SlideShare una empresa de Scribd logo

Cyber&digital forensics report

Descargar como DOCX, PDF
Y
yash sawarkar
Tecnología
1 de 9
CYBER & DIGITAL FORENSICS Yash sawarkar kunal kawale Anup Singh Student of IT department, Student of IT department, student of ITdepartment, G.H. Raisoni college of engineering, G.H. Raisoni college of engineering, G.H.raisoni college of Nagpur, India. Nagpur, India. Nagpur,india.
G.H.RAISONI COLLEGE OF ENGINEERING (AN AUTONOMOUS INSTITUTION UNDER UGC ACT 1956) A REPORT ON “CYBER & DIGITAL FORENSICS” TEACHER ASSESSMENT EXAM NAME: KUNAL KAWALE (83) : YASH SAWARKAR (82) : ANUP SINGH GAHLOD SECTION:A BRANCH: INFORMATION TECHNOLOGY
INDEX 1. Title……………………………………………………………………..1 2. Abstract……………………………………………………………….2 3. Introduction ……………………………………………………….2 4. Methodology……………………………………………………….3 5. Digital analysis tools……………………………………………3 6. Technique …………………………………………………………..4 7. Related work………………………………………………………..5 8. Analysis………………………………………………………………..6 9. Conclusion…………………………………………………………..15 10. Reference………………………………………………………….16
2. ABSTRACT In this Report we show how to conduct digital forensics on computers, Now days internet continues to grow in day to day life of every human for social networks, information source, research, communication and all that thinks that made easy to do. Due to its rapid development and lacking of proper regulation the cyber crime increase in recent past years and investigators have been facing the difficulty of digital evidence.Digital evidence is stored in computer can play a major role in a wide range of crimes including murder, rape, hacked pc’s and servers etc.Digital forensics can be classified into live and dead analysis a live can be performed while the system is being running or not shutdown and dead analysis can be performed after the machine goes to off condition in that case the data can also be lost. 3. INTRODUCTION The increasing criminal activities using digital information as the means or target warrant for a structured manner in dealing with them. As more information is stored in digital form it is very likely that the evidence needed to process the criminal is also in digital form. For this paper computer or digital forensics is defined as the use of an expert to preserve, analyse and produce data from volatile and non volatile media storage. Computer forensics is in the early stages of development and as a result problems are emerging forensic analysis of computer system is a field that has been focused on a digital investigation of any source of information. forensics investigation techniques has focused mostly on evidence contained within the hard disk. But recently there has been demand for more tools and technique to be developed for capturing memory images and analysing their content that is because user input information that may be recovered from memory allocation.
4. METHODOLOGY Defining computer forensic require one more clarification. Many argue about whether computer forensic is a science or art the argument is unnecessary, however the tools and methods are scientific hence the word technique is often used to sidestep the unproductive science/art dispute. 5. DIGITAL FORENSIC TOOLS A number of open source and commercial tools exist for computer forensic typically analysis include a manual review of material on the media, reviewing the windows registry for suspect information discovering and cracking password. 1>Name- backtrack 5r2 (linux operating system)-This OS has many forensic tools for analysis of any compromised system or find security holes in that a large amount of open source bundled packages are installed in that OS. 2>Ophcrack-This tool use to crack the hashes which generated by sam files of windows this tools use rainbow tables to crack the hashes. 3>registry recon-That rebuild windows registry from anywhere on a hard drive and parses them for deep analysis. 4>Nuix-A fraud prevention software. Full text search extract emails, credit cards numbers, emails, ip address, URL’s skins tone analysis.
6. TECHNIQUE Live incident response-Collects all of the revelent data from the system that will be used to confirm whether that incident occurred. Live incident response include collecting volatile and non volatile data. Volatile data is information we would lose if we walked up to a device and disconnected the power cord. Nonvolatile data includes data that would be very useful to collect during digital forensic collection such as system event logs, user logons, and patch levels, among many others. Volatile vs. Nonvolatile data- Some of the volatile data that should be collected includes system date and time, current network connections, open TCP and UDP ports, which executables are opening UDP and TCP ports, cached NETBIOS name