SlideShare una empresa de Scribd logo

Computer forensics

Descargar como PPT, PDF
Lalit Garg
Lalit Garg

When U delete a file it is not really deleted

Tecnología
1 de 22
Computer Forensics LALIT GARG 3610109 CSE-2NDYEAR
Index What is Computer Forensics Objective of Computer Forensics Why Computer Forensics History of Computer Forensics How it approaches Steps of Investigation What not to do during Investigation Computer Forensics Techniques
Index Anti-Forensics Computer Forensics Tools Advantages of Computer Forensics Disadvantages of Computer Forensics Conclusions
What is Computer Forensics Computer forensics is considered to be the use of analytical and investigative techniques to identify, collect, examine and preserve evidence/information which is magnetically stored or encoded
Objective of Computer Forensics Usually to provide digital evidence of a specific or general activity
Why Computer Forensics? - Employee internet abuse - Unauthorized disclosure of corporate information and data - Industrial espionage - Damage assessment - Criminal fraud and deception cases - More general criminal cases - and countless others!
History of Computer Forensics  Bankruptcy in Enron in December 2001  Hundreds of employees were left jobless while some executives seemed to benefit from the company's collapse.  The United States Congress decided to investigate and A specialized detective force began to search through hundreds of Enron employee computers using computer forensics.
How it approaches? -Secure the subject system (from tampering during the operation) -Take a copy of hard drive (if applicable) -Identify and recovery all files (including those deleted) - Access/copy hidden, protected and temporary files -Study 'special' areas on the drive (eg: residue from previously deleted files) - Investigate data/settings from installed applications/programs
How it approaches….cont -Assess the system as a whole, including its structure - Consider general factors relating to the users activity - Create detailed report. Throughout the investigation, it is important to stress that a full audit log of your activities should be maintained.
Steps of Investigation  Secure the computer system to ensure that the equipment and data are safe  Find every file on the computer system  Recover as much deleted information as possible using applications  Reveal the contents of all hidden files with programs designed to detect the presence of hidden data  Decrypt and access protected files
Cont…  Analyze special areas of the computer's disks  Document every step of the procedure  Be prepared to testify in court as an expert witness in computer forensics
What should not be done during investigation? -Avoid changing date/time stamps (of files for example) or changing data itself -Overwriting of unallocated space (which can happen on re-boot for example). 'Study don't change' is a useful catch-phrase.
Computer Forensics Technique  Cross-Drive Analysis(CDA)  Live Analysis  Deleted File Analysis
Anti-Forensics : The Nightmare  Programmers design anti-forensic tools to make it hard or impossible to retrieve information during an investigation  Dozens of ways people can hide information
Anti-Forensics…..contd.  Some programs can fool computers by changing the information in files' headers  Programs can divide files up into small sections and hide each section at the end of other files  Programs called packers can insert executable files into other kinds of files  Encryption is another way to hide data  Changing the metadata attached to files  Some computer applications will erase data if an unauthorized user tries to access the system
Computer Forensics Tools  Disk imaging software  Software or hardware write tools  Hashing tools  File recovery programs  Programs to preserve information in RAM  Encryption decoding software  Password cracking software
Advantages of Computer Forensics Ability to search through a massive amount of data  Quickly  Thoroughly  In any language
Disadvantages of Computer Forensics Digital evidence accepted into court  must prove that there is no tampering  all evidence must be fully accounted for  computer forensic specialists must have complete knowledge of legal requirements, evidence handling and storage and documentation procedures
Disadvantages of Computer Forensics Costs  producing electronic records & preserving them is extremely costly  Presents the potential for exposing privileged documents  Legal practitioners must have extensive computer knowledge
Conclusion With computers becoming more and more involved in our everyday lives, both professionally and socially, there is a need for computer forensics. This field will enable crucial electronic evidence to be found, whether it was lost, deleted, damaged, or hidden, and used to prosecute individuals that believe they have successfully beaten the system.
Thank You It’s nice to be important but it is more important to be nice
Any Query???

