SlideShare a Scribd company logo

Computer forensics

Download as PPT, PDF
Hiren Selani
Hiren Selani
EducationTechnology
1 of 14
Computer Forensics
Introduction • Topics to be covered –Defining Computer Forensics –Reasons for gathering evidence –Who uses Computer Forensics –Steps of Computer Forensics –Requirements –Anti-Forensics
Definition • What is Computer Forensics?? – Computer forensics involves the preservation, identification, extraction, documentation, and interpretation of computer media for evidentiary and/or root cause analysis. – Evidence might be required for a wide range of computer crimes and misuses – Multiple methods of • Discovering data on computer system • Recovering deleted, encrypted, or damaged file information • Monitoring live activity • Detecting violations of corporate policy – Information collected assists in arrests, prosecution, termination of employment, and preventing future illegal activity
Definition (cont) • What Constitutes Digital Evidence? – Any information being subject to human intervention or not, that can be extracted from a computer. – Must be in human-readable format or capable of being interpreted by a person with expertise in the subject. • Computer Forensics Examples – Recovering thousands of deleted emails – Performing investigation post employment termination – Recovering evidence post formatting hard drive – Performing investigation after multiple users had taken over the system
Reasons For Evidence • Wide range of computer crimes and misuses – Non-Business Environment: evidence collected by Federal, State and local authorities for crimes relating to: • Theft of trade secrets • Fraud • Industrial espionage(intelligence) • Position of pornography • Virus/Trojan distribution • Homicide(mur) investigations • Unauthorized use of personal information
Reasons For Evidence (cont) • Computer related crime and violations include a range of activities including: – Business Environment: • Theft of or destruction of intellectual property • Unauthorized activity • Tracking internet browsing habits • Reconstructing Events • Inferring intentions • Selling company bandwidth • Wrongful dismissal claims • Sexual nuisance • Software Piracy
Who Uses Computer Forensics? • Criminal Prosecutors – Rely on evidence obtained from a computer to prosecute suspects and use as evidence • Civil Litigations – Personal and business data discovered on a computer can be used in fraud, divorce, harassment, or discrimination cases • Insurance Companies – Evidence discovered on computer can be used to mollify costs (fraud, worker’s compensation, arson, etc) • Private Corporations – Obtained evidence from employee computers can be used as evidence in harassment, fraud, and embezzlement cases
Who Uses Computer Forensics? (cont) • Law Enforcement Officials – Rely on computer forensics to backup search warrants and post-seizure handling • Individual/Private Citizens – Obtain the services of professional computer forensic specialists to support claims of harassment, abuse, or wrongful termination from employment
Steps Of Computer Forensics • According to many professionals, Computer Forensics is a four (4) step process – Acquisition • Physically or remotely obtaining possession of the computer, all network mappings from the system, and external physical storage devices – Identification • This step involves identifying what data could be recovered and electronically retrieving it by running various Computer Forensic tools and software suites – Evaluation • Evaluating the information/data recovered to determine if and how it could be used again the suspect for employment termination or prosecution in court
Steps Of Computer Forensics (cont) – Presentation • This step involves the presentation of evidence discovered in a manner which is understood by lawyers, non-technically staff/management, and suitable as evidence as determined by United States and internal laws
Computer Forensic Requirements • Hardware – Familiarity with all internal and external devices/components of a computer – Thorough understanding of hard drives and settings – Understanding motherboards and the various chipsets used – Power connections – Memory • BIOS – Understanding how the BIOS works – Familiarity with the various settings and limitations of the BIOS
Computer Forensic Requirements (cont) • Operation Systems – Windows 3.1/95/98/ME/NT/2000/2003/XP – DOS – UNIX – LINUX • Software – Familiarity with most popular software packages such as Office • Forensic Tools – Familiarity with computer forensic techniques and the software packages that could be used
Anti-Forensics • Software that limits and/or corrupts evidence that could be collected by an investigator • Performs data hiding and distortion • Exploits limitations of known and used forensic tools • Works both on Windows and LINUX based systems • In place prior to or post system acquisition
Que ?

