Abstract image of a woman sitting on books and studying on a laptop

Akcomputerforensics 130222081008-phpapp02-140809110602-phpapp02

Download as PPTX, PDF
S
satyabwati

The document discusses computer forensics, including defining it as the process of identifying, preserving, analyzing and presenting digital evidence. It outlines the characteristics, history, goals and methodology of computer forensics, how it is used to investigate cyber crimes and find digital evidence. Computer forensics experts work in law enforcement, private companies, and for individuals and require skills in programming, operating systems, analytics, and rules of evidence.

1 of 23
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
BY:- Anil Kumar CSE ퟑ풓풅 Year 0903CS121017 1
CONTENTS:- Defining Computer Forensics Characteristics Needs History Goal Cyber Crime & Evidence Rules Of Handling Evidence Top 10 Location For Evidence Computer Forensics Methodology Applications of Computer Forensics Who Uses Computer Forensics Skills Requirements for Computer Forensics 2
What is Computer Forensics? • “Forensic computing is the process of identifying, preserving, analyzing and presenting digital evidence in a manner that is legally acceptable.”(Rodney Mckemmish 1999). • Evidence might be required for a wide range of computer crimes and misuses. • Information collected assists in arrests, prosecution, termination of employment, and preventing future illegal activity 3
CHARECTERISTICS OF COMPUTER FORENSICS • IDENTIFYING • PRESERVING • ANALYZING • PRESENTING 4
NEEDS OF COMPUTER FORENSICS oTo produce evidence in the court that can lead to the punishment of the actual. oTo ensure the integrity of the computer system. oTo focus on the response to hi-tech offenses, started to intertwine. 5
HISTORY OF COMPUTER FORENSICS o Began to evolve more than 30 years ago in US when law enforcement and military investigators started seeing criminals get technical. o Over the next decades, and up to today, the field has exploded. Law enforcement and the military continue to have a large presence in the information security and computer forensic field at the local, state and federal level. o Now a days, Software companies continue to produce newer and more robust forensic software programs. And law enforcement and the military continue to identify and train more and more of their personnel in the response to crimes involving technology. 6
GOAL OF COMPUTER FORENSICS • The main goal of computer forensic experts is not only to find the criminal but also to find out the evidence and the presentation of the evidence in a manner that leads to legal action of the criminal. 7
CYBER CRIME & EVIDENCE • CYBER CRIME • Cyber crime occurs when information technology is used to commit or conceal an offence. 8
TYPES OF CYBER CRIME o Forgery o Breech of Computer Security o Fraud/Theft o Copyright Violations o Identity Theft o Threats o Burglary o Homicide o Administrative Investigations o Cyber Terrorism o Sales and Investment Fraud o Electronic Fund Transfer Fraud 9
10
Cybercrime: Top 20 Countries 11
Evidence  An item does not become officially a piece of evidence until a court admits it.  Much of forensics practice concerns how to collect, preserve and analyze these items without compromising their potential to be admitted as evidence in a court of law. 12
DIGITAL EVIDENCE • “Any data that is recorded or preserved on any medium in or by a computer system or other similar device, that can be read or understand by a person or a computer system or other similar device. It includes a display, print out or other output of that data.” 13
TYPES OF DIGITAL EVIDENCE 1) PERSISTANT DATA Meaning data that remains intact when the computer is turned off. E.g. hard drives, disk drives and removable storage devices (such as USB drives or flash drives). 2) VOLATILE DATA, Meaning data that would be lost if the computer is turned off. E.g. deleted files, computer history, the computer's registry, temporary files and web browsing history. 14
5 RULES OF EVIDENCES 1) Admissible • Must be able to be used in court or elsewhere. 2) Authentic • Evidence relates to incident in relevant way. 3) Complete (no tunnel vision) • Exculpatory evidence for alternative suspects. 4) Reliable • No question about authenticity & veracity. 5) Believable • Clear, easy to understand, and believable by a jury. 15
TOP 10 LOCATION FOR EVIDENCE 1) Internet History Files 2) Temporary Internet Files 3) Slack/Unallocated Space 4) Buddy lists, personal chat room records, others saved areas 5) News groups/club lists/posting 6) Settings, folder structure, file names 7) File Storage Dates 8) Software/Hardware added 9) File Sharing ability 10) E-mails 16
COMPUTER FORENSICS METHODOLOGY 1) Shut Down the Computer 2) Document the Hardware Configuration of The System 3) Transport the Computer System to A Secure Location 4) Make Bit Stream Backups of Hard Disks and Floppy Disks 5) Mathematically Verify Data on All Storage Devices 6) Document the System Date and Time 7) Make a List of Key Search Words 17
CONT… 8) Evaluate the Windows Swap File 9) Evaluate File Slack 10) Evaluate Unallocated Space (Erased Files) 11) Search Files, File Slack and Unallocated Space for Key Words 12) Document File Names, Dates and Times 13) Identify File, Program and Storage Anomalies 14) Evaluate Program Functionality 15) Document Your Findings 18
APPLICATIONS :- • FINANCIAL FRAUD DETECTION • CRIMINAL PROSECUTION • CIVIL LITIGATION • “CORPORATE SECURITY POLICY AND VIOLATIONS” 19
Who Uses Computer Forensics? Criminal Prosecutors Rely on evidence obtained from a computer to prosecute suspects and use as evidence. Civil Litigations Personal and business data discovered on a computer can be used in fraud, harassment, or discrimination cases. Private Corporations Obtained evidence from employee computers can be used as evidence in harassment, fraud, and embezzlement cases. 20
Who Uses Computer Forensics? (cont..) Law Enforcement Officials Rely on computer forensics to backup search warrants and post-seizure handling. Individual/Private Citizens Obtain the services of professional computer forensic specialists to support claims of harassment, abuse, or wrongful termination from employment. 21
Skills Required For Computer Forensics Application o Programming or computer-related experience o Broad understanding of operating systems and applications o Strong analytical skills o Strong computer science fundamentals o Strong system administrative skills o Knowledge of the latest intruder tools o Knowledge of cryptography and steganography o Strong understanding of the rules of evidence and evidence handling o Ability to be an expert witness in a court of law 22
` 23

