SlideShare a Scribd company logo

Digital forensic science and its scope manesh t

Manesh T
Manesh T

This document provides an overview of digital forensics and network forensics. It discusses key topics such as the differences between digital forensics and computer security, common types of digital evidence like disk, memory, and mobile forensics, and the basic steps involved in a digital forensics investigation including identification, acquisition, authentication, analysis, and presentation. It also provides examples of tools used for different types of digital forensics examinations and summarizes the scope and career paths within the field of computer forensics.

1 of 42
Download to read offline
Presented By Manesh T Research Fellow UOC-Spain
Network Forensics-An Intro Introduction to Digital Forensics Agenda Classification & Terminologies Digital Crimes at a Glance Computer Security Vs. Forensics Steps in Digital Forensics Tools and Uses Research Contributions in Network Forensics Conclusions
Forensics Vs. Digital Forensics  Forensic science is the application of science to criminal and civil laws. Forensic Investigators collect, preserve, and analyze scientific evidence during the course of an investigation.  Digital Forensics is the collection, preservation, identification, extraction, interpretation and documentation of digital evidence which can be used in the court of law. - -Digital Forensics Sciences, -Computer Forensics 3
Digital Forensic Science (DFS) 4 The practice of scientifically derived and proven technical methods and tools toward the preservation, collection, validation, identification, analysis, interpretation, documentation and presentation of after-the-fact digital information derived from digital sources for the purpose of facilitating or furthering the reconstruction of events as forensic evidence
Computer Security Vs Digital Forensics Computer Security major’s job is to secure down systems and prevent hackers from gaining access Digital Forensics majors have the job of figuring out exactly what happened when the other failed. Security and forensics are so closely related that without one the other would be non-existent. 5
Classification & Terminologies Digital Forensics Disk Forensics Memory Forensics Mobile Forensics Intrusion Forensics Network Forensics Cloud /IoT Forensics Image Forensics Cyber Forensics 6
Terminologies Digital Forensic Sciences Computer Forensics Disk Forensics Memory Forensics Mobile Forensics Database Forensics Image Forensics Cyber Forensics Network Forensics IoT Forensics Web Forensics Cloud Forensics E mail Forensics7
What is Digital Crime?  Any crime where computer is a tool, target or both  Offences against computer data or systems  Unauthorized access, modification or impairment of a computer or digital system  Offences against the confidentiality, integrity and availability of computer data and systems  Conventional Crime Vs. Digital Crime  Examples of Digital Crime  Credit Card Fraud, Identity theft, Spam,DoS 8
What Forensics is not…… Pro-Active (Security) But reactive to an event or request About finding the bad guy/criminal But finding evidence of value Something you do for fun Expertise is needed Hacking Lawful Interception & Ethical Hacking 9
Offline Vs Online Forensics  Offline Forensics –Postmortem Forensics,  Performed on tampered or compromised digital objects or network environment  Online forensics- Live forensics  Performed during the malicious activity on digital artifacts or computer networks or in interconnected systems  Challenging  High speed packet capturing devices 10
Basic forensic methodology consists of:  Acquire the digital evidence without altering or damaging the original  Information stored or transmitted in binary forms, documents, images, voice and videos  Physical items or data objects( hard disk, CD, memory, computer etc.)  Admissible, Authentic, Complete, Reliable  Authenticate that your recovered evidence is the same as the originally seized data  Analyze the data without modifying it. 11
Disk Forensics 12 • Disk forensics is the science of extracting forensic information from hard disk images • The goal is to recover data from a disk image using a forensic analysis tool. • Encryption, file system Tools Used 1.Sleuth Kit 2.Autopsy Kit 3.Samdump
Disk Forensics-Autopsy 13
Memory Forensics 14 • Live Forensics • Capture the Memory • Analyze the Memory • Reconstruction of Memory State Tools Used 1.Memdump 2.Nigilant Kit 3.Memoryze
Mobile Forensics  Mobile forensics is a branch of digital forensics.  Simply, it is a science of recovering different kinds of evidence from mobile phones.  It helps investigators significantly to reach to the criminal. 15 - Contact numbers. - Record of calls, SMS, MMS and details about them. - Sounds. - Photographs. - Email messages. - Notes. - Calendar. Tools • EnCase Neutrino • Cell Dek Tech • Oxygen Forensics
Database Forensics  Prove or disprove the occurrence of a data security breach  Determine the scope of a database intrusion  Retrace user DML and DDL operations  Identify data pre- and post-transactions  Recover previously deleted database data 16 Tools • Logminer • Data Carve
Web Forensics Web application forensics (IIS, Tomcat, Wamp server) Post Mortem Investigation of compromised web application system  Traces web vulnerability attacks  Cross site scripting  SQL Injections  Session hijacking etc. 17 Tools • Encase • FTK •Splunk
Browser Forensics  People uses Web Browsers to search for information, shop online, banking, communicate through emails or instant messaging.  Losses due to crimes  Forensics Investigation to get browsing related data from computer  Tracing cache, history and cookies of browsers  Tools  AccessData FTK  Imager 3.1.3.2  Autopsy 3.0.6  Web browser Forensic Analyzer, Cache, History and Cookie viewers by Nirsoft 18