table, users currently logged on, the internal routing table, running processes, scheduled jobs, open files, and process memory dumps. This list is not all inclusive as a forensic investigator must consider any and all possible variables during collection. However, one thing that all these have in common is that they would be lost if the power were removed from your target machine. Cross-drive analysis- A forensic technique that correlates information found on multiple hard drives. The process, still being researched, can be used to identify social networks and for perform anomaly detection Live analysis- The examination of computers from within the operating system using custom forensics or existing sysadmin tools to extract evidence. The practice is useful when dealing with Encrypting File Systems, for example, where the encryption keys may be collected and, in some instances, the logical hard drive volume may be imaged before the computer is shut down. Deleted files- A common technique used in computer forensics is the recovery of deleted files. Modern forensic software have their own tools for recovering or carving out deleted data. Most operating systems and file systems do not always erase physical file data, allowing investigators to reconstruct it from the physical disk sectors. File carving involves searching for known file headers within the disk image and reconstructing deleted materials. Steganography- One of the techniques used to hide data is via steganography, the process of hiding data inside of a picture or digital image. This process is often used to hide pornographic images of children as well as information that a given criminal does not want to have discovered. Computer forensics professionals can fight this by looking at the hash of the file and comparing it to the original image While the image appears exactly the same, the hashchanges as the data changes.
7. RELATED WORK UNIX Live Response- Any forensic investigator should be prepared to encounter non-windows operating systems such as DOS, Linux, and UNIX. This section will concentrate on UNIX live response. In order to collect volatile data, we can utilize the following commands during a UNIX live response: a. System date and time – date b. Current network connections – netstat View USB History in Windows- 1. Windows stores information in the registry about every USB device plugged into the box. We can view this information with the following command c:userab>reg query hklnsystemcurrentcontrolsetenumusbstor /s 1>now open ur power shell command prompt 2>if to read the name is more complicated then use this command in power shell PS c:> Get-ItemProperty -Path 'HKLM:SYSTEMCurrentControlSetEnumUSBSTOR**' | Select FriendlyName 2. for user friendly view PS c:> Get-ChildItem HKLM:SYSTEMControlSet001EnumUSBSTOR | Select-Object PSChildname
8. ANALYSIS The approach for a digital investigation is performed on the basis of the physical crime scene investigation process In the present case, a digital crime scene involves software- and hardware- based digital environment. The process consists of three key stages: system preservation, evidence searching and event reconstruction. These stages do not require occurring one after one, and their flow is depicted in Figure 2 Moreover, it is possible to use this procedure during investigation of both live and dead systems Dead analysis works with trusted application in a trusted operation system in order to find the evidence. Dead analysis seems to be better since the live analysis may result in obtaining false information Figure 2 9. CONCLUSION It is hoped that this papers are helpful in introduction to computer forensic and the digital forensic methodology. Currently there is still no authoritative technology standered so a large quantity of thinks is waiting to be done This article and flow chart may serve as useful tool to guide discussion among personal making forensic cyber crime lab in the computer crime and intellectual property section is always available for consulation a combination of new techonology and changing habits of use means that the forensic examiner must strive too keep up to date with the latest development this paper has illustrated some of the technique to ensure a greater understanding of the value of the the digital evidence available to ensure a stronger case for the prosecution.
10. Reference link M Reith, C Carr, G Gunsch (2002). "An examination of digital forensic models". International Journal of Digital Evidence. Retrieved 2 August 2010. Carrier, Brian D (2007). "Basic Digital Forensic Investigation Concepts" Aaron Phillip; David Cowen, Chris Davis (2009). Hacking Exposed: Computer Forensics. McGraw Hill Professional. p. 544. ISBN 0-07-162677-8. Retrieved 27 August 2010.