More Related Content

PPTX
Computer Forensics ppt
OECLIB Odisha Electronics Control Library
 
PPTX
Computer Forensics
One97 Communications Limited
 
PPTX
computer forensics by amritanshu kaushik
amritanshu4u
 
PPTX
Digital&computforensic
Rahul Badekar
 
PPTX
Computer forensic
bhavithd
 
PPTX
Computer Forensics
Daksh Verma
 
PPT
Cyber Crime Evidence Collection Ifsa 2009
University of Southern Mississippi
 
PPTX
Computer forensics
Sarwar Hossain Rafsan
 
Computer Forensics ppt
OECLIB Odisha Electronics Control Library
 
Computer Forensics
One97 Communications Limited
 
computer forensics by amritanshu kaushik
amritanshu4u
 
Digital&computforensic
Rahul Badekar
 
Computer forensic
bhavithd
 
Computer Forensics
Daksh Verma
 
Cyber Crime Evidence Collection Ifsa 2009
University of Southern Mississippi
 
Computer forensics
Sarwar Hossain Rafsan
 

What's hot (20)

PPTX
Cyber forensics 02 mit-2014
Muzzammil Wani
 
PDF
Computer Forensics: You can run but you can't hide
Antonio Sanz Alcober
 
PPS
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
ClubHack
 
PPTX
Computer forensics ppt
Nikhil Mashruwala
 
PPTX
Lect 5 computer forensics
Kabul Education University
 
PPTX
Computer forensic ppt
Onkar1431
 
DOCX
Computer Forensics
Shreya Singireddy
 
PPTX
cyber Forensics
Muzzammil Wani
 
PPTX
Lect 3 Computer Forensics
Kabul Education University
 
PDF
Computer Forensic
Novizul Evendi
 
PPT
Computer Forensics
Neilg42
 
PPTX
Computer forensics powerpoint presentation
Somya Johri
 
PDF
Cyber Forensics Module 2
Manu Mathew Cherian
 
PPTX
Digital investigation
unnilala11
 
PDF
Sued or Suing: Introduction to Digital Forensics
Anyck Turgeon, CFE/GRCP/CEFI/CCIP/C|CISO/CBA
 