Cloud Forensics  Cloud Computing – A transformative Technology  it is easier to share data  Access the files by using a computer, a smartphone or a tablet device  Choose between free and commercial solutions  Digital Forensics in Cloud Storage Services  Tools  DiskPulse tool to track the disk usage  RegShot and RegFromApp to track the registry changes 19
Cloud Forensics -Continued Drobox Installation Folder 20
Cloud Forensics -Continued 21 Drobox Decryptor
IoT Forensics Connected, Headless, diverse and small Sources of evidence on IoT can be categorized into three groups:  All evidence collected from smart devices and sensors;  All evidence collected from hardware and software that provide a communication between smart devices and the external world (e.g., computers, mobile, IPS, IDS and firewalls),  All evidence collected from hardware and software that are outside the network under investigation. (ISP, MSP) 22
Image Forensics  Digital image forensics aims at restoring some of the lost trustworthiness of digital images and revolves around the following two fundamental questions o From where is the image come from? o Has the image been processed after acquisition? o The forensic analysis of digital images (or digital image forensics) then refers to the reconstruction of the generation process of a given digital image, where the main focus lies on inference about the image’s authenticity and origin. o Forensic face recognition in computer vision. 23
Cyber Forensics The unique process of identifying, preserving, analyzing and presenting digital evidence in a manner that is legally accepted.” Cyber crime means any criminal activity in which a computer or network is the source, tool or target or place of crime 24
Cyber Forensics 25
Steps in Digital Forensics • Search for Information about information we requireIdentification • Obtain Forensic Copies of all Digital evidencesAcquisition • Discriminating evidences based on integrityAuthentication • Logical interpretation of recovered data • Tentative evidences turn to actual evidencesAnalysis • Generate Forensic Report • Prosecution by Court of LawPresentation 26
Identification Phase Sub Phases Classify Digital Crime Information Harvesting Intelligence Gathering Data Inspection Functions Past/ Ongoing, Disk,Memroy, Cloud, Network forensics How?When?What?Who? Scene Audit, System Monitoring Encrypted, Steganography, Open 27
Acquisition Phase Sub Phases Pre acquisition process Acquisition Plan Post acquisition process Functions Implications, lawful interception, Custody Snapshot, online, offline, Log file, Memory, Network Packets, Disk Images Handle forensic data, seized evidences, conservation and transportation 28 Pro Discover Basic, EnCase
Authentication Phase Sub Phases Categorize Evidences Validate Evidences Discriminate Evidences Functions Persistent, Volatile Use Hashing of Images, other digital evidences for Integrity Admissible, Authentic, Complete, Reliable Best, Secondary, Direct Evidences 29
Forensic Analysis Phase Sub Phases Preparation Extraction (Physical) Extraction (Logical) Analysis (Time Line) Analysis (Data Hiding) Analysis of Application Reconstruct Files Functions Media, Type of Forensic analysis Filter, Packet header, File Carving, File system, File slack, Unallocated space Review Time, Date Stamps, Logs Correlate, Access to encrypted, protected assets Saved passwords, Emails, Cookies, attachments, History 30 Access Data Ultimate Toolkit
Presentation Phase Sub Phases Documentation, Expert Testimony Correlated Evidences, Impose Laws section Substantial Interpretations, Crime Report, Generate Digital Forensic Report Prosecution By Court 31
Scope of Computer Forensics 32
DFS-Tools Tool Platform License Description Magnet AXIOM Cross Platform Proprietary Complete Acquisition, analysis and presentation EnCase Windows Proprietary Multipurpose Forensic Tool SANS Investigative Forensics Toolkit - SIFT Ubuntu Proprietary Multi-purpose forensic operating system Digital Forensics Framework Cross Platform Proprietary Framework and user interfaces dedicated to Digital Forensics CANE Linux Linux Freeware Gnu/Linux computer forensics FTK Windows Proprietary Multipurpose Forensic Tool COFEE Windows Proprietary A suite of tools for Windows developed by Microsoft 33
Network Forensic –An Intro • Network forensics is the science that deals with capture, recording, and analysis of network traffic to retrace the content of the network session. 34
Computing Environment in My Research 35
Steps in Network Forensic Analysis 36 C • Collection & filtering R • Correlation Analysis L • Log file analysis S • Stream Reassembly A • Application layer viewer W • Workflow or case management
Paths to Careers in CF Certifications Associate Degree Bachelor Degree Post Grad Certificate Masters Doctorate 37
Job Functions CF Technician CF Investigator CF Analyst/Examiner (lab) CF Lab Director CF Scientist 38
Professional Opportunities Law Enforcement Private Sector Intelligence Community Military Academia 39
Conclusions • Basics of Digital Forensic Sciences, Classifications • Steps in Digital Forensics • Basics of Network Forensics, Steps • Forensic Tools • Research Challenges 40
Useful Links  Kerala Police- Kochi  http://kochicity.keralapolice.gov.in/  National Investigation Agency –NIA  http://www.nia.gov.in/  CBI  http://cbi.nic.in/  Cyberdome  http://cyberdome.kerala.gov.in/index.html  Cyber Cell  https://kerala.gov.in/cyber-cell  RCCF-CDAC  http://www.cyberforensics.in/?AspxAutoDe tectCookieSupport=1 41
Finish Thank you
Ad