Recomendados

Computer forensics
Computer forensicsComputer forensics
Computer forensicsdeaneal
 
Computer forensic
Computer forensicComputer forensic
Computer forensicbhavithd
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsNicholas Davis
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsSCREAM138
 
Computer forensics and its role
Computer forensics and its roleComputer forensics and its role
Computer forensics and its roleSudeshna Basak
 
Brief introduction to digital forensics
Brief introduction to digital forensicsBrief introduction to digital forensics
Brief introduction to digital forensicsMarco Alamanni
 
L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxBhupeshkumar Nanhe
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeAung Thu Rha Hein
 

Recomendados

Computer forensics
Computer forensicsComputer forensics
Computer forensicsdeaneal
 
Computer forensic
Computer forensicComputer forensic
Computer forensicbhavithd
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsNicholas Davis
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsSCREAM138
 
Computer forensics and its role
Computer forensics and its roleComputer forensics and its role
Computer forensics and its roleSudeshna Basak
 
Brief introduction to digital forensics
Brief introduction to digital forensicsBrief introduction to digital forensics
Brief introduction to digital forensicsMarco Alamanni
 
L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxBhupeshkumar Nanhe
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeAung Thu Rha Hein
 
Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics sunanditaAnand
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
computer forensics
computer forensicscomputer forensics
computer forensicsAkhil Kumar
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1Manu Mathew Cherian
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensicspranjal dutta
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidencerakesh mishra
 
Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber ForensicsKathirvel Ayyaswamy
 
Mobile Forensics
Mobile Forensics Mobile Forensics
Mobile Forensics abdullah roomi
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensicsprimeteacher32
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Sued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital ForensicsSued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital ForensicsAnyck Turgeon, CFE/GRCP/CEFI/CCIP/C|CISO/CBA
 
Computer Forensics ppt
Computer Forensics pptComputer Forensics ppt
Computer Forensics pptOECLIB Odisha Electronics Control Library
 
Memory forensics
Memory forensicsMemory forensics
Memory forensicsSunil Kumar
 
Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensicsChaitanya Dhareshwar
 
Network Forensics Intro
Network Forensics IntroNetwork Forensics Intro
Network Forensics IntroJake K.
 
computer forensics
computer forensicscomputer forensics
computer forensicsshivi123456
 
Anti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsAnti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsgaurang17
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsRoberto Ellis
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 

Más contenido relacionado

La actualidad más candente

Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics sunanditaAnand
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
computer forensics
computer forensicscomputer forensics
computer forensicsAkhil Kumar
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidencerakesh mishra
 
Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Memory forensics
Memory forensicsMemory forensics
Memory forensicsSunil Kumar
 
Network Forensics Intro
Network Forensics IntroNetwork Forensics Intro
Network Forensics IntroJake K.
 
computer forensics
computer forensicscomputer forensics
computer forensicsshivi123456
 
Anti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsAnti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsgaurang17
 

La actualidad más candente (20)

Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
 
computer forensics
computer forensicscomputer forensics
computer forensics
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkit
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensics
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidence
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 
Mobile Forensics
Mobile Forensics Mobile Forensics
Mobile Forensics
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensics
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
 
Sued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital ForensicsSued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital Forensics
 
Computer Forensics ppt
Computer Forensics pptComputer Forensics ppt
Computer Forensics ppt
 
Memory forensics
Memory forensicsMemory forensics
Memory forensics
 
Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensics
 
Network Forensics Intro
Network Forensics IntroNetwork Forensics Intro
Network Forensics Intro
 
computer forensics
computer forensicscomputer forensics
computer forensics
 
Anti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsAnti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifacts
 

Destacado

Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 
Digital Crime & Forensics - Presentation
Digital Crime & Forensics - PresentationDigital Crime & Forensics - Presentation
Digital Crime & Forensics - Presentationprashant3535
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsOldsun
 