Recomendados

L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxBhupeshkumar Nanhe
 
Router forensics
Router forensicsRouter forensics
Router forensicsTaruna Chauhan
 
Chapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptxChapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptx1SI19IS064TEJASS
 
Cyber Security For Kids by Shounak Ray Chaudhuri
Cyber Security For Kids by Shounak Ray Chaudhuri Cyber Security For Kids by Shounak Ray Chaudhuri
Cyber Security For Kids by Shounak Ray Chaudhuri Moumita Chatterjee
 
Android malware presentation
Android malware presentationAndroid malware presentation
Android malware presentationSandeep Joshi
 
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdf
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdfCYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdf
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdfKumbidiGaming
 
Computer forensic
Computer forensicComputer forensic
Computer forensicSinggih Prasetya
 
Digital forensic principles and procedure
Digital forensic principles and procedureDigital forensic principles and procedure
Digital forensic principles and procedurenewbie2019
 

Recomendados

L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxBhupeshkumar Nanhe
 
Router forensics
Router forensicsRouter forensics
Router forensicsTaruna Chauhan
 
Chapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptxChapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptx1SI19IS064TEJASS
 
Cyber Security For Kids by Shounak Ray Chaudhuri
Cyber Security For Kids by Shounak Ray Chaudhuri Cyber Security For Kids by Shounak Ray Chaudhuri
Cyber Security For Kids by Shounak Ray Chaudhuri Moumita Chatterjee
 
Android malware presentation
Android malware presentationAndroid malware presentation
Android malware presentationSandeep Joshi
 
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdf
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdfCYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdf
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdfKumbidiGaming
 
Computer forensic
Computer forensicComputer forensic
Computer forensicSinggih Prasetya
 
Digital forensic principles and procedure
Digital forensic principles and procedureDigital forensic principles and procedure
Digital forensic principles and procedurenewbie2019
 
Mobile forensics
Mobile forensicsMobile forensics
Mobile forensicsnoorashams
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
Incident response process
Incident response processIncident response process
Incident response processBhupeshkumar Nanhe
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffersKunal Thakur
 
Introduction to IoT (Internet of Things)
Introduction to IoT (Internet of Things)Introduction to IoT (Internet of Things)
Introduction to IoT (Internet of Things)Octal Info Solution Pte Ltd
 
Computer forensics and Investigation
Computer forensics and InvestigationComputer forensics and Investigation
Computer forensics and InvestigationNeha Raju k
 
Keyloggers
KeyloggersKeyloggers
Keyloggerskdore
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber ForensicsKathirvel Ayyaswamy
 
Computer Forensics ppt
Computer Forensics pptComputer Forensics ppt
Computer Forensics pptOECLIB Odisha Electronics Control Library
 
Computer safety
Computer safetyComputer safety
Computer safetyahentz
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsBense Tony
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsyash sawarkar
 
Social network privacy & security
Social network privacy & securitySocial network privacy & security
Social network privacy & securitynadikari123
 
Latest seminar topics
Latest seminar topicsLatest seminar topics
Latest seminar topicsPulla Surya
 
To use the concept of Data Mining and machine learning concept for Cyber secu...
To use the concept of Data Mining and machine learning concept for Cyber secu...To use the concept of Data Mining and machine learning concept for Cyber secu...
To use the concept of Data Mining and machine learning concept for Cyber secu...Nishant Mehta
 
PPT Lab Assignment - Computers - Computer Ethics
PPT Lab Assignment - Computers - Computer EthicsPPT Lab Assignment - Computers - Computer Ethics
PPT Lab Assignment - Computers - Computer EthicsScøtt Lıgøckı
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
Cyber security
Cyber security Cyber security
Cyber security Shivam Yadav
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsdeaneal
 
Wearable computers - Types, Applications & Future?
Wearable computers - Types, Applications & Future?Wearable computers - Types, Applications & Future?
Wearable computers - Types, Applications & Future?Hariharan Ganesan
 
Automated Live Forensics Analysis for Volatile Data Acquisition
Automated Live Forensics Analysis for Volatile Data AcquisitionAutomated Live Forensics Analysis for Volatile Data Acquisition
Automated Live Forensics Analysis for Volatile Data AcquisitionIJERA Editor
 
Lecture 09 - Memory Forensics.pdfL E C T U R E 9 B Y .docx
Lecture 09 - Memory Forensics.pdfL E C T U R E 9 B Y .docxLecture 09 - Memory Forensics.pdfL E C T U R E 9 B Y .docx
Lecture 09 - Memory Forensics.pdfL E C T U R E 9 B Y .docxsmile790243
 

Más contenido relacionado

La actualidad más candente

Mobile forensics
Mobile forensicsMobile forensics
Mobile forensicsnoorashams
 
Computer forensics and Investigation
Computer forensics and InvestigationComputer forensics and Investigation
Computer forensics and InvestigationNeha Raju k
 
Keyloggers
KeyloggersKeyloggers
Keyloggerskdore
 
Computer safety
Computer safetyComputer safety
Computer safetyahentz
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsBense Tony
 