Recommended

Digital forensics
Digital forensics Digital forensics
Digital forensics
vishnuv43
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidence
rakesh mishra
 
Forensic imaging
Forensic imagingForensic imaging
Forensic imaging
DINESH KAMBLE
 
First Responder Officer in Cyber Crime
First Responder Officer in Cyber CrimeFirst Responder Officer in Cyber Crime
First Responder Officer in Cyber Crime
Applied Forensic Research Sciences
 
Daubert and it’s implications
Daubert and it’s implicationsDaubert and it’s implications
Daubert and it’s implications
Mahipreet Kaur
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
Nikhil Mashruwala
 
Legal aspects of digital forensics
Legal aspects of digital forensics Legal aspects of digital forensics
Legal aspects of digital forensics
KakshaPatel3
 
Collecting and preserving digital evidence
Collecting and preserving digital evidenceCollecting and preserving digital evidence
Collecting and preserving digital evidence
Online
 
CHA & LBA Addressing
CHA & LBA Addressing CHA & LBA Addressing
CHA & LBA Addressing
DINESH KAMBLE
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic tools
Parsons Corporation
 
Lecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.pptLecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.ppt
Surajgroupsvideo
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
Somya Johri
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
Roberto Ellis
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensics
primeteacher32
 
Facial reconstruction
Facial reconstructionFacial reconstruction
Facial reconstruction
Anjali Awasthi
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
Oldsun
 
Linux forensics
Linux forensicsLinux forensics
Linux forensics
Santosh Khadsare
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkit
Milap Oza
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensics
anupriti
 
Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensics
Chaitanya Dhareshwar
 
Incident response process
Incident response processIncident response process
Incident response process
Bhupeshkumar Nanhe
 
Automated Fingerprint Identification System (AFIS)
Automated Fingerprint Identification System (AFIS)Automated Fingerprint Identification System (AFIS)
Automated Fingerprint Identification System (AFIS)
Alok Yadav
 
Windowsforensics
WindowsforensicsWindowsforensics
Windowsforensics
Santosh Khadsare
 
E-mail Investigation
E-mail InvestigationE-mail Investigation
E-mail Investigation
edwardbel
 
crime scene.pptx
crime scene.pptxcrime scene.pptx
crime scene.pptx
kiran yadav
 
Search & Seizure of Electronic Evidence by Pelorus Technologies
Search & Seizure of Electronic Evidence by Pelorus TechnologiesSearch & Seizure of Electronic Evidence by Pelorus Technologies
Search & Seizure of Electronic Evidence by Pelorus Technologies
urjarathi
 
Preserving and recovering digital evidence
Preserving and recovering digital evidencePreserving and recovering digital evidence
Preserving and recovering digital evidence
Online
 
Module 02 ftk imager
Module 02 ftk imagerModule 02 ftk imager
Module 02 ftk imager
ParminderKaurBScHons
 
Digital forensics Steps
Digital forensics StepsDigital forensics Steps
Digital forensics Steps
gamemaker762
 
Introduction to Forensic Research Digital Forensics
Introduction to Forensic Research Digital ForensicsIntroduction to Forensic Research Digital Forensics
Introduction to Forensic Research Digital Forensics
SaanviMisar
 
Ad

More Related Content

What's hot (20)

CHA & LBA Addressing
CHA & LBA Addressing CHA & LBA Addressing
CHA & LBA Addressing
DINESH KAMBLE
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic tools
Parsons Corporation
 
Lecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.pptLecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.ppt
Surajgroupsvideo
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
Somya Johri
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
Roberto Ellis
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensics
primeteacher32
 
Facial reconstruction
Facial reconstructionFacial reconstruction
Facial reconstruction
Anjali Awasthi
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
Oldsun
 
Linux forensics
Linux forensicsLinux forensics
Linux forensics
Santosh Khadsare
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkit
Milap Oza
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensics
anupriti
 
Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensics
Chaitanya Dhareshwar
 
Incident response process
Incident response processIncident response process
Incident response process
Bhupeshkumar Nanhe
 
Automated Fingerprint Identification System (AFIS)
Automated Fingerprint Identification System (AFIS)Automated Fingerprint Identification System (AFIS)
Automated Fingerprint Identification System (AFIS)
Alok Yadav
 
Windowsforensics
WindowsforensicsWindowsforensics
Windowsforensics
Santosh Khadsare
 
E-mail Investigation
E-mail InvestigationE-mail Investigation
E-mail Investigation
edwardbel
 
crime scene.pptx
crime scene.pptxcrime scene.pptx
crime scene.pptx
kiran yadav
 
Search & Seizure of Electronic Evidence by Pelorus Technologies
Search & Seizure of Electronic Evidence by Pelorus TechnologiesSearch & Seizure of Electronic Evidence by Pelorus Technologies
Search & Seizure of Electronic Evidence by Pelorus Technologies
urjarathi
 
Preserving and recovering digital evidence
Preserving and recovering digital evidencePreserving and recovering digital evidence
Preserving and recovering digital evidence
Online
 
Module 02 ftk imager
Module 02 ftk imagerModule 02 ftk imager
Module 02 ftk imager
ParminderKaurBScHons
 
CHA & LBA Addressing
CHA & LBA Addressing CHA & LBA Addressing
CHA & LBA Addressing
DINESH KAMBLE
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic tools
Parsons Corporation
 
Lecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.pptLecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.ppt
Surajgroupsvideo
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
Somya Johri
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
Roberto Ellis
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensics
primeteacher32
 
Facial reconstruction
Facial reconstructionFacial reconstruction
Facial reconstruction
Anjali Awasthi
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
Oldsun
 
Linux forensics
Linux forensicsLinux forensics
Linux forensics
Santosh Khadsare
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkit
Milap Oza
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensics
anupriti
 
Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensics
Chaitanya Dhareshwar
 
Incident response process
Incident response processIncident response process
Incident response process
Bhupeshkumar Nanhe
 
Automated Fingerprint Identification System (AFIS)
Automated Fingerprint Identification System (AFIS)Automated Fingerprint Identification System (AFIS)
Automated Fingerprint Identification System (AFIS)
Alok Yadav
 
Windowsforensics
WindowsforensicsWindowsforensics
Windowsforensics
Santosh Khadsare
 