Recommended

Computer Forensic
Computer ForensicComputer Forensic
Computer ForensicNovizul Evendi
 
Computer Forensics ppt
Computer Forensics pptComputer Forensics ppt
Computer Forensics pptOECLIB Odisha Electronics Control Library
 
computer forensics
computer forensicscomputer forensics
computer forensicsshivi123456
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Computer Forensic
Computer ForensicComputer Forensic
Computer ForensicTawhidur Rahman
 
Computer crimes and forensics
Computer crimes and forensics Computer crimes and forensics
Computer crimes and forensics Avinash Mavuru
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber ForensicsKathirvel Ayyaswamy
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsShreya Singireddy
 

Recommended

Computer Forensic
Computer ForensicComputer Forensic
Computer ForensicNovizul Evendi
 
Computer Forensics ppt
Computer Forensics pptComputer Forensics ppt
Computer Forensics pptOECLIB Odisha Electronics Control Library
 
computer forensics
computer forensicscomputer forensics
computer forensicsshivi123456
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Computer Forensic
Computer ForensicComputer Forensic
Computer ForensicTawhidur Rahman
 
Computer crimes and forensics
Computer crimes and forensics Computer crimes and forensics
Computer crimes and forensics Avinash Mavuru
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber ForensicsKathirvel Ayyaswamy
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsShreya Singireddy
 
DF Process Models
DF Process ModelsDF Process Models
DF Process ModelsCostas Katsavounidis
 
Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 
Network Forensic
Network ForensicNetwork Forensic
Network ForensicSujeet Kumar
 
Email investigation
Email investigationEmail investigation
Email investigationAnimesh Shaw
 
Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics sunanditaAnand
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodologyPiyush Jain
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1Manu Mathew Cherian
 
Network Forensics
Network ForensicsNetwork Forensics
Network Forensicsprimeteacher32
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic toolsSonu Sunaliya
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensicsprimeteacher32
 
INTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSINTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSSylvain Martinez
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic toolsParsons Corporation
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsMithileysh Sathiyanarayanan
 
computer forensics
computer forensicscomputer forensics
computer forensicsVaibhav Tapse
 
Computer forensics and its role
Computer forensics and its roleComputer forensics and its role
Computer forensics and its roleSudeshna Basak
 
computer forensics by amritanshu kaushik
computer forensics by amritanshu kaushikcomputer forensics by amritanshu kaushik
computer forensics by amritanshu kaushikamritanshu4u
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 
Forensic analytical chemistry
Forensic analytical chemistryForensic analytical chemistry
Forensic analytical chemistrySrinath Ravuri
 

More Related Content

What's hot

Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 
Email investigation
Email investigationEmail investigation
Email investigationAnimesh Shaw
 
Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics sunanditaAnand
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodologyPiyush Jain
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic toolsSonu Sunaliya
 
INTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSINTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSSylvain Martinez
 
Computer forensics and its role
Computer forensics and its roleComputer forensics and its role
Computer forensics and its roleSudeshna Basak
 
computer forensics by amritanshu kaushik
computer forensics by amritanshu kaushikcomputer forensics by amritanshu kaushik
computer forensics by amritanshu kaushikamritanshu4u
 

What's hot (20)

DF Process Models
DF Process ModelsDF Process Models
DF Process Models
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
 
Network Forensic
Network ForensicNetwork Forensic
Network Forensic
 
Email investigation
Email investigationEmail investigation
Email investigation
 
Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkit
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensic
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodology
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1
 
Network Forensics
Network ForensicsNetwork Forensics
Network Forensics
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic tools
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensics
 
INTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSINTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICS
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic tools
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
computer forensics
computer forensicscomputer forensics
computer forensics
 
Computer forensics and its role
Computer forensics and its roleComputer forensics and its role
Computer forensics and its role
 
computer forensics by amritanshu kaushik
computer forensics by amritanshu kaushikcomputer forensics by amritanshu kaushik
computer forensics by amritanshu kaushik
 

Viewers also liked

Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 
Forensic analytical chemistry
Forensic analytical chemistryForensic analytical chemistry
Forensic analytical chemistrySrinath Ravuri
 
Computer Forensic Softwares
Computer Forensic SoftwaresComputer Forensic Softwares
Computer Forensic SoftwaresDhruv Seth
 
Chfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays WorldChfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays Worldgueste0d962
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensicsanupriti
 
Intelligent water drops (Persian)
Intelligent water drops (Persian)Intelligent water drops (Persian)
Intelligent water drops (Persian)mortezaT
 
Nature-Inspired Optimization Algorithms
Nature-Inspired Optimization Algorithms Nature-Inspired Optimization Algorithms
Nature-Inspired Optimization Algorithms Xin-She Yang
 
nature inspired algorithms
nature inspired algorithmsnature inspired algorithms
nature inspired algorithmsGaurav Goel
 