PPTX
Digital Forensics Workshop
Tim Fletcher
 
PPTX
computer forensics
Vaibhav Tapse
 
PPTX
Computer forensics
Ramesh Ogania
 
PPT
Codebits 2010
Tiago Henriques
 
PPTX
Cyber forensic 1
anilinvns
 
Cyber forensics 02 mit-2014
Muzzammil Wani
 
Computer Forensics: You can run but you can't hide
Antonio Sanz Alcober
 
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
ClubHack
 
Computer forensics ppt
Nikhil Mashruwala
 
Lect 5 computer forensics
Kabul Education University
 
Computer forensic ppt
Onkar1431
 
Computer Forensics
Shreya Singireddy
 
cyber Forensics
Muzzammil Wani
 
Lect 3 Computer Forensics
Kabul Education University
 
Computer Forensic
Novizul Evendi
 
Computer Forensics
Neilg42
 
Computer forensics powerpoint presentation
Somya Johri
 
Cyber Forensics Module 2
Manu Mathew Cherian
 
Digital investigation
unnilala11
 
Sued or Suing: Introduction to Digital Forensics
Anyck Turgeon, CFE/GRCP/CEFI/CCIP/C|CISO/CBA
 
Digital Forensics Workshop
Tim Fletcher
 
computer forensics
Vaibhav Tapse
 
Computer forensics
Ramesh Ogania
 
Codebits 2010
Tiago Henriques
 
Cyber forensic 1
anilinvns
 
Ad

Viewers also liked (20)

PPT
Cyber Crime
Philip Stallone
 
PPTX
McAfee Threats Report, Cyber Crime, Hacktivism, Anonymous
Melvin Jáquez
 
PPTX
Identity Theft Presentation
MonikaPenkova
 
PPT
Identity Theft Presentation
Randall Chesnutt
 
PPT
Indentify Theft Slide Show
robinlgray
 
PPTX
Cyber crime
Soreingam Ragui
 
PPT
CYBER CRIME AND SECURITY
Sahil Vashishtha
 
PPT
Biodiversity conservation
rajeshap
 
PPTX
Cyber-crime PPT
Anshuman Tripathi
 
PPTX
Biodiversity and its Conservation
Akhil Kollipara
 
PPT
Seminar on Cyber Crime
Likan Patra
 
PPT
Cybercrime presentation
Rajat Jain
 
PPT
Cyber Crime and Security
Dipesh Waghela
 
PPTX
Cyber crime
Rajendra Dangwal
 
PDF
Cyber crime
Tushar Malhotra
 
PPT
presentation on cyber crime and security
Alisha Korpal
 
PPTX
Cyber security
Siblu28
 
PPTX
Cyber crime ppt
MOE515253
 
PPTX
Cybercrime.ppt
Aeman Khan
 
PPT
PPT OF BIODIVERSITY
Tusharkanti Nayak
 
Cyber Crime
Philip Stallone
 
McAfee Threats Report, Cyber Crime, Hacktivism, Anonymous
Melvin Jáquez
 
Identity Theft Presentation
MonikaPenkova
 
Identity Theft Presentation
Randall Chesnutt
 
Indentify Theft Slide Show
robinlgray
 
Cyber crime
Soreingam Ragui
 
CYBER CRIME AND SECURITY
Sahil Vashishtha
 
Biodiversity conservation
rajeshap
 
Cyber-crime PPT
Anshuman Tripathi
 
Biodiversity and its Conservation
Akhil Kollipara
 
Seminar on Cyber Crime
Likan Patra
 
Cybercrime presentation
Rajat Jain
 
Cyber Crime and Security
Dipesh Waghela
 
Cyber crime
Rajendra Dangwal
 
Cyber crime
Tushar Malhotra
 
presentation on cyber crime and security
Alisha Korpal
 
Cyber security
Siblu28
 
Cyber crime ppt
MOE515253
 
Cybercrime.ppt
Aeman Khan
 
PPT OF BIODIVERSITY
Tusharkanti Nayak
 
Ad

Similar to Akcomputerforensics 130222081008-phpapp02-140809110602-phpapp02 (20)

PDF
computerforensicsppt-111006063922-phpapp01.pdf
Gnanavi2
 
PPTX
computer-forensics-8727-OHvDvOm.pptx
DaniyaHuzaifa
 
PPTX
computer-forensics-8727-OHvDvOm.pptx
ssuser2bf502
 
PPTX
computer forensics
Amit Singh
 
PPTX
Forensic investigation
infosecindia
 
PPT
Lecture 4,5, 6 comp forensics 19 9-2018 basic security
Alchemist095
 
PPTX
Computer forensics Slides
Varun Sehgal
 
PPTX
Computer forensic
Shashi Mishra
 
PPT
Chap 1 general introduction to computer forensics
Malobe Lottin Cyrille Marcel
 
