast 2023-2028Digital Forensics Market, Size, Global Forecast 2023-2028
Digital Forensics Market, Size, Global Forecast 2023-2028Renub Research
 
An insight view of digital forensics
An insight view of digital forensicsAn insight view of digital forensics
An insight view of digital forensicsijcsa
 
The Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesThe Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesGFI Software
 
Shailendra Pandey.ppt
Shailendra Pandey.pptShailendra Pandey.ppt
Shailendra Pandey.pptShailendraPandey96
 

Recommended

HCSCA101 Basic Concepts of Information Security.pptx
HCSCA101 Basic Concepts of Information Security.pptxHCSCA101 Basic Concepts of Information Security.pptx
HCSCA101 Basic Concepts of Information Security.pptxJordanKinobe1
 
SHAILENDRA.ppt
SHAILENDRA.pptSHAILENDRA.ppt
SHAILENDRA.pptShailendraPandey96
 
Information Technology and IT act
Information Technology and IT actInformation Technology and IT act
Information Technology and IT actDivesh Mewara
 
IT-Presentation.pptx
IT-Presentation.pptxIT-Presentation.pptx
IT-Presentation.pptxRobertBhattarai
 
Digital Forensics Market, Size, Global Forecast 2023-2028
Digital Forensics Market, Size, Global Forecast 2023-2028Digital Forensics Market, Size, Global Forecast 2023-2028
Digital Forensics Market, Size, Global Forecast 2023-2028Renub Research
 
An insight view of digital forensics
An insight view of digital forensicsAn insight view of digital forensics
An insight view of digital forensicsijcsa
 
The Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesThe Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesGFI Software
 
Shailendra Pandey.ppt
Shailendra Pandey.pptShailendra Pandey.ppt
Shailendra Pandey.pptShailendraPandey96
 
chapter 5.pptxggggggggggggggggggggggggggg
chapter 5.pptxgggggggggggggggggggggggggggchapter 5.pptxggggggggggggggggggggggggggg
chapter 5.pptxgggggggggggggggggggggggggggadabotor7
 
Cyber security
Cyber securityCyber security
Cyber securitySAKSHIMAHADIK
 
Cyber crime and forensic
Cyber crime and forensicCyber crime and forensic
Cyber crime and forensicSANTANU KUMAR DAS
 
identifies several types of devices on which digital evidence could be.docx
identifies several types of devices on which digital evidence could be.docxidentifies several types of devices on which digital evidence could be.docx
identifies several types of devices on which digital evidence could be.docxmckerliejonelle
 
Cybercrime_PPT.ppt
Cybercrime_PPT.pptCybercrime_PPT.ppt
Cybercrime_PPT.pptJiaJunWang17
 
Uganda lawsociety v2digitalforensics
Uganda lawsociety v2digitalforensicsUganda lawsociety v2digitalforensics
Uganda lawsociety v2digitalforensicsMustapha Mugisa
 
Ecommerce security
Ecommerce securityEcommerce security
Ecommerce securitypolitegcuf
 
Ethical, Legal and Social issues IoT
Ethical, Legal and Social issues IoTEthical, Legal and Social issues IoT
Ethical, Legal and Social issues IoTLuckeylama
 
106 Threat defense and information security development trends
106 Threat defense and information security development trends106 Threat defense and information security development trends
106 Threat defense and information security development trendsSsendiSamuel
 
Mis chapter 9
Mis chapter 9Mis chapter 9
Mis chapter 9Filmon Habtemichael Tesfai
 
ID-20305090 Fahim Montasir.pptx
ID-20305090 Fahim Montasir.pptxID-20305090 Fahim Montasir.pptx
ID-20305090 Fahim Montasir.pptxFahimMuntasir21
 
101 Basic concepts of information security
101 Basic concepts of information security101 Basic concepts of information security
101 Basic concepts of information securitySsendiSamuel
 
Unit 4 e security
Unit 4 e securityUnit 4 e security
Unit 4 e securityDr. C.V. Suresh Babu
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptxSonakshiMundra
 
Cyber crime paper
Cyber crime paperCyber crime paper
Cyber crime paperaymancoo
 
Chapter 8 securing information systems MIS
Chapter 8 securing information systems MISChapter 8 securing information systems MIS
Chapter 8 securing information systems MISAmirul Shafiq Ahmad Zuperi
 
A Wake-Up Call for IoT
A Wake-Up Call for IoT A Wake-Up Call for IoT
A Wake-Up Call for IoT Ahmed Banafa
 