Social network privacy & security
Social network privacy & securitySocial network privacy & security
Social network privacy & securitynadikari123
 
Latest seminar topics
Latest seminar topicsLatest seminar topics
Latest seminar topicsPulla Surya
 
To use the concept of Data Mining and machine learning concept for Cyber secu...
To use the concept of Data Mining and machine learning concept for Cyber secu...To use the concept of Data Mining and machine learning concept for Cyber secu...
To use the concept of Data Mining and machine learning concept for Cyber secu...Nishant Mehta
 
PPT Lab Assignment - Computers - Computer Ethics
PPT Lab Assignment - Computers - Computer EthicsPPT Lab Assignment - Computers - Computer Ethics
PPT Lab Assignment - Computers - Computer EthicsScøtt Lıgøckı
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsdeaneal
 
Wearable computers - Types, Applications & Future?
Wearable computers - Types, Applications & Future?Wearable computers - Types, Applications & Future?
Wearable computers - Types, Applications & Future?Hariharan Ganesan
 

La actualidad más candente (20)

Mobile forensics
Mobile forensicsMobile forensics
Mobile forensics
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
 
Incident response process
Incident response processIncident response process
Incident response process
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffers
 
Introduction to IoT (Internet of Things)
Introduction to IoT (Internet of Things)Introduction to IoT (Internet of Things)
Introduction to IoT (Internet of Things)
 
Computer forensics and Investigation
Computer forensics and InvestigationComputer forensics and Investigation
Computer forensics and Investigation
 
Keyloggers
KeyloggersKeyloggers
Keyloggers
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 
Computer Forensics ppt
Computer Forensics pptComputer Forensics ppt
Computer Forensics ppt
 
Computer safety
Computer safetyComputer safety
Computer safety
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Social network privacy & security
Social network privacy & securitySocial network privacy & security
Social network privacy & security
 
Latest seminar topics
Latest seminar topicsLatest seminar topics
Latest seminar topics
 
To use the concept of Data Mining and machine learning concept for Cyber secu...
To use the concept of Data Mining and machine learning concept for Cyber secu...To use the concept of Data Mining and machine learning concept for Cyber secu...
To use the concept of Data Mining and machine learning concept for Cyber secu...
 
PPT Lab Assignment - Computers - Computer Ethics
PPT Lab Assignment - Computers - Computer EthicsPPT Lab Assignment - Computers - Computer Ethics
PPT Lab Assignment - Computers - Computer Ethics
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
Cyber security
Cyber security Cyber security
Cyber security
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Wearable computers - Types, Applications & Future?
Wearable computers - Types, Applications & Future?Wearable computers - Types, Applications & Future?
Wearable computers - Types, Applications & Future?
 

Similar a Cyber&digital forensics report

Automated Live Forensics Analysis for Volatile Data Acquisition
Automated Live Forensics Analysis for Volatile Data AcquisitionAutomated Live Forensics Analysis for Volatile Data Acquisition
Automated Live Forensics Analysis for Volatile Data AcquisitionIJERA Editor
 
Lecture 09 - Memory Forensics.pdfL E C T U R E 9 B Y .docx
Lecture 09 - Memory Forensics.pdfL E C T U R E 9 B Y .docxLecture 09 - Memory Forensics.pdfL E C T U R E 9 B Y .docx
Lecture 09 - Memory Forensics.pdfL E C T U R E 9 B Y .docxsmile790243
 
Techniques in Computer Forensics: A Recovery Perspective
Techniques in Computer Forensics: A Recovery PerspectiveTechniques in Computer Forensics: A Recovery Perspective
Techniques in Computer Forensics: A Recovery PerspectiveCSCJournals
 
ICT741 Digital Forensics.docx
ICT741 Digital Forensics.docxICT741 Digital Forensics.docx
ICT741 Digital Forensics.docxwrite4
 
computerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfcomputerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfGnanavi2
 
A Novel Methodology for Offline Forensics Triage in Windows Systems
A Novel Methodology for Offline Forensics Triage in Windows SystemsA Novel Methodology for Offline Forensics Triage in Windows Systems
A Novel Methodology for Offline Forensics Triage in Windows SystemsIRJET Journal
 
A Literature Review On Cyber Forensic And Its Analysis Tools
A Literature Review On Cyber Forensic And Its Analysis ToolsA Literature Review On Cyber Forensic And Its Analysis Tools
A Literature Review On Cyber Forensic And Its Analysis ToolsSamantha Vargas
 