E-mail Investigation
E-mail InvestigationE-mail Investigation
E-mail Investigation
edwardbel
 
crime scene.pptx
crime scene.pptxcrime scene.pptx
crime scene.pptx
kiran yadav
 
Search & Seizure of Electronic Evidence by Pelorus Technologies
Search & Seizure of Electronic Evidence by Pelorus TechnologiesSearch & Seizure of Electronic Evidence by Pelorus Technologies
Search & Seizure of Electronic Evidence by Pelorus Technologies
urjarathi
 
Preserving and recovering digital evidence
Preserving and recovering digital evidencePreserving and recovering digital evidence
Preserving and recovering digital evidence
Online
 
Module 02 ftk imager
Module 02 ftk imagerModule 02 ftk imager
Module 02 ftk imager
ParminderKaurBScHons
 

Similar to Digital forensic science and its scope manesh t (20)

Digital forensics Steps
Digital forensics StepsDigital forensics Steps
Digital forensics Steps
gamemaker762
 
Introduction to Forensic Research Digital Forensics
Introduction to Forensic Research Digital ForensicsIntroduction to Forensic Research Digital Forensics
Introduction to Forensic Research Digital Forensics
SaanviMisar
 
3170725_Unit-1.pptx
3170725_Unit-1.pptx3170725_Unit-1.pptx
3170725_Unit-1.pptx
BhagyasriPatel2
 
3170725_Unit-1.pptx
3170725_Unit-1.pptx3170725_Unit-1.pptx
3170725_Unit-1.pptx
YashPatel132112
 
What is Digital Forensics.docx
What is Digital Forensics.docxWhat is Digital Forensics.docx
What is Digital Forensics.docx
AliAshraf68199
 
computerforensicppt-160201192341.pdf
computerforensicppt-160201192341.pdfcomputerforensicppt-160201192341.pdf
computerforensicppt-160201192341.pdf
Gnanavi2
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
Priya Manik
 
Cyber Forensics|Digital Forensics|Cyber Crime-2023
Cyber Forensics|Digital Forensics|Cyber Crime-2023Cyber Forensics|Digital Forensics|Cyber Crime-2023
Cyber Forensics|Digital Forensics|Cyber Crime-2023
Cyber Security Experts
 
ppt on computer forensic concept and types
ppt on computer forensic concept and typesppt on computer forensic concept and types
ppt on computer forensic concept and types
s48ourabh
 
IT forensic
IT forensicIT forensic
IT forensic
Rupesh Verma
 
An introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsAn introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensics
Zyxware Technologies
 
digital forensics-9 of cyber security.pdf
digital forensics-9 of cyber security.pdfdigital forensics-9 of cyber security.pdf
digital forensics-9 of cyber security.pdf
AdyakantaSahoo
 
Digital forensic
Digital forensicDigital forensic
Digital forensic
Chandan Sah
 
Digital Forensic
Digital ForensicDigital Forensic
Digital Forensic
Cleverence Kombe
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
Shashi Mishra
 
Secure Computer Forensics and its tools
Secure Computer Forensics and its toolsSecure Computer Forensics and its tools
Secure Computer Forensics and its tools
Kathirvel Ayyaswamy
 
digitalforensicpptlatest28-230522192202-1d9b832e (1).pptx
digitalforensicpptlatest28-230522192202-1d9b832e (1).pptxdigitalforensicpptlatest28-230522192202-1d9b832e (1).pptx
digitalforensicpptlatest28-230522192202-1d9b832e (1).pptx
MoshoodKareemOlawale
 
Business Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicBusiness Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer Forensic
Dhiren Gala
 
The Scope of Cyber Forensic.pptx
The Scope of Cyber Forensic.pptxThe Scope of Cyber Forensic.pptx
The Scope of Cyber Forensic.pptx
Applied Forensic Research Sciences
 
Scope of Cyber forensics
Scope of Cyber forensicsScope of Cyber forensics
Scope of Cyber forensics
Applied Forensic Research Sciences
 
Digital forensics Steps
Digital forensics StepsDigital forensics Steps
Digital forensics Steps
gamemaker762
 
Introduction to Forensic Research Digital Forensics
Introduction to Forensic Research Digital ForensicsIntroduction to Forensic Research Digital Forensics
Introduction to Forensic Research Digital Forensics
SaanviMisar
 
3170725_Unit-1.pptx
3170725_Unit-1.pptx3170725_Unit-1.pptx
3170725_Unit-1.pptx
BhagyasriPatel2
 
3170725_Unit-1.pptx
3170725_Unit-1.pptx3170725_Unit-1.pptx
3170725_Unit-1.pptx
YashPatel132112
 
What is Digital Forensics.docx
What is Digital Forensics.docxWhat is Digital Forensics.docx
What is Digital Forensics.docx
AliAshraf68199
 
computerforensicppt-160201192341.pdf
computerforensicppt-160201192341.pdfcomputerforensicppt-160201192341.pdf
computerforensicppt-160201192341.pdf
Gnanavi2
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
Priya Manik
 
Cyber Forensics|Digital Forensics|Cyber Crime-2023
Cyber Forensics|Digital Forensics|Cyber Crime-2023Cyber Forensics|Digital Forensics|Cyber Crime-2023
Cyber Forensics|Digital Forensics|Cyber Crime-2023
Cyber Security Experts
 
ppt on computer forensic concept and types
ppt on computer forensic concept and typesppt on computer forensic concept and types
ppt on computer forensic concept and types
s48ourabh
 