01 computer%20 forensics%20in%20todays%20world
01 computer%20 forensics%20in%20todays%20world01 computer%20 forensics%20in%20todays%20world
01 computer%20 forensics%20in%20todays%20worldAqib Memon
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
Secure lab setup for cyber security
Secure lab setup for cyber securitySecure lab setup for cyber security
Secure lab setup for cyber securityBirju Tank
 
Forensic laboratory setup requirements
Forensic laboratory setup requirementsForensic laboratory setup requirements
Forensic laboratory setup requirementsSonali Parab
 
Forensic Lab Development
Forensic Lab DevelopmentForensic Lab Development
Forensic Lab Developmentamiable_indian
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - NotesKranthi
 
Computer Forensic Softwares
Computer Forensic SoftwaresComputer Forensic Softwares
Computer Forensic SoftwaresDhruv Seth
 
Forensic laboratory setup requirements
Forensic laboratory setup requirements Forensic laboratory setup requirements
Forensic laboratory setup requirements Sonali Parab
 
Chfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays WorldChfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays Worldgueste0d962
 
Proliferasi Nuklir Era Kontemporer: Kapabilitas Nuklir Korea Utara 2003-2013
Proliferasi Nuklir Era Kontemporer: Kapabilitas Nuklir Korea Utara 2003-2013Proliferasi Nuklir Era Kontemporer: Kapabilitas Nuklir Korea Utara 2003-2013
Proliferasi Nuklir Era Kontemporer: Kapabilitas Nuklir Korea Utara 2003-2013Devindra Oktaviano
 
Identifikasi forensik
Identifikasi forensikIdentifikasi forensik
Identifikasi forensikAmirul Hadi
 
Nuix Presentation
Nuix PresentationNuix Presentation
Nuix Presentationtbonk_dti
 

Destacado (20)

Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensics
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Digital Crime & Forensics - Presentation
Digital Crime & Forensics - PresentationDigital Crime & Forensics - Presentation
Digital Crime & Forensics - Presentation
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
01 computer%20 forensics%20in%20todays%20world
01 computer%20 forensics%20in%20todays%20world01 computer%20 forensics%20in%20todays%20world
01 computer%20 forensics%20in%20todays%20world
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensic
 
Slideshare ppt
Slideshare pptSlideshare ppt
Slideshare ppt
 
Secure lab setup for cyber security
Secure lab setup for cyber securitySecure lab setup for cyber security
Secure lab setup for cyber security
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Forensic laboratory setup requirements
Forensic laboratory setup requirementsForensic laboratory setup requirements
Forensic laboratory setup requirements
 
Forensic Lab Development
Forensic Lab DevelopmentForensic Lab Development
Forensic Lab Development
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes
 
Computer Forensic Softwares
Computer Forensic SoftwaresComputer Forensic Softwares
Computer Forensic Softwares
 
Forensic laboratory setup requirements
Forensic laboratory setup requirements Forensic laboratory setup requirements
Forensic laboratory setup requirements
 
Chfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays WorldChfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays World
 
Proliferasi Nuklir Era Kontemporer: Kapabilitas Nuklir Korea Utara 2003-2013
Proliferasi Nuklir Era Kontemporer: Kapabilitas Nuklir Korea Utara 2003-2013Proliferasi Nuklir Era Kontemporer: Kapabilitas Nuklir Korea Utara 2003-2013
Proliferasi Nuklir Era Kontemporer: Kapabilitas Nuklir Korea Utara 2003-2013
 
Identifikasi forensik
Identifikasi forensikIdentifikasi forensik
Identifikasi forensik
 
Nuix Presentation
Nuix PresentationNuix Presentation
Nuix Presentation
 
Luka Tembak Forensik
Luka Tembak ForensikLuka Tembak Forensik
Luka Tembak Forensik
 

Similar a Computer forensics

computerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfcomputerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfGnanavi2
 
Computer forensics Slides
Computer forensics SlidesComputer forensics Slides
Computer forensics SlidesVarun Sehgal
 