Virtual Machine Forensic Analysis and Recovery Method for Recovery and Analys...
Virtual Machine Forensic Analysis and Recovery Method for Recovery and Analys...Virtual Machine Forensic Analysis and Recovery Method for Recovery and Analys...
Virtual Machine Forensic Analysis and Recovery Method for Recovery and Analys...IJCSIS Research Publications
 
computer forensics
computer forensicscomputer forensics
computer forensicsAkhil Kumar
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsLalit Garg
 
How to Use Linux Forensic Analysis Tools for Digital Investigations.pdf
How to Use Linux Forensic Analysis Tools for Digital Investigations.pdfHow to Use Linux Forensic Analysis Tools for Digital Investigations.pdf
How to Use Linux Forensic Analysis Tools for Digital Investigations.pdfuzair
 
6950SafeAssign Originality ReportDigital Fore.docx
6950SafeAssign Originality ReportDigital Fore.docx6950SafeAssign Originality ReportDigital Fore.docx
6950SafeAssign Originality ReportDigital Fore.docxpriestmanmable
 
6950SafeAssign Originality ReportDigital Fore.docx
6950SafeAssign Originality ReportDigital Fore.docx6950SafeAssign Originality ReportDigital Fore.docx
6950SafeAssign Originality ReportDigital Fore.docxblondellchancy
 
05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - NotesKranthi
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - NotesKranthi
 
Digital Forensics in the Archive
Digital Forensics in the ArchiveDigital Forensics in the Archive
Digital Forensics in the ArchiveGarethKnight
 
Forensic drive correlation
Forensic drive correlationForensic drive correlation
Forensic drive correlationRamesh Gubba
 

Similar a Cyber&digital forensics report (20)

Automated Live Forensics Analysis for Volatile Data Acquisition
Automated Live Forensics Analysis for Volatile Data AcquisitionAutomated Live Forensics Analysis for Volatile Data Acquisition
Automated Live Forensics Analysis for Volatile Data Acquisition
 
Lecture 09 - Memory Forensics.pdfL E C T U R E 9 B Y .docx
Lecture 09 - Memory Forensics.pdfL E C T U R E 9 B Y .docxLecture 09 - Memory Forensics.pdfL E C T U R E 9 B Y .docx
Lecture 09 - Memory Forensics.pdfL E C T U R E 9 B Y .docx
 
Techniques in Computer Forensics: A Recovery Perspective
Techniques in Computer Forensics: A Recovery PerspectiveTechniques in Computer Forensics: A Recovery Perspective
Techniques in Computer Forensics: A Recovery Perspective
 
ICT741 Digital Forensics.docx
ICT741 Digital Forensics.docxICT741 Digital Forensics.docx
ICT741 Digital Forensics.docx
 
computerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfcomputerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdf
 
A Novel Methodology for Offline Forensics Triage in Windows Systems
A Novel Methodology for Offline Forensics Triage in Windows SystemsA Novel Methodology for Offline Forensics Triage in Windows Systems
A Novel Methodology for Offline Forensics Triage in Windows Systems
 
A Literature Review On Cyber Forensic And Its Analysis Tools
A Literature Review On Cyber Forensic And Its Analysis ToolsA Literature Review On Cyber Forensic And Its Analysis Tools
A Literature Review On Cyber Forensic And Its Analysis Tools
 
Latest presentation
Latest presentationLatest presentation
Latest presentation
 
Virtual Machine Forensic Analysis and Recovery Method for Recovery and Analys...
Virtual Machine Forensic Analysis and Recovery Method for Recovery and Analys...Virtual Machine Forensic Analysis and Recovery Method for Recovery and Analys...
Virtual Machine Forensic Analysis and Recovery Method for Recovery and Analys...
 
computer forensics
computer forensicscomputer forensics
computer forensics
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
How to Use Linux Forensic Analysis Tools for Digital Investigations.pdf
How to Use Linux Forensic Analysis Tools for Digital Investigations.pdfHow to Use Linux Forensic Analysis Tools for Digital Investigations.pdf
How to Use Linux Forensic Analysis Tools for Digital Investigations.pdf
 