IT forensic
IT forensicIT forensic
IT forensic
Rupesh Verma
 
An introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsAn introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensics
Zyxware Technologies
 
digital forensics-9 of cyber security.pdf
digital forensics-9 of cyber security.pdfdigital forensics-9 of cyber security.pdf
digital forensics-9 of cyber security.pdf
AdyakantaSahoo
 
Digital forensic
Digital forensicDigital forensic
Digital forensic
Chandan Sah
 
Digital Forensic
Digital ForensicDigital Forensic
Digital Forensic
Cleverence Kombe
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
Shashi Mishra
 
Secure Computer Forensics and its tools
Secure Computer Forensics and its toolsSecure Computer Forensics and its tools
Secure Computer Forensics and its tools
Kathirvel Ayyaswamy
 
digitalforensicpptlatest28-230522192202-1d9b832e (1).pptx
digitalforensicpptlatest28-230522192202-1d9b832e (1).pptxdigitalforensicpptlatest28-230522192202-1d9b832e (1).pptx
digitalforensicpptlatest28-230522192202-1d9b832e (1).pptx
MoshoodKareemOlawale
 
Business Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicBusiness Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer Forensic
Dhiren Gala
 
The Scope of Cyber Forensic.pptx
The Scope of Cyber Forensic.pptxThe Scope of Cyber Forensic.pptx
The Scope of Cyber Forensic.pptx
Applied Forensic Research Sciences
 
Scope of Cyber forensics
Scope of Cyber forensicsScope of Cyber forensics
Scope of Cyber forensics
Applied Forensic Research Sciences
 
Ad

Recently uploaded (20)

Viam product demo_ Deploying and scaling AI with hardware.pdf
Viam product demo_ Deploying and scaling AI with hardware.pdfViam product demo_ Deploying and scaling AI with hardware.pdf
Viam product demo_ Deploying and scaling AI with hardware.pdf
camilalamoratta
 
Dark Dynamism: drones, dark factories and deurbanization
Dark Dynamism: drones, dark factories and deurbanizationDark Dynamism: drones, dark factories and deurbanization
Dark Dynamism: drones, dark factories and deurbanization
Jakub Šimek
 
Reimagine How You and Your Team Work with Microsoft 365 Copilot.pptx
Reimagine How You and Your Team Work with Microsoft 365 Copilot.pptxReimagine How You and Your Team Work with Microsoft 365 Copilot.pptx
Reimagine How You and Your Team Work with Microsoft 365 Copilot.pptx
John Moore
 
Config 2025 presentation recap covering both days
Config 2025 presentation recap covering both daysConfig 2025 presentation recap covering both days
Config 2025 presentation recap covering both days
TrishAntoni1
 
Building the Customer Identity Community, Together.pdf
Building the Customer Identity Community, Together.pdfBuilding the Customer Identity Community, Together.pdf
Building the Customer Identity Community, Together.pdf
Cheryl Hung
 
AI Agents at Work: UiPath, Maestro & the Future of Documents
AI Agents at Work: UiPath, Maestro & the Future of DocumentsAI Agents at Work: UiPath, Maestro & the Future of Documents
AI Agents at Work: UiPath, Maestro & the Future of Documents
UiPathCommunity
 
Q1 2025 Dropbox Earnings and Investor Presentation
Q1 2025 Dropbox Earnings and Investor PresentationQ1 2025 Dropbox Earnings and Investor Presentation
Q1 2025 Dropbox Earnings and Investor Presentation
Dropbox
 
Limecraft Webinar - 2025.3 release, featuring Content Delivery, Graphic Conte...
Limecraft Webinar - 2025.3 release, featuring Content Delivery, Graphic Conte...Limecraft Webinar - 2025.3 release, featuring Content Delivery, Graphic Conte...
Limecraft Webinar - 2025.3 release, featuring Content Delivery, Graphic Conte...
Maarten Verwaest
 
Developing System Infrastructure Design Plan.pptx
Developing System Infrastructure Design Plan.pptxDeveloping System Infrastructure Design Plan.pptx
Developing System Infrastructure Design Plan.pptx
wondimagegndesta
 
Slack like a pro: strategies for 10x engineering teams
Slack like a pro: strategies for 10x engineering teamsSlack like a pro: strategies for 10x engineering teams
Slack like a pro: strategies for 10x engineering teams
Nacho Cougil
 
Enterprise Integration Is Dead! Long Live AI-Driven Integration with Apache C...
Enterprise Integration Is Dead! Long Live AI-Driven Integration with Apache C...Enterprise Integration Is Dead! Long Live AI-Driven Integration with Apache C...
Enterprise Integration Is Dead! Long Live AI-Driven Integration with Apache C...
Markus Eisele
 
AI-proof your career by Olivier Vroom and David WIlliamson
AI-proof your career by Olivier Vroom and David WIlliamsonAI-proof your career by Olivier Vroom and David WIlliamson
AI-proof your career by Olivier Vroom and David WIlliamson
UXPA Boston
 
IT488 Wireless Sensor Networks_Information Technology
IT488 Wireless Sensor Networks_Information TechnologyIT488 Wireless Sensor Networks_Information Technology
IT488 Wireless Sensor Networks_Information Technology
SHEHABALYAMANI
 
Com fer un pla de gestió de dades amb l'eiNa DMP (en anglès)
Com fer un pla de gestió de dades amb l'eiNa DMP (en anglès)Com fer un pla de gestió de dades amb l'eiNa DMP (en anglès)
Com fer un pla de gestió de dades amb l'eiNa DMP (en anglès)
CSUC - Consorci de Serveis Universitaris de Catalunya
 