05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - NotesKranthi
 
4.content (computer forensic)
4.content (computer forensic)4.content (computer forensic)
4.content (computer forensic)JIEMS Akkalkuwa
 
computerforensics-140212060522-phpapp02.pdf
computerforensics-140212060522-phpapp02.pdfcomputerforensics-140212060522-phpapp02.pdf
computerforensics-140212060522-phpapp02.pdfGnanavi2
 
Evidence and data
Evidence and dataEvidence and data
Evidence and dataAtul Rai
 
To get round to the heart of fortress
To get round to the heart of fortressTo get round to the heart of fortress
To get round to the heart of fortressSTO STRATEGY
 
Business Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicBusiness Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicDhiren Gala
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - NotesKranthi
 
Role of a Forensic Investigator
Role of a Forensic InvestigatorRole of a Forensic Investigator
Role of a Forensic InvestigatorAgape Inc
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsBense Tony
 
Cyber&digital forensics report
Cyber&digital forensics reportCyber&digital forensics report
Cyber&digital forensics reportyash sawarkar
 

Similar a Computer forensics (20)

computerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfcomputerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdf
 
Computer forensics Slides
Computer forensics SlidesComputer forensics Slides
Computer forensics Slides
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2
 
Computer forencis
Computer forencisComputer forencis
Computer forencis
 
Latest presentation
Latest presentationLatest presentation
Latest presentation
 
Sujit
SujitSujit
Sujit
 
05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes
 
4.content (computer forensic)
4.content (computer forensic)4.content (computer forensic)
4.content (computer forensic)
 
computerforensics-140212060522-phpapp02.pdf
computerforensics-140212060522-phpapp02.pdfcomputerforensics-140212060522-phpapp02.pdf
computerforensics-140212060522-phpapp02.pdf
 
Evidence and data
Evidence and dataEvidence and data
Evidence and data
 
To get round to the heart of fortress
To get round to the heart of fortressTo get round to the heart of fortress
To get round to the heart of fortress
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
 
Business Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicBusiness Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer Forensic
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes
 
Role of a Forensic Investigator
Role of a Forensic InvestigatorRole of a Forensic Investigator
Role of a Forensic Investigator
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
Cyber&digital forensics report
Cyber&digital forensics reportCyber&digital forensics report
Cyber&digital forensics report
 
Digital forensics.abdallah
Digital forensics.abdallahDigital forensics.abdallah
Digital forensics.abdallah
 

Último

Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessUXDXConf
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfFIDO Alliance
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxFIDO Alliance
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxFIDO Alliance
 
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties ReimaginedEasier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties Reimaginedpanagenda
 
Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024Hiroshi SHIBATA
 
Collecting & Temporal Analysis of Behavioral Web Data - Tales From The Inside
Collecting & Temporal Analysis of Behavioral Web Data - Tales From The InsideCollecting & Temporal Analysis of Behavioral Web Data - Tales From The Inside
Collecting & Temporal Analysis of Behavioral Web Data - Tales From The InsideStefan Dietze
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...FIDO Alliance
 
Event-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream ProcessingEvent-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream ProcessingScyllaDB
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfFIDO Alliance
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераMark Opanasiuk
 
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...ScyllaDB
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024Stephen Perrenod
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxFIDO Alliance
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...marcuskenyatta275
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfFIDO Alliance
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...FIDO Alliance
 
Introduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxIntroduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxFIDO Alliance
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfFIDO Alliance
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?Mark Billinghurst
 

Último (20)

Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
 
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties ReimaginedEasier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
 
Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024
 
Collecting & Temporal Analysis of Behavioral Web Data - Tales From The Inside
Collecting & Temporal Analysis of Behavioral Web Data - Tales From The InsideCollecting & Temporal Analysis of Behavioral Web Data - Tales From The Inside
Collecting & Temporal Analysis of Behavioral Web Data - Tales From The Inside
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
 
Event-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream ProcessingEvent-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream Processing
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
 
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptx
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
 
Introduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxIntroduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptx
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?
 