6950SafeAssign Originality ReportDigital Fore.docx
6950SafeAssign Originality ReportDigital Fore.docx6950SafeAssign Originality ReportDigital Fore.docx
6950SafeAssign Originality ReportDigital Fore.docx
 
6950SafeAssign Originality ReportDigital Fore.docx
6950SafeAssign Originality ReportDigital Fore.docx6950SafeAssign Originality ReportDigital Fore.docx
6950SafeAssign Originality ReportDigital Fore.docx
 
05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes
 
Forensics
ForensicsForensics
Forensics
 
Digital Forensics in the Archive
Digital Forensics in the ArchiveDigital Forensics in the Archive
Digital Forensics in the Archive
 
Computer forencis
Computer forencisComputer forencis
Computer forencis
 
Forensic drive correlation
Forensic drive correlationForensic drive correlation
Forensic drive correlation
 

Último

Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 

Último (20)

Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 

Cyber&digital forensics report

  • 1. CYBER & DIGITAL FORENSICS Yash sawarkar kunal kawale Anup Singh Student of IT department, Student of IT department, student of ITdepartment, G.H. Raisoni college of engineering, G.H. Raisoni college of engineering, G.H.raisoni college of Nagpur, India. Nagpur, India. Nagpur,india.
  • 2. G.H.RAISONI COLLEGE OF ENGINEERING (AN AUTONOMOUS INSTITUTION UNDER UGC ACT 1956) A REPORT ON “CYBER & DIGITAL FORENSICS” TEACHER ASSESSMENT EXAM NAME: KUNAL KAWALE (83) : YASH SAWARKAR (82) : ANUP SINGH GAHLOD SECTION:A BRANCH: INFORMATION TECHNOLOGY
  • 3. INDEX 1. Title……………………………………………………………………..1 2. Abstract……………………………………………………………….2 3. Introduction ……………………………………………………….2 4. Methodology……………………………………………………….3 5. Digital analysis tools……………………………………………3 6. Technique …………………………………………………………..4 7. Related work………………………………………………………..5 8. Analysis………………………………………………………………..6 9. Conclusion…………………………………………………………..15 10. Reference………………………………………………………….16
  • 4. 2. ABSTRACT In this Report we show how to conduct digital forensics on computers, Now days internet continues to grow in day to day life of every human for social networks, information source, research, communication and all that thinks that made easy to do. Due to its rapid development and lacking of proper regulation the cyber crime increase in recent past years and investigators have been facing the difficulty of digital evidence.Digital evidence is stored in computer can play a major role in a wide range of crimes including murder, rape, hacked pc’s and servers etc.Digital forensics can be classified into live and dead analysis a live can be performed while the system is being running or not shutdown and dead analysis can be performed after the machine goes to off condition in that case the data can also be lost. 3. INTRODUCTION The increasing criminal activities using digital information as the means or target warrant for a structured manner in dealing with them. As more information is stored in digital form it is very likely that the evidence needed to process the criminal is also in digital form. For this paper computer or digital forensics is defined as the use of an expert to preserve, analyse and produce data from volatile and non volatile media storage. Computer forensics is in the early stages of development and as a result problems are emerging forensic analysis of computer system is a field that has been focused on a digital investigation of any source of information. forensics investigation techniques has focused mostly on evidence contained within the hard disk. But recently there has been demand for more tools and technique to be developed for capturing memory images and analysing their content that is because user input information that may be recovered from memory allocation.
  • 5. 4. METHODOLOGY Defining computer forensic require one more clarification. Many argue about whether computer forensic is a science or art the argument is unnecessary, however the tools and methods are scientific hence the word technique is often used to sidestep the unproductive science/art dispute. 5. DIGITAL FORENSIC TOOLS A number of open source and commercial tools exist for computer forensic typically analysis include a manual review of material on the media, reviewing the windows registry for suspect information discovering and cracking password. 1>Name- backtrack 5r2 (linux operating system)-This OS has many forensic tools for analysis of any compromised system or find security holes in that a large amount of open source bundled packages are installed in that OS. 2>Ophcrack-This tool use to crack the hashes which generated by sam files of windows this tools use rainbow tables to crack the hashes. 3>registry recon-That rebuild windows registry from anywhere on a hard drive and parses them for deep analysis. 4>Nuix-A fraud prevention software. Full text search extract emails, credit cards numbers, emails, ip address, URL’s skins tone analysis.