Shoehorning dependency injection into a FP language, what does it take?
Shoehorning dependency injection into a FP language, what does it take?Shoehorning dependency injection into a FP language, what does it take?
Shoehorning dependency injection into a FP language, what does it take?
Eric Torreborre
 
Bepents tech services - a premier cybersecurity consulting firm
Bepents tech services - a premier cybersecurity consulting firmBepents tech services - a premier cybersecurity consulting firm
Bepents tech services - a premier cybersecurity consulting firm
Benard76
 
Agentic Automation - Delhi UiPath Community Meetup
Agentic Automation - Delhi UiPath Community MeetupAgentic Automation - Delhi UiPath Community Meetup
Agentic Automation - Delhi UiPath Community Meetup
Manoj Batra (1600 + Connections)
 
How to Install & Activate ListGrabber - eGrabber
How to Install & Activate ListGrabber - eGrabberHow to Install & Activate ListGrabber - eGrabber
How to Install & Activate ListGrabber - eGrabber
eGrabber
 
Crazy Incentives and How They Kill Security. How Do You Turn the Wheel?
Crazy Incentives and How They Kill Security. How Do You Turn the Wheel?Crazy Incentives and How They Kill Security. How Do You Turn the Wheel?
Crazy Incentives and How They Kill Security. How Do You Turn the Wheel?
Christian Folini
 
Unlocking Generative AI in your Web Apps
Unlocking Generative AI in your Web AppsUnlocking Generative AI in your Web Apps
Unlocking Generative AI in your Web Apps
Maximiliano Firtman
 
Viam product demo_ Deploying and scaling AI with hardware.pdf
Viam product demo_ Deploying and scaling AI with hardware.pdfViam product demo_ Deploying and scaling AI with hardware.pdf
Viam product demo_ Deploying and scaling AI with hardware.pdf
camilalamoratta
 
Dark Dynamism: drones, dark factories and deurbanization
Dark Dynamism: drones, dark factories and deurbanizationDark Dynamism: drones, dark factories and deurbanization
Dark Dynamism: drones, dark factories and deurbanization
Jakub Šimek
 
Reimagine How You and Your Team Work with Microsoft 365 Copilot.pptx
Reimagine How You and Your Team Work with Microsoft 365 Copilot.pptxReimagine How You and Your Team Work with Microsoft 365 Copilot.pptx
Reimagine How You and Your Team Work with Microsoft 365 Copilot.pptx
John Moore
 
Config 2025 presentation recap covering both days
Config 2025 presentation recap covering both daysConfig 2025 presentation recap covering both days
Config 2025 presentation recap covering both days
TrishAntoni1
 
Building the Customer Identity Community, Together.pdf
Building the Customer Identity Community, Together.pdfBuilding the Customer Identity Community, Together.pdf
Building the Customer Identity Community, Together.pdf
Cheryl Hung
 
AI Agents at Work: UiPath, Maestro & the Future of Documents
AI Agents at Work: UiPath, Maestro & the Future of DocumentsAI Agents at Work: UiPath, Maestro & the Future of Documents
AI Agents at Work: UiPath, Maestro & the Future of Documents
UiPathCommunity
 
Q1 2025 Dropbox Earnings and Investor Presentation
Q1 2025 Dropbox Earnings and Investor PresentationQ1 2025 Dropbox Earnings and Investor Presentation
Q1 2025 Dropbox Earnings and Investor Presentation
Dropbox
 
Limecraft Webinar - 2025.3 release, featuring Content Delivery, Graphic Conte...
Limecraft Webinar - 2025.3 release, featuring Content Delivery, Graphic Conte...Limecraft Webinar - 2025.3 release, featuring Content Delivery, Graphic Conte...
Limecraft Webinar - 2025.3 release, featuring Content Delivery, Graphic Conte...
Maarten Verwaest
 
Developing System Infrastructure Design Plan.pptx
Developing System Infrastructure Design Plan.pptxDeveloping System Infrastructure Design Plan.pptx
Developing System Infrastructure Design Plan.pptx
wondimagegndesta
 
Slack like a pro: strategies for 10x engineering teams
Slack like a pro: strategies for 10x engineering teamsSlack like a pro: strategies for 10x engineering teams
Slack like a pro: strategies for 10x engineering teams
Nacho Cougil
 
Enterprise Integration Is Dead! Long Live AI-Driven Integration with Apache C...
Enterprise Integration Is Dead! Long Live AI-Driven Integration with Apache C...Enterprise Integration Is Dead! Long Live AI-Driven Integration with Apache C...
Enterprise Integration Is Dead! Long Live AI-Driven Integration with Apache C...
Markus Eisele
 
AI-proof your career by Olivier Vroom and David WIlliamson
AI-proof your career by Olivier Vroom and David WIlliamsonAI-proof your career by Olivier Vroom and David WIlliamson
AI-proof your career by Olivier Vroom and David WIlliamson
UXPA Boston
 
IT488 Wireless Sensor Networks_Information Technology
IT488 Wireless Sensor Networks_Information TechnologyIT488 Wireless Sensor Networks_Information Technology
IT488 Wireless Sensor Networks_Information Technology
SHEHABALYAMANI
 
Com fer un pla de gestió de dades amb l'eiNa DMP (en anglès)
Com fer un pla de gestió de dades amb l'eiNa DMP (en anglès)Com fer un pla de gestió de dades amb l'eiNa DMP (en anglès)
Com fer un pla de gestió de dades amb l'eiNa DMP (en anglès)
CSUC - Consorci de Serveis Universitaris de Catalunya
 
Shoehorning dependency injection into a FP language, what does it take?
Shoehorning dependency injection into a FP language, what does it take?Shoehorning dependency injection into a FP language, what does it take?
Shoehorning dependency injection into a FP language, what does it take?
Eric Torreborre
 