Admissibility of forensic evidence in the court of law
Admissibility of forensic evidence in the court of lawAdmissibility of forensic evidence in the court of law
Admissibility of forensic evidence in the court of lawRajshree Sable
 
Genetic Algorithm
Genetic AlgorithmGenetic Algorithm
Genetic AlgorithmSHIMI S L
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacyPawan Arya
 
Morphological image processing
Morphological image processingMorphological image processing
Morphological image processingRaghu Kumar
 
Lecture1
Lecture1Lecture1
Lecture1rjaeh
 
Monte Carlo G P U Jan2010
Monte Carlo G P U Jan2010Monte Carlo G P U Jan2010
Monte Carlo G P U Jan2010John Holden
 
OWASP Khartoum Cyber Security Session
OWASP Khartoum Cyber Security SessionOWASP Khartoum Cyber Security Session
OWASP Khartoum Cyber Security SessionOWASP Khartoum
 
Access lesson 02 Creating a Database
Access lesson 02 Creating a DatabaseAccess lesson 02 Creating a Database
Access lesson 02 Creating a DatabaseAram SE
 
Communication skills in english
Communication skills in englishCommunication skills in english
Communication skills in englishAqib Memon
 
Monte Carlo Statistical Methods
Monte Carlo Statistical MethodsMonte Carlo Statistical Methods
Monte Carlo Statistical MethodsChristian Robert
 
Database and Access Power Point
Database and Access Power PointDatabase and Access Power Point
Database and Access Power PointAyee_Its_Bailey
 

Viewers also liked (20)

Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensics
 
Forensic analytical chemistry
Forensic analytical chemistryForensic analytical chemistry
Forensic analytical chemistry
 
Computer Forensic Softwares
Computer Forensic SoftwaresComputer Forensic Softwares
Computer Forensic Softwares
 
Chfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays WorldChfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays World
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensics
 
Intelligent water drops (Persian)
Intelligent water drops (Persian)Intelligent water drops (Persian)
Intelligent water drops (Persian)
 
Nature-Inspired Optimization Algorithms
Nature-Inspired Optimization Algorithms Nature-Inspired Optimization Algorithms
Nature-Inspired Optimization Algorithms
 
nature inspired algorithms
nature inspired algorithmsnature inspired algorithms
nature inspired algorithms
 
Admissibility of forensic evidence in the court of law
Admissibility of forensic evidence in the court of lawAdmissibility of forensic evidence in the court of law
Admissibility of forensic evidence in the court of law
 
Genetic Algorithm
Genetic AlgorithmGenetic Algorithm
Genetic Algorithm
 
Digital Forensic
Digital ForensicDigital Forensic
Digital Forensic
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacy
 
Morphological image processing
Morphological image processingMorphological image processing
Morphological image processing
 
Lecture1
Lecture1Lecture1
Lecture1
 
Monte Carlo G P U Jan2010
Monte Carlo G P U Jan2010Monte Carlo G P U Jan2010
Monte Carlo G P U Jan2010
 
OWASP Khartoum Cyber Security Session
OWASP Khartoum Cyber Security SessionOWASP Khartoum Cyber Security Session
OWASP Khartoum Cyber Security Session
 
Access lesson 02 Creating a Database
Access lesson 02 Creating a DatabaseAccess lesson 02 Creating a Database
Access lesson 02 Creating a Database
 
Communication skills in english
Communication skills in englishCommunication skills in english
Communication skills in english
 
Monte Carlo Statistical Methods
Monte Carlo Statistical MethodsMonte Carlo Statistical Methods
Monte Carlo Statistical Methods
 
Database and Access Power Point
Database and Access Power PointDatabase and Access Power Point
Database and Access Power Point
 

Similar to Computer forensics

Latihan4 comp-forensic-bab3
Latihan4 comp-forensic-bab3Latihan4 comp-forensic-bab3
Latihan4 comp-forensic-bab3sabtolinux
 
164199724-Introduction-To-Digital-Forensics-ppt.ppt
164199724-Introduction-To-Digital-Forensics-ppt.ppt164199724-Introduction-To-Digital-Forensics-ppt.ppt
164199724-Introduction-To-Digital-Forensics-ppt.pptharshbj1801
 
Computer Forensics (1).pptx
Computer Forensics (1).pptxComputer Forensics (1).pptx
Computer Forensics (1).pptxGautam708801
 
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdfGnanavi2
 
Computer forensics Slides
Computer forensics SlidesComputer forensics Slides
Computer forensics SlidesVarun Sehgal
 
