Digital forensics


Published on

Published in: Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Digital forensics

  1. 1. Submitted by:- 1.Yash Sawarkar (82) 2.Kunal Kawale (83) 3.Rakshita Rao (84) DIGITAL FORENSICS
  2. 2. INTRODUCTION - Digital forensics is a branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime. -The technical aspect of an investigation is divided into several sub-branches, relating to the type of digital devices involved: computer forensics, network forensics,forensic data analysis and mobile device forensics. -The typical forensic process encompasses the seizure, forensic imaging and analysis of digital media and the production of a report into collected evidence.
  3. 3. NEED FOR DIGITAL FORENSICS •To ensure the integrity of computer system. •To focus on the response to hi-tech offenses, started to intervene the system. •computer forensics has been efficiently used to track down the terrorists from the various parts of the world. •To produce evidence in the court that can lead to the punishment of the actual.
  4. 4. oBegan to evolve more than 30 years ago in US when law enforcement and military investigators started seeing criminals get technical. oOver the next decades, and up to today, the field has exploded. Law enforcement and the military continue to have a large presence in the information security and computer forensic field at the local, state and national level. oNow a days, Software companies continue to produce newer and more robust forensic software programs. And law enforcement and the military continue to identify and train more and more of their personnel in the response to crimes involving technology. HISTORY
  5. 5. METHODOLOGY •Collection: which involves the evidence search, evidence recognition, evidence collection and documentation. •Examination: It involves revealing hidden and obscured information and the relevant documentation. •Analysis: this looks at at the product of the examination for its significance and probative value to the case. •Reporting: this entails writing a report outlining the examination process and pertinent data recovered from the overall investigation.
  6. 6. TYPES OF CYBER CRIME •HACKING. •The act of gaining unauthorized access to a computer system or network and in some cases making unauthorized use of this access. DENIAL OF SERVICE ATTACK. This is an act by the criminal, who floods the band width of the victim’s network or fills his e-mail box with spam mail depriving him of the services he is entitled to access or provide. SOFTWARE PIRACY. Theft of software through the iillegal copying of genuine programs or the counterfeiting and distribution of products intended to pass for the original
  7. 7. •PHISHING •It is technique of pulling out confidential information from the bank/financial institutional account holders by deceptive means. •SPOOFING •Getting one computer on a network to pretend to have the identity of another computer, usually one with special access privileges,so as to obtain access to the other computers on the network.
  8. 8. •KALI LINUX- Kali Linux is an open source project that is maintained and funded by Offensive Security •BACKTRACK 5R3 (Linux operating system)-This OS has many forensic tools to analyse any compromised system or find security holes in that a large amount of open source bundled packages are installed in this OS. •OPHCRACK-This tool use to crack the hashes which are generated by same files of windows ,this tools uses rainbow tables to crack the hashes. •. DIGITAL FORENSICS TOOLS
  9. 9. Live incident response-Collects all of the revelent data from the system that will be used to confirm whether that incident occurred. Live incident response include collecting volatile and non volatile data Volatile vs. Nonvolatile data- Some of the volatile data that should be collected includes system date and time, users currently logged on, the internal routing table, running processes, scheduled jobs, open files, and process memory dumps. TECHNIQUE
  10. 10. Live analysis- The examination of computers from within the operating system using custom forensics or existing tools to extract evidence
  11. 11. Image Forensic Using Exif- Exiftool is a Perl library and a command-line tool that can be used for reading and writing metadata in files RELATED WORK
  12. 12. Forensic Pdf analysis
  14. 14. -Programming or computer-related experience oBroad understanding of operating systems and applications oStrong analytical skills oStrong computer science fundamentals oStrong system administrative skills oKnowledge of the latest intruder tools oKnowledge of cryptography and steganography oStrong understanding of the rules of evidence and evidence handling SKILLS REQUIRED FOR FORENSIC APPLICATION
  15. 15. 1) Internet History Files 2) Temporary Internet Files 3) Slack/Unallocated Space 4) Buddy lists, personal chat room records, P2P, others saved areas 5) News groups/club lists/posting 6) Settings, folder structure, file names 7) File Storage Dates 8) Software/Hardware added 9) File Sharing ability TOP 10 LOCATION FOR EVIDENCE