Bepents tech services - a premier cybersecurity consulting firm
Bepents tech services - a premier cybersecurity consulting firmBepents tech services - a premier cybersecurity consulting firm
Bepents tech services - a premier cybersecurity consulting firm
Benard76
 
Agentic Automation - Delhi UiPath Community Meetup
Agentic Automation - Delhi UiPath Community MeetupAgentic Automation - Delhi UiPath Community Meetup
Agentic Automation - Delhi UiPath Community Meetup
Manoj Batra (1600 + Connections)
 
How to Install & Activate ListGrabber - eGrabber
How to Install & Activate ListGrabber - eGrabberHow to Install & Activate ListGrabber - eGrabber
How to Install & Activate ListGrabber - eGrabber
eGrabber
 
Crazy Incentives and How They Kill Security. How Do You Turn the Wheel?
Crazy Incentives and How They Kill Security. How Do You Turn the Wheel?Crazy Incentives and How They Kill Security. How Do You Turn the Wheel?
Crazy Incentives and How They Kill Security. How Do You Turn the Wheel?
Christian Folini
 
Unlocking Generative AI in your Web Apps
Unlocking Generative AI in your Web AppsUnlocking Generative AI in your Web Apps
Unlocking Generative AI in your Web Apps
Maximiliano Firtman
 