Cyber fraud a threat to E commerce
Cyber fraud a threat to E commerceCyber fraud a threat to E commerce
Cyber fraud a threat to E commerceSudeshna07
 
CRI Retail Cyber Threats
CRI Retail Cyber ThreatsCRI Retail Cyber Threats
CRI Retail Cyber ThreatsOCTF Industry Engagement
 
Cyber Threat Overview for Euro IT counsel
Cyber Threat Overview for Euro IT counselCyber Threat Overview for Euro IT counsel
Cyber Threat Overview for Euro IT counselOCTF Industry Engagement
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 

More Related Content

Similar to L12. Digital Forensics BS.pptx

chapter 5.pptxggggggggggggggggggggggggggg
chapter 5.pptxgggggggggggggggggggggggggggchapter 5.pptxggggggggggggggggggggggggggg
chapter 5.pptxgggggggggggggggggggggggggggadabotor7
 
identifies several types of devices on which digital evidence could be.docx
identifies several types of devices on which digital evidence could be.docxidentifies several types of devices on which digital evidence could be.docx
identifies several types of devices on which digital evidence could be.docxmckerliejonelle
 
Cybercrime_PPT.ppt
Cybercrime_PPT.pptCybercrime_PPT.ppt
Cybercrime_PPT.pptJiaJunWang17
 
Uganda lawsociety v2digitalforensics
Uganda lawsociety v2digitalforensicsUganda lawsociety v2digitalforensics
Uganda lawsociety v2digitalforensicsMustapha Mugisa
 
Ecommerce security
Ecommerce securityEcommerce security
Ecommerce securitypolitegcuf
 
Ethical, Legal and Social issues IoT
Ethical, Legal and Social issues IoTEthical, Legal and Social issues IoT
Ethical, Legal and Social issues IoTLuckeylama
 
106 Threat defense and information security development trends
106 Threat defense and information security development trends106 Threat defense and information security development trends
106 Threat defense and information security development trendsSsendiSamuel
 
ID-20305090 Fahim Montasir.pptx
ID-20305090 Fahim Montasir.pptxID-20305090 Fahim Montasir.pptx
ID-20305090 Fahim Montasir.pptxFahimMuntasir21
 
101 Basic concepts of information security
101 Basic concepts of information security101 Basic concepts of information security
101 Basic concepts of information securitySsendiSamuel
 
Cyber crime paper
Cyber crime paperCyber crime paper
Cyber crime paperaymancoo
 
A Wake-Up Call for IoT
A Wake-Up Call for IoT A Wake-Up Call for IoT
A Wake-Up Call for IoT Ahmed Banafa
 
Cyber fraud a threat to E commerce
Cyber fraud a threat to E commerceCyber fraud a threat to E commerce
Cyber fraud a threat to E commerceSudeshna07
 

Similar to L12. Digital Forensics BS.pptx (20)

chapter 5.pptxggggggggggggggggggggggggggg
chapter 5.pptxgggggggggggggggggggggggggggchapter 5.pptxggggggggggggggggggggggggggg
chapter 5.pptxggggggggggggggggggggggggggg
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber crime and forensic
Cyber crime and forensicCyber crime and forensic
Cyber crime and forensic
 
identifies several types of devices on which digital evidence could be.docx
identifies several types of devices on which digital evidence could be.docxidentifies several types of devices on which digital evidence could be.docx
identifies several types of devices on which digital evidence could be.docx
 
Cybercrime_PPT.ppt
Cybercrime_PPT.pptCybercrime_PPT.ppt
Cybercrime_PPT.ppt
 
Uganda lawsociety v2digitalforensics
Uganda lawsociety v2digitalforensicsUganda lawsociety v2digitalforensics
Uganda lawsociety v2digitalforensics
 
Ecommerce security
Ecommerce securityEcommerce security
Ecommerce security
 
Ethical, Legal and Social issues IoT
Ethical, Legal and Social issues IoTEthical, Legal and Social issues IoT
Ethical, Legal and Social issues IoT
 
106 Threat defense and information security development trends
106 Threat defense and information security development trends106 Threat defense and information security development trends
106 Threat defense and information security development trends
 
Mis chapter 9
Mis chapter 9Mis chapter 9
Mis chapter 9
 
ID-20305090 Fahim Montasir.pptx
ID-20305090 Fahim Montasir.pptxID-20305090 Fahim Montasir.pptx
ID-20305090 Fahim Montasir.pptx
 