PPTX
COMPUTER FORENSICS.pptx
SakshiRawat394090
 
PPT
Secure Computer Forensics and its tools
Kathirvel Ayyaswamy
 
PPTX
Examining computer and evidence collection
gagan deep
 
PPTX
Computer forensics and its role
Sudeshna Basak
 
PPTX
Computer Forensics in Fighting Crimes
Isaiah Edem
 
PDF
FINAL_MSCIT_CYBER_FORENSICS_NOTES_SEM_IV_PROFAJAYPASHANKAR.pdf
ajay pashankar
 
PPTX
ISSC455_Week6_Project_PowerPoint_Presentation_Intindolo
John Intindolo
 
PPT
Computer forensics
SCREAM138
 
PPTX
Cyber forensics ppt
RoshiniVijayakumar1
 
PPTX
Computer Forensics (1).pptx
Gautam708801
 
PDF
CS6004 Cyber Forensics
Kathirvel Ayyaswamy
 
computerforensicsppt-111006063922-phpapp01.pdf
Gnanavi2
 
computer-forensics-8727-OHvDvOm.pptx
DaniyaHuzaifa
 
computer-forensics-8727-OHvDvOm.pptx
ssuser2bf502
 
computer forensics
Amit Singh
 
Forensic investigation
infosecindia
 
Lecture 4,5, 6 comp forensics 19 9-2018 basic security
Alchemist095
 
Computer forensics Slides
Varun Sehgal
 
Computer forensic
Shashi Mishra
 
Chap 1 general introduction to computer forensics
Malobe Lottin Cyrille Marcel
 
COMPUTER FORENSICS.pptx
SakshiRawat394090
 
Secure Computer Forensics and its tools
Kathirvel Ayyaswamy
 
Examining computer and evidence collection
gagan deep
 
Computer forensics and its role
Sudeshna Basak
 
Computer Forensics in Fighting Crimes
Isaiah Edem
 
FINAL_MSCIT_CYBER_FORENSICS_NOTES_SEM_IV_PROFAJAYPASHANKAR.pdf
ajay pashankar
 
ISSC455_Week6_Project_PowerPoint_Presentation_Intindolo
John Intindolo
 
Computer forensics
SCREAM138
 
Cyber forensics ppt
RoshiniVijayakumar1
 
Computer Forensics (1).pptx
Gautam708801
 
CS6004 Cyber Forensics
Kathirvel Ayyaswamy
 

Akcomputerforensics 130222081008-phpapp02-140809110602-phpapp02

  • 1. BY:- Anil Kumar CSE ퟑ풓풅 Year 0903CS121017 1
  • 2. CONTENTS:- Defining Computer Forensics Characteristics Needs History Goal Cyber Crime & Evidence Rules Of Handling Evidence Top 10 Location For Evidence Computer Forensics Methodology Applications of Computer Forensics Who Uses Computer Forensics Skills Requirements for Computer Forensics 2
  • 3. What is Computer Forensics? • “Forensic computing is the process of identifying, preserving, analyzing and presenting digital evidence in a manner that is legally acceptable.”(Rodney Mckemmish 1999). • Evidence might be required for a wide range of computer crimes and misuses. • Information collected assists in arrests, prosecution, termination of employment, and preventing future illegal activity 3
  • 4. CHARECTERISTICS OF COMPUTER FORENSICS • IDENTIFYING • PRESERVING • ANALYZING • PRESENTING 4
  • 5. NEEDS OF COMPUTER FORENSICS oTo produce evidence in the court that can lead to the punishment of the actual. oTo ensure the integrity of the computer system. oTo focus on the response to hi-tech offenses, started to intertwine. 5
  • 6. HISTORY OF COMPUTER FORENSICS o Began to evolve more than 30 years ago in US when law enforcement and military investigators started seeing criminals get technical. o Over the next decades, and up to today, the field has exploded. Law enforcement and the military continue to have a large presence in the information security and computer forensic field at the local, state and federal level. o Now a days, Software companies continue to produce newer and more robust forensic software programs. And law enforcement and the military continue to identify and train more and more of their personnel in the response to crimes involving technology. 6
  • 7. GOAL OF COMPUTER FORENSICS • The main goal of computer forensic experts is not only to find the criminal but also to find out the evidence and the presentation of the evidence in a manner that leads to legal action of the criminal. 7
  • 8. CYBER CRIME & EVIDENCE • CYBER CRIME • Cyber crime occurs when information technology is used to commit or conceal an offence. 8
  • 9. TYPES OF CYBER CRIME o Forgery o Breech of Computer Security o Fraud/Theft o Copyright Violations o Identity Theft o Threats o Burglary o Homicide o Administrative Investigations o Cyber Terrorism o Sales and Investment Fraud o Electronic Fund Transfer Fraud 9
  • 10. 10
  • 11. Cybercrime: Top 20 Countries 11
  • 12. Evidence  An item does not become officially a piece of evidence until a court admits it.  Much of forensics practice concerns how to collect, preserve and analyze these items without compromising their potential to be admitted as evidence in a court of law. 12
  • 13. DIGITAL EVIDENCE • “Any data that is recorded or preserved on any medium in or by a computer system or other similar device, that can be read or understand by a person or a computer system or other similar device. It includes a display, print out or other output of that data.” 13
  • 14. TYPES OF DIGITAL EVIDENCE 1) PERSISTANT DATA Meaning data that remains intact when the computer is turned off. E.g. hard drives, disk drives and removable storage devices (such as USB drives or flash drives). 2) VOLATILE DATA, Meaning data that would be lost if the computer is turned off. E.g. deleted files, computer history, the computer's registry, temporary files and web browsing history. 14
  • 15. 5 RULES OF EVIDENCES 1) Admissible • Must be able to be used in court or elsewhere. 2) Authentic • Evidence relates to incident in relevant way. 3) Complete (no tunnel vision) • Exculpatory evidence for alternative suspects. 4) Reliable • No question about authenticity & veracity. 5) Believable • Clear, easy to understand, and believable by a jury. 15
  • 16. TOP 10 LOCATION FOR EVIDENCE 1) Internet History Files 2) Temporary Internet Files 3) Slack/Unallocated Space 4) Buddy lists, personal chat room records, others saved areas 5) News groups/club lists/posting 6) Settings, folder structure, file names 7) File Storage Dates 8) Software/Hardware added 9) File Sharing ability 10) E-mails 16
  • 17. COMPUTER FORENSICS METHODOLOGY 1) Shut Down the Computer 2) Document the Hardware Configuration of The System 3) Transport the Computer System to A Secure Location 4) Make Bit Stream Backups of Hard Disks and Floppy Disks 5) Mathematically Verify Data on All Storage Devices 6) Document the System Date and Time 7) Make a List of Key Search Words 17
  • 18. CONT… 8) Evaluate the Windows Swap File 9) Evaluate File Slack 10) Evaluate Unallocated Space (Erased Files) 11) Search Files, File Slack and Unallocated Space for Key Words 12) Document File Names, Dates and Times 13) Identify File, Program and Storage Anomalies 14) Evaluate Program Functionality 15) Document Your Findings 18
  • 19. APPLICATIONS :- • FINANCIAL FRAUD DETECTION • CRIMINAL PROSECUTION • CIVIL LITIGATION • “CORPORATE SECURITY POLICY AND VIOLATIONS” 19
  • 20. Who Uses Computer Forensics? Criminal Prosecutors Rely on evidence obtained from a computer to prosecute suspects and use as evidence. Civil Litigations Personal and business data discovered on a computer can be used in fraud, harassment, or discrimination cases. Private Corporations Obtained evidence from employee computers can be used as evidence in harassment, fraud, and embezzlement cases. 20
  • 21. Who Uses Computer Forensics? (cont..) Law Enforcement Officials Rely on computer forensics to backup search warrants and post-seizure handling. Individual/Private Citizens Obtain the services of professional computer forensic specialists to support claims of harassment, abuse, or wrongful termination from employment. 21
  • 22. Skills Required For Computer Forensics Application o Programming or computer-related experience o Broad understanding of operating systems and applications o Strong analytical skills o Strong computer science fundamentals o Strong system administrative skills o Knowledge of the latest intruder tools o Knowledge of cryptography and steganography o Strong understanding of the rules of evidence and evidence handling o Ability to be an expert witness in a court of law 22
  • 23. ` 23