Ad

Digital forensic science and its scope manesh t

  • 2. Network Forensics-An Intro Introduction to Digital Forensics Agenda Classification & Terminologies Digital Crimes at a Glance Computer Security Vs. Forensics Steps in Digital Forensics Tools and Uses Research Contributions in Network Forensics Conclusions
  • 3. Forensics Vs. Digital Forensics  Forensic science is the application of science to criminal and civil laws. Forensic Investigators collect, preserve, and analyze scientific evidence during the course of an investigation.  Digital Forensics is the collection, preservation, identification, extraction, interpretation and documentation of digital evidence which can be used in the court of law. - -Digital Forensics Sciences, -Computer Forensics 3
  • 4. Digital Forensic Science (DFS) 4 The practice of scientifically derived and proven technical methods and tools toward the preservation, collection, validation, identification, analysis, interpretation, documentation and presentation of after-the-fact digital information derived from digital sources for the purpose of facilitating or furthering the reconstruction of events as forensic evidence
  • 5. Computer Security Vs Digital Forensics Computer Security major’s job is to secure down systems and prevent hackers from gaining access Digital Forensics majors have the job of figuring out exactly what happened when the other failed. Security and forensics are so closely related that without one the other would be non-existent. 5
  • 8. What is Digital Crime?  Any crime where computer is a tool, target or both  Offences against computer data or systems  Unauthorized access, modification or impairment of a computer or digital system  Offences against the confidentiality, integrity and availability of computer data and systems  Conventional Crime Vs. Digital Crime  Examples of Digital Crime  Credit Card Fraud, Identity theft, Spam,DoS 8
  • 9. What Forensics is not…… Pro-Active (Security) But reactive to an event or request About finding the bad guy/criminal But finding evidence of value Something you do for fun Expertise is needed Hacking Lawful Interception & Ethical Hacking 9
  • 10. Offline Vs Online Forensics  Offline Forensics –Postmortem Forensics,  Performed on tampered or compromised digital objects or network environment  Online forensics- Live forensics  Performed during the malicious activity on digital artifacts or computer networks or in interconnected systems  Challenging  High speed packet capturing devices 10
  • 11. Basic forensic methodology consists of:  Acquire the digital evidence without altering or damaging the original  Information stored or transmitted in binary forms, documents, images, voice and videos  Physical items or data objects( hard disk, CD, memory, computer etc.)  Admissible, Authentic, Complete, Reliable  Authenticate that your recovered evidence is the same as the originally seized data  Analyze the data without modifying it. 11
  • 12. Disk Forensics 12 • Disk forensics is the science of extracting forensic information from hard disk images • The goal is to recover data from a disk image using a forensic analysis tool. • Encryption, file system Tools Used 1.Sleuth Kit 2.Autopsy Kit 3.Samdump
  • 14. Memory Forensics 14 • Live Forensics • Capture the Memory • Analyze the Memory • Reconstruction of Memory State Tools Used 1.Memdump 2.Nigilant Kit 3.Memoryze
  • 15. Mobile Forensics  Mobile forensics is a branch of digital forensics.  Simply, it is a science of recovering different kinds of evidence from mobile phones.  It helps investigators significantly to reach to the criminal. 15 - Contact numbers. - Record of calls, SMS, MMS and details about them. - Sounds. - Photographs. - Email messages. - Notes. - Calendar. Tools • EnCase Neutrino • Cell Dek Tech • Oxygen Forensics
  • 16. Database Forensics  Prove or disprove the occurrence of a data security breach  Determine the scope of a database intrusion  Retrace user DML and DDL operations  Identify data pre- and post-transactions  Recover previously deleted database data 16 Tools • Logminer • Data Carve
  • 17. Web Forensics Web application forensics (IIS, Tomcat, Wamp server) Post Mortem Investigation of compromised web application system  Traces web vulnerability attacks  Cross site scripting  SQL Injections  Session hijacking etc. 17 Tools • Encase • FTK •Splunk
  • 18. Browser Forensics  People uses Web Browsers to search for information, shop online, banking, communicate through emails or instant messaging.  Losses due to crimes  Forensics Investigation to get browsing related data from computer  Tracing cache, history and cookies of browsers  Tools  AccessData FTK  Imager 3.1.3.2  Autopsy 3.0.6  Web browser Forensic Analyzer, Cache, History and Cookie viewers by Nirsoft 18
  • 19. Cloud Forensics  Cloud Computing – A transformative Technology  it is easier to share data  Access the files by using a computer, a smartphone or a tablet device  Choose between free and commercial solutions  Digital Forensics in Cloud Storage Services  Tools  DiskPulse tool to track the disk usage  RegShot and RegFromApp to track the registry changes 19
  • 20. Cloud Forensics -Continued Drobox Installation Folder 20
  • 22. IoT Forensics Connected, Headless, diverse and small Sources of evidence on IoT can be categorized into three groups:  All evidence collected from smart devices and sensors;  All evidence collected from hardware and software that provide a communication between smart devices and the external world (e.g., computers, mobile, IPS, IDS and firewalls),  All evidence collected from hardware and software that are outside the network under investigation. (ISP, MSP) 22
  • 23. Image Forensics  Digital image forensics aims at restoring some of the lost trustworthiness of digital images and revolves around the following two fundamental questions o From where is the image come from? o Has the image been processed after acquisition? o The forensic analysis of digital images (or digital image forensics) then refers to the reconstruction of the generation process of a given digital image, where the main focus lies on inference about the image’s authenticity and origin. o Forensic face recognition in computer vision. 23
  • 24. Cyber Forensics The unique process of identifying, preserving, analyzing and presenting digital evidence in a manner that is legally accepted.” Cyber crime means any criminal activity in which a computer or network is the source, tool or target or place of crime 24
  • 26. Steps in Digital Forensics • Search for Information about information we requireIdentification • Obtain Forensic Copies of all Digital evidencesAcquisition • Discriminating evidences based on integrityAuthentication • Logical interpretation of recovered data • Tentative evidences turn to actual evidencesAnalysis • Generate Forensic Report • Prosecution by Court of LawPresentation 26
  • 27. Identification Phase Sub Phases Classify Digital Crime Information Harvesting Intelligence Gathering Data Inspection Functions Past/ Ongoing, Disk,Memroy, Cloud, Network forensics How?When?What?Who? Scene Audit, System Monitoring Encrypted, Steganography, Open 27
  • 28. Acquisition Phase Sub Phases Pre acquisition process Acquisition Plan Post acquisition process Functions Implications, lawful interception, Custody Snapshot, online, offline, Log file, Memory, Network Packets, Disk Images Handle forensic data, seized evidences, conservation and transportation 28 Pro Discover Basic, EnCase
  • 29. Authentication Phase Sub Phases Categorize Evidences Validate Evidences Discriminate Evidences Functions Persistent, Volatile Use Hashing of Images, other digital evidences for Integrity Admissible, Authentic, Complete, Reliable Best, Secondary, Direct Evidences 29
  • 30. Forensic Analysis Phase Sub Phases Preparation Extraction (Physical) Extraction (Logical) Analysis (Time Line) Analysis (Data Hiding) Analysis of Application Reconstruct Files Functions Media, Type of Forensic analysis Filter, Packet header, File Carving, File system, File slack, Unallocated space Review Time, Date Stamps, Logs Correlate, Access to encrypted, protected assets Saved passwords, Emails, Cookies, attachments, History 30 Access Data Ultimate Toolkit
  • 31. Presentation Phase Sub Phases Documentation, Expert Testimony Correlated Evidences, Impose Laws section Substantial Interpretations, Crime Report, Generate Digital Forensic Report Prosecution By Court 31
  • 32. Scope of Computer Forensics 32
  • 33. DFS-Tools Tool Platform License Description Magnet AXIOM Cross Platform Proprietary Complete Acquisition, analysis and presentation EnCase Windows Proprietary Multipurpose Forensic Tool SANS Investigative Forensics Toolkit - SIFT Ubuntu Proprietary Multi-purpose forensic operating system Digital Forensics Framework Cross Platform Proprietary Framework and user interfaces dedicated to Digital Forensics CANE Linux Linux Freeware Gnu/Linux computer forensics FTK Windows Proprietary Multipurpose Forensic Tool COFEE Windows Proprietary A suite of tools for Windows developed by Microsoft 33
  • 34. Network Forensic –An Intro • Network forensics is the science that deals with capture, recording, and analysis of network traffic to retrace the content of the network session. 34
  • 35. Computing Environment in My Research 35
  • 36. Steps in Network Forensic Analysis 36 C • Collection & filtering R • Correlation Analysis L • Log file analysis S • Stream Reassembly A • Application layer viewer W • Workflow or case management
  • 37. Paths to Careers in CF Certifications Associate Degree Bachelor Degree Post Grad Certificate Masters Doctorate 37
  • 38. Job Functions CF Technician CF Investigator CF Analyst/Examiner (lab) CF Lab Director CF Scientist 38
  • 39. Professional Opportunities Law Enforcement Private Sector Intelligence Community Military Academia 39
  • 40. Conclusions • Basics of Digital Forensic Sciences, Classifications • Steps in Digital Forensics • Basics of Network Forensics, Steps • Forensic Tools • Research Challenges 40
  • 41. Useful Links  Kerala Police- Kochi  http://kochicity.keralapolice.gov.in/  National Investigation Agency –NIA  http://www.nia.gov.in/  CBI  http://cbi.nic.in/  Cyberdome  http://cyberdome.kerala.gov.in/index.html  Cyber Cell  https://kerala.gov.in/cyber-cell  RCCF-CDAC  http://www.cyberforensics.in/?AspxAutoDe tectCookieSupport=1 41
  翻译: