Presentation is loading. Please wait.

Presentation is loading. Please wait.

SAK 4801 INTRODUCTION TO COMPUTER FORENSICS Chapter 9 Tracking E-mails and Investigating E-mail Crimes Mohd Taufik Abdullah Department of Computer Science.

Published byLynette Mitchell Modified over 8 years ago

Similar presentations

Presentation on theme: "SAK 4801 INTRODUCTION TO COMPUTER FORENSICS Chapter 9 Tracking E-mails and Investigating E-mail Crimes Mohd Taufik Abdullah Department of Computer Science."— Presentation transcript:

1 SAK 4801 INTRODUCTION TO COMPUTER FORENSICS Chapter 9 Tracking E-mails and Investigating E-mail Crimes Mohd Taufik Abdullah Department of Computer Science Faculty of Computer Science and Information Technology University Putra of Malaysia Room No: 2.28 Portions of the material courtesy Nelson et. al., and EC-Council

2 2 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics Learning Objectives At the end of this chapter, you will be able to: Explain the role of e-mail in investigations Describe client and server roles in e-mail Describe tasks in investigating e-mail crimes and violations Explain the use of e-mail server logs Describe some available e-mail computer forensics tools

3 3 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics Chapter 9 Outline 9. Tracking E-mails and Investigating E-mail Crimes 9.1. Understanding Internet Fundamental and Internet Protocol 9.2. Exploring the roles of E-mail in Investigations 9.3. Exploring the roles of client and server in e-mail 9.4. Investigating e-mail crimes and violations 9.5. Tracing Back 9.6. Searching e-mail addresses 9.7. Handling Spam 9.8. Protecting e-mail address from Spam

4 9.1 Understanding Internet Fundamentals and Internet Protocols

5 5 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.1.1 Understanding Internet Fundamental Internet It is a huge collection of networks connecting millions of computers Internet Service Provider (ISP) According to Webopedia.com “It is a company that provides access to the Internet” Dial-Up Connection According to Webopedia.com “It refers to connecting a device to network via a modem and a public telephone network”

6 6 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.1.2 Understanding Internet Protocols Internet Protocols A set of standards determining the format and transmission of data TCP/IP is the protocol used for E-mail (including SMTP,POP3, and IMAP) Transmission Control Protocol(TCP) A connection-oriented protocol that enables the devices to establish connection and then guarantees the delivery of data in the same order they were sent Internet Protocol(IP) It is a connectionless protocol that provides addressing scheme. It operates at the network layer

7 9.2 Exploring the Roles E-mail in Investigation

8 8 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics With the increase in e-mail scams and fraud attempts with phishing or spoofing Investigators need to know how to examine and interpret the unique content of e-mail messages Phishing e-mails are in HTML format Which allows creating links to text on a Web page One of the most noteworthy e-mail scams was 419, or the Nigerian Scam Spoofing e-mail can be used to commit fraud

9 9.3 Exploring the Roles of the Client and server in E-mail

10 10 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics Send and receive e-mail in two environments Internet Controlled LAN, MAN, or WAN Client/server architecture Server OS and e-mail software differs from those on the client side Protected accounts Require usernames and passwords

11 11 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics

12 12 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics Name conventions Corporate: john.smith@somecompany.com Public: whatever@hotmail.com Everything after @ belongs to the domain name Tracing corporate e-mails is easier Because accounts use standard names the administrator establishes

13 13 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.3.1 E-mail Crime E-mail Crime is a “new-age crime” that is growing rapidly E-mail crime can be categorized in two ways : Crime committed by sending e-mails E.g. – Spamming, mail bombing Crime supported by e-mails. E.g. – Harassment, child pornography

14 14 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.3.2 Spamming, Mail Bombing, Mail Storm Spamming can be defined as sending unsolicited mails.The more common word for spam is “ junk mails” Mail bombing can be defined as the act of sending unwanted mails in excessive amount, which makes recipient’s mailbox full According to DictionaryWords.net “ Mail Storm is flood of incoming mail that brings the machine to its knees”

15 15 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.3.3 Chat Rooms Chat rooms are open target for the pedophiles to use them for the sexual abuse of children According to WordNetDictionary “ Child pornography can be defined as illegal use of children in pornographic pictures and films” Internet has become easy-to-use tool for harassment and e-mail has become the most vulnerable feature of it

16 16 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.3.4 Identity Fraud, Chain Letter Identity fraud can be defined as using or stealing one’s personal information like name, address, and credit card number for economic gain According to DictionaryWords.net “ Chain Letter is a letter that is sent successively to several people.”