Security and privacy
Security and privacySecurity and privacy
Security and privacyMohammed Adam
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - NotesKranthi
 
computerforensics-140212060522-phpapp02.pdf
computerforensics-140212060522-phpapp02.pdfcomputerforensics-140212060522-phpapp02.pdf
computerforensics-140212060522-phpapp02.pdfGnanavi2
 
Cyber forensic-Evedidence collection tools
Cyber forensic-Evedidence collection toolsCyber forensic-Evedidence collection tools
Cyber forensic-Evedidence collection toolsN.Jagadish Kumar
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsSCREAM138
 
Collecting and preserving digital evidence
Collecting and preserving digital evidenceCollecting and preserving digital evidence
Collecting and preserving digital evidenceOnline
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenesprimeteacher32
 

Similar to Computer forensics (20)

CF.ppt
CF.pptCF.ppt
CF.ppt
 
cyber Forensics
cyber Forensicscyber Forensics
cyber Forensics
 
Latihan4 comp-forensic-bab3
Latihan4 comp-forensic-bab3Latihan4 comp-forensic-bab3
Latihan4 comp-forensic-bab3
 
164199724-Introduction-To-Digital-Forensics-ppt.ppt
164199724-Introduction-To-Digital-Forensics-ppt.ppt164199724-Introduction-To-Digital-Forensics-ppt.ppt
164199724-Introduction-To-Digital-Forensics-ppt.ppt
 
Computer Forensics (1).pptx
Computer Forensics (1).pptxComputer Forensics (1).pptx
Computer Forensics (1).pptx
 
css ppt.ppt
css ppt.pptcss ppt.ppt
css ppt.ppt
 
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
 
Computer forensics Slides
Computer forensics SlidesComputer forensics Slides
Computer forensics Slides
 
Chap11
Chap11Chap11
Chap11
 
Security and privacy
Security and privacySecurity and privacy
Security and privacy
 
Chap11
Chap11Chap11
Chap11
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
 
Security and privacy
Security and privacySecurity and privacy
Security and privacy
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes
 
File000117
File000117File000117
File000117
 
computerforensics-140212060522-phpapp02.pdf
computerforensics-140212060522-phpapp02.pdfcomputerforensics-140212060522-phpapp02.pdf
computerforensics-140212060522-phpapp02.pdf
 
Cyber forensic-Evedidence collection tools
Cyber forensic-Evedidence collection toolsCyber forensic-Evedidence collection tools
Cyber forensic-Evedidence collection tools
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Collecting and preserving digital evidence
Collecting and preserving digital evidenceCollecting and preserving digital evidence
Collecting and preserving digital evidence
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenes
 

More from Hiren Selani

Unit 3 3 architectural design
Unit 3 3 architectural designUnit 3 3 architectural design
Unit 3 3 architectural designHiren Selani
 
Dss & knowledge management
Dss & knowledge managementDss & knowledge management
Dss & knowledge managementHiren Selani
 
Application in manufacturing sector
Application in manufacturing sectorApplication in manufacturing sector
Application in manufacturing sectorHiren Selani
 
Application In service sector
Application In service sectorApplication In service sector
Application In service sectorHiren Selani
 
Development process of mis
Development process of misDevelopment process of mis
Development process of misHiren Selani
 
DEVELOPMENT PROCESS OF MIS
DEVELOPMENT PROCESS OF MISDEVELOPMENT PROCESS OF MIS
DEVELOPMENT PROCESS OF MISHiren Selani
 
Information,Knowledge,Business intelligence
Information,Knowledge,Business intelligenceInformation,Knowledge,Business intelligence
Information,Knowledge,Business intelligenceHiren Selani
 

More from Hiren Selani (14)

Digitalbusiness
DigitalbusinessDigitalbusiness
Digitalbusiness
 
Introduction
IntroductionIntroduction
Introduction
 
Unit 3 3 architectural design
Unit 3 3 architectural designUnit 3 3 architectural design
Unit 3 3 architectural design
 
Chapter 09
Chapter 09Chapter 09
Chapter 09
 
Process models
Process modelsProcess models
Process models
 
Dss & knowledge management
Dss & knowledge managementDss & knowledge management
Dss & knowledge management
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Application in manufacturing sector
Application in manufacturing sectorApplication in manufacturing sector
Application in manufacturing sector
 
Application In service sector
Application In service sectorApplication In service sector
Application In service sector
 
Development process of mis
Development process of misDevelopment process of mis
Development process of mis
 
