Presentation is loading. Please wait.

Presentation is loading. Please wait.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #6 Forensics Services September 10, 2007.

Published byAda Cox Modified over 8 years ago

Similar presentations

Presentation on theme: "Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #6 Forensics Services September 10, 2007."— Presentation transcript:

1 Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #6 Forensics Services September 10, 2007

2 Outline l Cyber crime l Cyber detective l Risk Management l Investigative services l Process improvement l Conclusion l Links l Appendix: Malicious Code Detection

3 Review of Lecture #5 l Lectures 5 - Types of Computer Forensics Systems - Objective: Identify issues in corporate planning for computer forensics l Tools for Digital Forensics l Assignment #1 l Lab Tour

4 Lecture 5: Types of Computer Forensics Systems l Internet Security Systems l Intrusion Detection Systems l Firewall Security Systems l Storage Area Network Security Systems l Network disaster recovery systems l Public key infrastructure systems l Wireless network security systems l Satellite encryption security systems l Instant Messaging Security Systems l Net privacy systems l Identity management security systems l Identify theft prevention systems l Biometric security systems l Homeland security systems

5 Cyber Crime l Financial Fraud l Sabotage of Data or Networks l Theft of Proprietary Information l System Penetration from the outside and denial of service l Unauthorized access by insiders and employee misuse of Internet access privileges: Insider threat l Malicious code (e.g., Virus)

6 Cyber Detective l Forensics investigators - detect the extent f security breach, - recover lost data, - determine how an intruder got past the security mechanisms, - and possibly identify the culprit l Legal issues - Admissibility of digital evidence in court - Laws lag technology - Theft: A person must permanently deprive the victim of property: does this apply to cyber theft?

7 Risk Management l Risk management - is the human activity which integrates recognition of risk, risk assessment, developing strategies to manage it, and mitigation of risk using managerial resources.risk risk assessmentstrategies - The strategies include transferring the risk to another party, avoiding the risk, reducing the negative effect of the risk, and accepting some or all of the consequences of a particular risk. - http://en.wikipedia.org/wiki/Risk_management l Risk management for Computer Forensics - Effective IT and staff policies - Use of state of the art Vendor tools - Effective procedures

8 Forensic Services l Forensics Incident Response l Evidence Collection l Forensic Analysis l Expert witness l Forensic litigation and insurance claims support l Training l Process improvement

9 Investigative services examples l Intrusion detection service - Installing technical safeguards to spot network intruders or detect denial of service attacks at e-commerce servers l Digital evidence collection - Identify all devices that may contain evidence - Quarantine all in-house computers - Court orders to preserver and collect evidence

10 Process Improvement: Tools l Dig –x/nslookup l Whois l Ping l Traceroute l Finger l Anonymous surfing l USENET l Need to integrate the processes

11 Conclusion l Part I has provided an overview of computer forensics and discussed technologies, systems and services l There are two major aspects: one is detect that a problem has occurred and the other is finding out who did it l Technology and legal aspects: both work together l Should a corporation outsource the forensics services or carry it out in-house l Evidence collected must be stored in a secure place – security techniques include encryption l Must manage and mitigate risks

12 Links l http://www.compforensics.com/ http://www.compforensics.com/ l http://www.computer-forensic.com/faqs.html http://www.computer-forensic.com/faqs.html l http://www.cfsiusa.com/ http://www.cfsiusa.com/ - Dallas, TX l http://www.evestigate.com/ http://www.evestigate.com/ l http://www.digitaldataforensics.com/ http://www.digitaldataforensics.com/ l http://www.databankservices.com/ http://www.databankservices.com/ - Austin, TX l http://www.vogon-international.com/computer- forensics/ http://www.vogon-international.com/computer- forensics/ l http://www.vogon.co.uk/ http://www.vogon.co.uk/ l http://www.forensiccomputerservice.com/ http://www.forensiccomputerservice.com/

Download ppt "Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #6 Forensics Services September 10, 2007."

Similar presentations

Ethics, Privacy and Information Security

Ethics, Privacy and Information Security
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #26 Emerging Technologies.

Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #26 Emerging Technologies.
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
Forensic and Investigative Accounting Chapter 15 Cybercrime Management: Legal Issues © 2007 CCH. All Rights Reserved. 4025 W. Peterson Ave. Chicago, IL.

Forensic and Investigative Accounting Chapter 15 Cybercrime Management: Legal Issues © 2007 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL.
Separate Domains of IT Infrastructure

Separate Domains of IT Infrastructure
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Lecture 10 Security and Control.

Lecture 10 Security and Control.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
Lecture 10 Security and Control.

Lecture 10 Security and Control.
10.1 © 2006 by Prentice Hall 10 Chapter Security and Control.

10.1 © 2006 by Prentice Hall 10 Chapter Security and Control.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
FIT3105 Security and Identity Management Lecture 1.

FIT3105 Security and Identity Management Lecture 1.
Reliability and Security. Security How big a problem is security? Perfect security is unattainable Security in the context of a socio- technical system.

Reliability and Security. Security How big a problem is security? Perfect security is unattainable Security in the context of a socio- technical system.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
CYBER CRIME AND SECURITY TRENDS

CYBER CRIME AND SECURITY TRENDS
Chapter 8 Security and Control.

Chapter 8 Security and Control.
10.1 © 2006 by Prentice Hall 10 Chapter Security and Control.

10.1 © 2006 by Prentice Hall 10 Chapter Security and Control.

Similar presentations

Ads by Google