101 Basic concepts of information security
101 Basic concepts of information security101 Basic concepts of information security
101 Basic concepts of information security
 
Unit 4 e security
Unit 4 e securityUnit 4 e security
Unit 4 e security
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptx
 
Cyber crime paper
Cyber crime paperCyber crime paper
Cyber crime paper
 
Chapter 8 securing information systems MIS
Chapter 8 securing information systems MISChapter 8 securing information systems MIS
Chapter 8 securing information systems MIS
 
A Wake-Up Call for IoT
A Wake-Up Call for IoT A Wake-Up Call for IoT
A Wake-Up Call for IoT
 
Cyber fraud a threat to E commerce
Cyber fraud a threat to E commerceCyber fraud a threat to E commerce
Cyber fraud a threat to E commerce
 
CRI Retail Cyber Threats
CRI Retail Cyber ThreatsCRI Retail Cyber Threats
CRI Retail Cyber Threats
 
Cyber Threat Overview for Euro IT counsel
Cyber Threat Overview for Euro IT counselCyber Threat Overview for Euro IT counsel
Cyber Threat Overview for Euro IT counsel
 

Recently uploaded

Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 

Recently uploaded (20)

Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 

L12. Digital Forensics BS.pptx

  • 1. www.huawei.com Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Digital Forensics
  • 2. Page 1 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Foreword  Today, computers are used the world over. The pervasiveness of computers has led to an ever-increasing number of computer-related court cases, such as electronic commerce disputes and cybercrimes. In the process of judging or handling disputes and criminal cases, a new form of litigation evidence has emerged, namely, digital evidence. The characteristics that distinguish digital evidence and digital forensics from traditional physical evidence and forensic methods pose new research topics in the field of law and computer science.  This document describes the digital forensic process.
  • 3. Page 2 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Contents 1. Overview  Cybercrime  Overview of Digital Forensics 2. Digital Forensic Process
  • 4. Page 3 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Cybercrime  Definition:  In violation of legal regulations, a bad actor deliberately:  Invades a computer information system or compromises the functionality of the system and its related data and applications  Produces or disseminates computer viruses  Affects the normal operation of a system or causes detrimental effects  Cybercrimes usually take two forms:  Use of computers to store information related to criminal activities  Direct use of computers as a crime tool to launch criminal activities
  • 5. Page 4 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Characteristics of Cybercrimes  Over the past decade or so, the number of cybercrimes have risen year on year. Cybercrimes generally have the following characteristics: Professional means Complex and diverse motives Covert forms Transnational Huge potential damage Many members and lowering ages Characteristics of Cybercrimes
  • 6. Page 5 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Cybercrime Motives  The motives of cybercrime are complicated and diverse. Trick Revenge Profit Prestige Political action Motives Idle and dull people with some skills who want to access all interested websites People who want to prove their competence and win respect and recognition from their counterparts Suspended, dismissed, demoted, or unjustly treated people who take revenge to cause maximum impact People who are learning about computers and networks perform misoperations or accidentally discover a vulnerability that may affect data People who are employed to intrude into a target system to steal or tamper with information for huge financial gains Destruction, theft of intelligence, and information warfare Ignorance
  • 7. Page 6 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Forms of Cybercrime  Cybercrimes take various forms. Common forms are listed as follows: Trojan horse Hacker Backdoor DDoS Virus Worm Internal and external information leakage Cyber Crime Forms
  • 8. Page 7 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Contents 1. Overview  Cybercrime  Overview of Digital Forensics 2. Digital Forensic Process
  • 9. Page 8 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Overview of Digital Forensics  Digital evidence  Digital evidence is information stored or transmitted in binary form during the operation of a computer or computer system and is used in a court case.  Digital evidence is also known as electronic evidence and computer evidence. Digital evidence Text Graphs Images Animations Audios Videos
  • 10. Page 9 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Sources of Digital Evidence  Common digital evidence in judicial practices falls into three categories:  Digital evidence related to modern communications technologies  Digital evidence related to other modern information technologies, such as broadcasting, television, and film  Digital evidence related to computer technologies or network technologies Communications • Mobile phone audio records • Chat history • Digital data • Fax data • TV series • Video • Movie Broadcasting, television, and film • Database operation record • Browser cache • Network monitoring traffic • Operating system logs Computer and network