DEVELOPMENT PROCESS OF MIS
DEVELOPMENT PROCESS OF MISDEVELOPMENT PROCESS OF MIS
DEVELOPMENT PROCESS OF MIS
 
System
SystemSystem
System
 
Information,Knowledge,Business intelligence
Information,Knowledge,Business intelligenceInformation,Knowledge,Business intelligence
Information,Knowledge,Business intelligence
 
Decision making
Decision makingDecision making
Decision making
 

Recently uploaded

A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024Janet Corral
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfchloefrazer622
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...fonyou31
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 

Recently uploaded (20)

A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 

Computer forensics

  • 2. Introduction • Topics to be covered –Defining Computer Forensics –Reasons for gathering evidence –Who uses Computer Forensics –Steps of Computer Forensics –Requirements –Anti-Forensics
  • 3. Definition • What is Computer Forensics?? – Computer forensics involves the preservation, identification, extraction, documentation, and interpretation of computer media for evidentiary and/or root cause analysis. – Evidence might be required for a wide range of computer crimes and misuses – Multiple methods of • Discovering data on computer system • Recovering deleted, encrypted, or damaged file information • Monitoring live activity • Detecting violations of corporate policy – Information collected assists in arrests, prosecution, termination of employment, and preventing future illegal activity
  • 4. Definition (cont) • What Constitutes Digital Evidence? – Any information being subject to human intervention or not, that can be extracted from a computer. – Must be in human-readable format or capable of being interpreted by a person with expertise in the subject. • Computer Forensics Examples – Recovering thousands of deleted emails – Performing investigation post employment termination – Recovering evidence post formatting hard drive – Performing investigation after multiple users had taken over the system
  • 5. Reasons For Evidence • Wide range of computer crimes and misuses – Non-Business Environment: evidence collected by Federal, State and local authorities for crimes relating to: • Theft of trade secrets • Fraud • Industrial espionage(intelligence) • Position of pornography • Virus/Trojan distribution • Homicide(mur) investigations • Unauthorized use of personal information
  • 6. Reasons For Evidence (cont) • Computer related crime and violations include a range of activities including: – Business Environment: • Theft of or destruction of intellectual property • Unauthorized activity • Tracking internet browsing habits • Reconstructing Events • Inferring intentions • Selling company bandwidth • Wrongful dismissal claims • Sexual nuisance • Software Piracy
  • 7. Who Uses Computer Forensics? • Criminal Prosecutors – Rely on evidence obtained from a computer to prosecute suspects and use as evidence • Civil Litigations – Personal and business data discovered on a computer can be used in fraud, divorce, harassment, or discrimination cases • Insurance Companies – Evidence discovered on computer can be used to mollify costs (fraud, worker’s compensation, arson, etc) • Private Corporations – Obtained evidence from employee computers can be used as evidence in harassment, fraud, and embezzlement cases
  • 8. Who Uses Computer Forensics? (cont) • Law Enforcement Officials – Rely on computer forensics to backup search warrants and post-seizure handling • Individual/Private Citizens – Obtain the services of professional computer forensic specialists to support claims of harassment, abuse, or wrongful termination from employment
  • 9. Steps Of Computer Forensics • According to many professionals, Computer Forensics is a four (4) step process – Acquisition • Physically or remotely obtaining possession of the computer, all network mappings from the system, and external physical storage devices – Identification • This step involves identifying what data could be recovered and electronically retrieving it by running various Computer Forensic tools and software suites – Evaluation • Evaluating the information/data recovered to determine if and how it could be used again the suspect for employment termination or prosecution in court
  • 10. Steps Of Computer Forensics (cont) – Presentation • This step involves the presentation of evidence discovered in a manner which is understood by lawyers, non-technically staff/management, and suitable as evidence as determined by United States and internal laws
  • 11. Computer Forensic Requirements • Hardware – Familiarity with all internal and external devices/components of a computer – Thorough understanding of hard drives and settings – Understanding motherboards and the various chipsets used – Power connections – Memory • BIOS – Understanding how the BIOS works – Familiarity with the various settings and limitations of the BIOS
  • 12. Computer Forensic Requirements (cont) • Operation Systems – Windows 3.1/95/98/ME/NT/2000/2003/XP – DOS – UNIX – LINUX • Software – Familiarity with most popular software packages such as Office • Forensic Tools – Familiarity with computer forensic techniques and the software packages that could be used
  • 13. Anti-Forensics • Software that limits and/or corrupts evidence that could be collected by an investigator • Performs data hiding and distortion • Exploits limitations of known and used forensic tools • Works both on Windows and LINUX based systems • In place prior to or post system acquisition
  • 14. Que ?