COEN 252 Computer Forensics Introduction to Computer Forensics  Thomas Schwarz, S.J. 2009.

Slides:



Advertisements
Similar presentations
Computer & Network Forensics Introduction Xinwen Fu.
Advertisements

Mumbai Cyber Lab A Joint Endeavor of Mumbai Police and NASSCOM Mumbai Cyber Lab A Joint Endeavor of Mumbai Police and NASSCOM Dr. Pradnya Saravade Dy.
We’ve got what it takes to take what you got! NETWORK FORENSICS.
Computer Forensics and Digital Investigation – a brief introduction Ulf Larson/Erland Jonsson.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
Evidence Computer Forensics. Law Enforcement vs. Citizens  Search must have probable cause –4 th amendment search warrant  Private citizen not subject.
January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.
COS/PSA 413 Day 3. Agenda Questions? Blackboard access? Assignment 1 due September 3:35PM –Hands-On Project 1-2 and 2-2 on page 26 of the text Finish.
Computer and Information Technology Core courses focus on problem solving and communication skills for Information Technology professionals involved in.
Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (
COMPUTER FORENSICS IT 454 Orientation Slides / st Semester.
COEN 252 Computer Forensics Introduction to Computer Forensics  Thomas Schwarz, S.J w/ T. Scocca.
Guide to Computer Forensics and Investigations Third Edition
COEN 152 Computer Forensics Introduction to Computer Forensics.
Introduction to Data Forensics CIS302 Harry R. Erwin, PhD School of Computing and Technology University of Sunderland.
An Event-based Digital Forensic Investigation Framework Brian D. Carrier Eugene H. Spafford DFRWS 2004.
Guide to Computer Forensics and Investigations, Second Edition
Warren County Middle School Business And Information Technology Program “ A Different Approach”
Experiences in Undergraduate Studies in the University of Zaragoza LEFIS Undergraduate studies Oslo, 19 th -20 th May 2006.
What is FORENSICS? Why do we need Network Forensics?
INTRODUCTION TO FORENSICS Science, Technology, & Society MR. CANOVA PERIOD 11.
Introduction to Network Security J. H. Wang Feb. 24, 2011.
Undergraduate Technology Programs John Baker Johns Hopkins University Carey Business School
Introduction to Operating Systems J. H. Wang Sep. 18, 2015.
Computer Forensics Principles and Practices
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #8 Computer Forensics Data Recovery and Evidence Collection September.
BIL 101E Introduction to Computer and Information Systems 2011.
Training and Certification. Who needs digital forensic training and professional certification? Forensic examiners Investigators Crime scene specialists.
Chapter 20 Writing Reports, Preparing for and Presenting Cases in Court.
Module 13: Computer Investigations Introduction Digital Evidence Preserving Evidence Analysis of Digital Evidence Writing Investigative Reports Proven.
COEN 252 Computer Forensics Introduction to Computer Forensics  Thomas Schwarz, S.J
1J. M. Kizza - Ethical And Social Issues Module 13: Computer Investigations Introduction Introduction Digital Evidence Digital Evidence Preserving Evidence.
Crime Scene Processing.  Any questions before we begin about anything?  Unit 2 Seminar -Chain of Custody -Modus Operandi (MO) -Criminal Profiling -Importance.
 It is a branch of FORENSIC SCIENCE for legal evidence found in computer  It refers to detail investigation of the computers to carry out required tasks.
1 Policy Types l Program l Issue Specific l System l Overall l Most Generic User Policies should be publicized l Internal Operations Policies should be.
EECS 4482 Fall 2014 Session 8 Slides. IT Security Standards and Procedures An information security policy is at a corporate, high level and generally.
& Selected Topics: Digital Forensics Introduction Xinwen Fu.
Introduction to Information Security J. H. Wang Sep. 18, 2012.
Report Writing Intro to Law Enforcement ROP Instructor: G Uppal.
Computer Forensics Presented By:  Anam Sattar  Anum Ijaz  Tayyaba Shaffqat  Daniyal Qadeer Butt  Usman Rashid.
E NGINEERING STUDIES IN T ELECOMMUNICATIONS S ECURITY School of Communication Engineering.
Principles of LPSCS. Copyright © Texas Education Agency All rights reserved. Images and other multimedia content used with permission. Copyright.
Computer Forensics: A 5 Minute Introduction Santa Clara University Department of Computer Engineering April 2007.
Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.
DATA PROTECTION 2003 THEORY AND PRACTICE OF HANDLING WITH THE COMPUTER CRIME IN THE REPUBLIC OF MACEDONIA Belgrad.
Crime Scene Basics Forensic Science.
MIS323 – Business Telecommunications Chapter 10 Security.
ONLINE COURSES - SIFS FORENSIC SCIENCE PROGRAMME - 2 Our online course instructors are working professionals handling real-life cases related to various.
Computer Forensics By Chris Brown. Computer Forensics Defined Applying computer science to aid in the legal process Utilization of predefined set of procedures.
Cell Phone Forensics Investigator - ICFECI
Computer Forensics. OVERVIEW OF SEMINAR Introduction Introduction Defining Cyber Crime Defining Cyber Crime Cyber Crime Cyber Crime Cyber Crime As Global.
18-1 PRENTICE HALL ©2008 Pearson Education, Inc. Upper Saddle River, NJ FORENSIC SCIENCE An Introduction By Richard Saferstein.
Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Introduction to Operating Systems
CS 450/550 Operating Systems Loc & Time: MW 1:40pm-4:20pm, 101 ENG
IMPACTS OF ICT IN EDUCATION
Computer Forensics 1 1.
Introduction to Computer Forensics
The University of Adelaide, School of Computer Science
Computer Forensics Discovery and recovery of digital evidence
Introduction to Computer Forensics
FILE CARVING: Reassembling files from fragments of bytes/hex data on a digital device.
Introduction to the course
Digital forensics Andrej Brodnik Andrej Brodnik: Digital forensics.
Introduction to Digital Forensics
Fourth Amendment: “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall.
Ad Hoc Phase Structured Phase Enterprise Phase
1 Advanced Cyber Security Forensics Training for Law Enforcement Building Advanced Forensics & Digital Evidence Human Resource in the Law Enforcement sector.
Presentation transcript:

COEN 252 Computer Forensics Introduction to Computer Forensics  Thomas Schwarz, S.J. 2009

Computer Forensics Digital Investigation Focuses on a digital device Computer Router Switch Cell-phone SIM-card …

Computer Forensics Digital Investigation Focuses on a digital device involved in an incident or crime Computer intrusion Generic criminal activity Perpetrator uses internet to gather information used in the perpetration of a crime. Digital device is an instrument of a crime Perpetrator uses cell-phone to set-off a bomb. Details are sensitive to natural security. If you get clearance, I can tell you who to ask. scams Internet auction fraud Computer is used for intrusion of another system.

Computer Forensics Digital Investigation Has different goals Prevention of further intrusions. Goal is to reconstruct modus operandi of intruder to prevent further intrusions. Assessment of damage. Goal is to certify system for safe use. Reconstruction of an incident. For criminal proceedings. For organization-internal proceedings.

Computer Forensics Digital Investigation Process where we develop and test hypotheses that answer questions about digital events. We can use an adaptation of the scientific method where we establish hypotheses based on findings and then (if possible) test our hypotheses against findings resulting from additional investigations.

Computer Forensics Evidence Procedural notion That on what our findings are based. Legal notion Defined by the “rules of evidence” Differ by legislation “Hear-say” is procedurally evidence, but excluded (under many circumstances) as legal evidence.

Computer Forensics Forensics Used in the “forum”, especially for judicial proceedings. Definition: legal

Computer Forensics Digital Crime Scene Investigation Process System Preservation Phase Evidence Searching Phase Event Reconstruction Phase Note: These phases are different activities that intermingle.

Computer Forensics Who should know about Computer Forensics Those involved in legal proceedings that might use digital evidence Judges, Prosecutors, Attorneys, Law Enforcement, Expert Witnesses Those involved in Systems Administration Systems Administrators, Network Administrators, Security Officers Those writing procedures Managers

Computer Forensics Computer Forensics presupposes skills in Ethics Law, especially rules of evidence System and network administration Digital data presentation Number and character representation Systems OS, especially file systems. Hardware, especially disk drives, memory systems, computer architecture, … Networking Network protocols, Intrusion detection, … Information Systems Management

COEN 252 Prerequisites Required: Good moral character. Ability and willingness to respect ethical boundaries. Familiarity with at least one type of operating system. (Windows, Unix/Linux, DOS experience preferred.) Some programming. Access to a computer with Hex editor. Desired: Familiarity with OS Theory. Familiarity with Networking. Some Knowledge of U.S. Legal System.

COEN 252 Text Books SKOUDIS, E., Zeltser, L.: Malware: Fighting Malicious Code.. Prentice Hall Professional Technical Reference Second edition about to appear. MANDIA, K., PROSISE, C., PEPE, M. Incident Response & Computer Forensics. 2nd edition. Osbourne- McGraw Hill, 2003.

COEN 252 Grading Written Final (20%) (No collaboration.) Practical Final (35%, due day of the final) (No collaboration.) Ethics Case (5%, due day of the final) (No collaboration.) Laboratories & Homeworks (30%) (Limited collaboration.) Class Project (10%) Groups. This class is subject to the School of Engineering's Honor code. Disability Accommodation Policy: To request academic accommodations for a disability, students must contact Disability Resources located in the Drahmann Center in Benson, Room 214 (Tel.: , TTY ). Students must provide documentation of a disability to Disability Resources prior to receiving accommodations. You should take the PERL courses offered by the Sun Academic Alliance. You can find instructions at ~tschwarz/ Homepage/ SunAcademicAllianceInstructions.html

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.