  • 11. Page 10 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Characteristics of Digital Evidence Digital evidence depends heavily on computer and storage technologies. Without high-tech equipment, digital evidence cannot be saved or transmitted. Digital evidence is not a single piece of data, images, or sound, but a combination of data, images, sounds, graphs, animations, and text. Digital evidence may be easily compromised during generation and transmission due to its dependence on electronic digital devices such as computers. This may damage or even prevent the use of the digital evidence. Attackers use hacker methods to invade computer systems and steal passwords in order to arbitrarily tamper with electronic data, making it difficult to validate evidence. Unlike traditional evidence, which can be directly seen, heard, or touched, digital evidence is stored in optical, electronic, or magnetic form on various types of electronic devices. Digital evidence can reflect a dynamic and continuous process that vividly reproduces the scene. Vulnerable and fragile Fabricated Characteristics of digital evidence
  • 12. Page 11 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Concept of Computer Forensics  Computer forensics is also known as digital forensics or electronic forensics.  Definition:  Computer forensics refers to the process of confirming, protecting, extracting, archiving, and presenting at a court digital evidence that exists in computers and related peripherals. This evidence must be reliable, persuasive, and acceptable by the court.
  • 13. Page 12 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Regulations and Standards for Digital Forensics US Since the release of the Federal Rules of Evidence in 1976, a number of laws have emerged in the US to address the problems brought by digital evidence: Economic Espionage Act of 1976: deals with business secret thefts. Electronic Communications Privacy Act of 1986: deals with the eavesdropping of electronic communications Computer Security Act of 1987 (Public Law 100-235): deals with security problems in government computer systems. Early in February 2002, the IETF released the RFC 3227 Guidelines for Evidence Collection and Archiving. The ITU released the draft Digital Evidence Act and Understanding Cybercrime: A Guide for Developing Countries in April 2009 and Understanding Cybercrime: Phenomena, challenges and legal response in September 2012. IETF The Information Security Technical Committee of the International Organization for Standardization (ISO) released the Guidelines for identification, collection, acquisition and preservation of digital evidence in October 2012 (ISO/IEC27037: 2012) China The Electronic Data Identification Rules for Public Security Authorities issued in 2005 explicitly require that the electronic data appraisers of the public security organs should fulfill and comply with the industry standards and obligations stipulated in inspection and appraisal procedures. The Measures on Registration and Administration of Public Security Agency Authentication Institutes (order No. 83 of Ministry of Public Security) issued in 2006 explicitly incorporates the technical standards compliance of authentication institutes into the annual appraisal of public security registration and administration departments. The General Rules on the Procedures for Judicial Authentication (order No. 107 of the Ministry of Justice) issued in 2007 poses detailed requirements on the adoption of technical standards by appraisers. International Organization for Standardization (ISO)
  • 14. Page 13 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Status and Trend of Digital Forensics Status Situation Trend Status 1. China/Pakistan was a late adopter of computers and therefore relevant laws and regulations are insufficient. 2. Academic research on cybercrimes mainly focuses on its characteristics, preventive measures, and impact on people. Forensics technologies are no longer sufficient to combat cybercrimes or to protect network and information security. 3. China/Pakistan must independently develop computer forensic tools and software that can meet its specific requirements and comprehensively check computers and network systems. Trend 1. Integration of other theories and technologies (such as AI, machine learning, neural network, data mining, and information security technologies) into forensic technologies 2. Specialization and automation of forensic tools 3. Sufficient information reserved during network protocol design for potential forensic activities
  • 15. Page 14 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Contents 1. Overview of Digital Forensics 2. Digital Forensic Process
  • 16. Page 15 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Principles of Digital Forensics Integrity Principles Collect evidence as soon as possible and ensure it is not damaged. Explain changes in evidence from when it is initially collected to when it is officially presented. The entire examination and forensic process must be supervised. Search all files in the target system, comprehensively analyze them, and provide necessary expert testimony. During forensic examination, protect target computer systems to avoid any change, data damage, or virus infection.
  • 17. Page 16 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Digital Forensic Process  According to the characteristics of digital evidence, it is essential to collect evidence as soon as possible during digital forensics to ensure that it has not been damaged. Digital forensics usually involves the following steps: Protect the scene Obtain evidence Preserve evidence Verify evidence Analyze evidence Trace Present evidence
  • 18. Page 17 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Summary  Overview of Digital Forensics  Cybercrime  Overview of Digital Forensics  Digital Forensic Process
  • 19. Page 18 Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Thank You www.huawei.com