Computer forensics

  • 1. Computer Forensics LALIT GARG 3610109 CSE-2NDYEAR
  • 2. Index What is Computer Forensics Objective of Computer Forensics Why Computer Forensics History of Computer Forensics How it approaches Steps of Investigation What not to do during Investigation Computer Forensics Techniques
  • 3. Index Anti-Forensics Computer Forensics Tools Advantages of Computer Forensics Disadvantages of Computer Forensics Conclusions
  • 4. What is Computer Forensics Computer forensics is considered to be the use of analytical and investigative techniques to identify, collect, examine and preserve evidence/information which is magnetically stored or encoded
  • 5. Objective of Computer Forensics Usually to provide digital evidence of a specific or general activity
  • 6. Why Computer Forensics? - Employee internet abuse - Unauthorized disclosure of corporate information and data - Industrial espionage - Damage assessment - Criminal fraud and deception cases - More general criminal cases - and countless others!
  • 7. History of Computer Forensics  Bankruptcy in Enron in December 2001  Hundreds of employees were left jobless while some executives seemed to benefit from the company's collapse.  The United States Congress decided to investigate and A specialized detective force began to search through hundreds of Enron employee computers using computer forensics.
  • 8. How it approaches? -Secure the subject system (from tampering during the operation) -Take a copy of hard drive (if applicable) -Identify and recovery all files (including those deleted) - Access/copy hidden, protected and temporary files -Study 'special' areas on the drive (eg: residue from previously deleted files) - Investigate data/settings from installed applications/programs
  • 9. How it approaches….cont -Assess the system as a whole, including its structure - Consider general factors relating to the users activity - Create detailed report. Throughout the investigation, it is important to stress that a full audit log of your activities should be maintained.
  • 10. Steps of Investigation  Secure the computer system to ensure that the equipment and data are safe  Find every file on the computer system  Recover as much deleted information as possible using applications  Reveal the contents of all hidden files with programs designed to detect the presence of hidden data  Decrypt and access protected files
  • 11. Cont…  Analyze special areas of the computer's disks  Document every step of the procedure  Be prepared to testify in court as an expert witness in computer forensics
  • 12. What should not be done during investigation? -Avoid changing date/time stamps (of files for example) or changing data itself -Overwriting of unallocated space (which can happen on re-boot for example). 'Study don't change' is a useful catch-phrase.
  • 13. Computer Forensics Technique  Cross-Drive Analysis(CDA)  Live Analysis  Deleted File Analysis
  • 14. Anti-Forensics : The Nightmare  Programmers design anti-forensic tools to make it hard or impossible to retrieve information during an investigation  Dozens of ways people can hide information
  • 15. Anti-Forensics…..contd.  Some programs can fool computers by changing the information in files' headers  Programs can divide files up into small sections and hide each section at the end of other files  Programs called packers can insert executable files into other kinds of files  Encryption is another way to hide data  Changing the metadata attached to files  Some computer applications will erase data if an unauthorized user tries to access the system
  • 16. Computer Forensics Tools  Disk imaging software  Software or hardware write tools  Hashing tools  File recovery programs  Programs to preserve information in RAM  Encryption decoding software  Password cracking software
  • 17. Advantages of Computer Forensics Ability to search through a massive amount of data  Quickly  Thoroughly  In any language
  • 18. Disadvantages of Computer Forensics Digital evidence accepted into court  must prove that there is no tampering  all evidence must be fully accounted for  computer forensic specialists must have complete knowledge of legal requirements, evidence handling and storage and documentation procedures
  • 19. Disadvantages of Computer Forensics Costs  producing electronic records & preserving them is extremely costly  Presents the potential for exposing privileged documents  Legal practitioners must have extensive computer knowledge
  • 20. Conclusion With computers becoming more and more involved in our everyday lives, both professionally and socially, there is a need for computer forensics. This field will enable crucial electronic evidence to be found, whether it was lost, deleted, damaged, or hidden, and used to prosecute individuals that believe they have successfully beaten the system.
  • 21. Thank You It’s nice to be important but it is more important to be nice

Notas del editor

  1. 03/22/12 Computer Forensics-Sara Faust
  2. 03/22/12 Computer Forensics-Sara Faust