  • 6. 6. TECHNIQUE Live incident response-Collects all of the revelent data from the system that will be used to confirm whether that incident occurred. Live incident response include collecting volatile and non volatile data. Volatile data is information we would lose if we walked up to a device and disconnected the power cord. Nonvolatile data includes data that would be very useful to collect during digital forensic collection such as system event logs, user logons, and patch levels, among many others. Volatile vs. Nonvolatile data- Some of the volatile data that should be collected includes system date and time, current network connections, open TCP and UDP ports, which executables are opening UDP and TCP ports, cached NETBIOS name table, users currently logged on, the internal routing table, running processes, scheduled jobs, open files, and process memory dumps. This list is not all inclusive as a forensic investigator must consider any and all possible variables during collection. However, one thing that all these have in common is that they would be lost if the power were removed from your target machine. Cross-drive analysis- A forensic technique that correlates information found on multiple hard drives. The process, still being researched, can be used to identify social networks and for perform anomaly detection Live analysis- The examination of computers from within the operating system using custom forensics or existing sysadmin tools to extract evidence. The practice is useful when dealing with Encrypting File Systems, for example, where the encryption keys may be collected and, in some instances, the logical hard drive volume may be imaged before the computer is shut down. Deleted files- A common technique used in computer forensics is the recovery of deleted files. Modern forensic software have their own tools for recovering or carving out deleted data. Most operating systems and file systems do not always erase physical file data, allowing investigators to reconstruct it from the physical disk sectors. File carving involves searching for known file headers within the disk image and reconstructing deleted materials. Steganography- One of the techniques used to hide data is via steganography, the process of hiding data inside of a picture or digital image. This process is often used to hide pornographic images of children as well as information that a given criminal does not want to have discovered. Computer forensics professionals can fight this by looking at the hash of the file and comparing it to the original image While the image appears exactly the same, the hashchanges as the data changes.
  • 7. 7. RELATED WORK UNIX Live Response- Any forensic investigator should be prepared to encounter non-windows operating systems such as DOS, Linux, and UNIX. This section will concentrate on UNIX live response. In order to collect volatile data, we can utilize the following commands during a UNIX live response: a. System date and time – date b. Current network connections – netstat View USB History in Windows- 1. Windows stores information in the registry about every USB device plugged into the box. We can view this information with the following command c:userab>reg query hklnsystemcurrentcontrolsetenumusbstor /s 1>now open ur power shell command prompt 2>if to read the name is more complicated then use this command in power shell PS c:> Get-ItemProperty -Path 'HKLM:SYSTEMCurrentControlSetEnumUSBSTOR**' | Select FriendlyName 2. for user friendly view PS c:> Get-ChildItem HKLM:SYSTEMControlSet001EnumUSBSTOR | Select-Object PSChildname
  • 8. 8. ANALYSIS The approach for a digital investigation is performed on the basis of the physical crime scene investigation process In the present case, a digital crime scene involves software- and hardware- based digital environment. The process consists of three key stages: system preservation, evidence searching and event reconstruction. These stages do not require occurring one after one, and their flow is depicted in Figure 2 Moreover, it is possible to use this procedure during investigation of both live and dead systems Dead analysis works with trusted application in a trusted operation system in order to find the evidence. Dead analysis seems to be better since the live analysis may result in obtaining false information Figure 2 9. CONCLUSION It is hoped that this papers are helpful in introduction to computer forensic and the digital forensic methodology. Currently there is still no authoritative technology standered so a large quantity of thinks is waiting to be done This article and flow chart may serve as useful tool to guide discussion among personal making forensic cyber crime lab in the computer crime and intellectual property section is always available for consulation a combination of new techonology and changing habits of use means that the forensic examiner must strive too keep up to date with the latest development this paper has illustrated some of the technique to ensure a greater understanding of the value of the the digital evidence available to ensure a stronger case for the prosecution.
  • 9. 10. Reference link M Reith, C Carr, G Gunsch (2002). "An examination of digital forensic models". International Journal of Digital Evidence. Retrieved 2 August 2010. Carrier, Brian D (2007). "Basic Digital Forensic Investigation Concepts" Aaron Phillip; David Cowen, Chris Davis (2009). Hacking Exposed: Computer Forensics. McGraw Hill Professional. p. 544. ISBN 0-07-162677-8. Retrieved 27 August 2010.