17 17 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.3.5 Sending Fakemail

18 9.4 Investigating E-mail Crimes and Violations

19 19 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics Similar to other types of investigations Goals Find who is behind the crime Collect the evidence Present your findings Build a case

20 20 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics Depend on the city, state, or country Example: spam Always consult with an attorney Becoming commonplace Examples of crimes involving e-mails Narcotics trafficking Extortion Sexual harassment Child abductions and pornography

21 21 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.1 Investigating Process Examining an e-mail message Copying an e-mail message Printing an e-mail message Viewing e-mail headers Examining an e-mail header Examining attachments Tracing an e-mail

22 22 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.2 Examining E-mail Messages Access victim’s computer to recover the evidence Using the victim’s e-mail client Find and copy evidence in the e-mail Access protected or encrypted material Print e-mails Guide victim on the phone Open and copy e-mail including headers Sometimes you will deal with deleted e-mails

23 23 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.2 Examining E-mail Messages (Cont.) Copying an e-mail message Before you start an e-mail investigation You need to copy and print the e-mail involved in the crime or policy violation You might also want to forward the message as an attachment to another e-mail address With many GUI e-mail programs, you can copy an e-mail by dragging it to a storage medium Or by saving it in a different location

24 24 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.2 Examining E-mail Messages (Cont.)

25 25 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.3 Viewing E-mail Header Learn how to find e-mail headers GUI clients Command-line clients Web-based clients After you open e-mail headers, copy and paste them into a text document So that you can read them with a text editor Headers contain useful information Unique identifying numbers, IP address of sending server, and sending time

26 26 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.3 Viewing E-mail Header (Cont.) Outlook Open the Message Options dialog box Copy headers Paste them to any text editor Outlook Express Open the message Properties dialog box Select Message Source Copy and paste the headers to any text editor

27 27 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.3 Viewing E-mail Header (Cont.)

28 28 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.3 Viewing E-mail Header (Cont.)

29 29 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.3 Viewing E-mail Header (Cont.)

30 30 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.3 Viewing E-mail Header (Cont.) Novell Evolution Click View, All Message Headers Copy and paste the e-mail header Pine and ELM Check enable-full-headers AOL headers Click Action, View Message Source Copy and paste headers

31 31 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.3 Viewing E-mail Header (Cont.)

32 32 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.3 Viewing E-mail Header (Cont.)

33 33 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.3 Viewing E-mail Header (Cont.)

34 34 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.3 Viewing E-mail Header (Cont.)

35 35 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.3 Viewing E-mail Header (Cont.) Hotmail Click Options, and then click the Mail Display Settings Click the Advanced option button under Message Headers Copy and paste headers Apple Mail Click View from the menu, point to Message, and then click Long Header Copy and paste headers

36 36 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.3 Viewing E-mail Header (Cont.)

37 37 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.3 Viewing E-mail Header (Cont.)

38 38 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.3 Viewing E-mail Header (Cont.) Yahoo Click Mail Options Click General Preferences and Show All headers on incoming messages Copy and paste headers

39 39 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.3 Viewing E-mail Header (Cont.)

40 40 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.4 Examining E-mail Header Gather supporting evidence and track suspect Return path Recipient’s e-mail address Type of sending e-mail service IP address of sending server Name of the e-mail server Unique message number Date and time e-mail was sent Attachment files information

41 41 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.4 Examining E-mail Header (Cont.)

42 42 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.5 Examining Additional E-mail Files E-mail messages are saved on the client side or left at the server Microsoft Outlook uses.pst and.ost files Most e-mail programs also include an electronic address book In Web-based e-mail Messages are displayed and saved as Web pages in the browser’s cache folders Many Web-based e-mail providers also offer instant messaging (IM) services

43 43 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.6 Tracing an E-mail Message Contact the administrator responsible for the sending server Finding domain name’s point of contact www.arin.net www.internic.com www.freeality.com www.google.com Find suspect’s contact information Verify your findings by checking network e-mail logs against e-mail addresses

44 44 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.7 Using Network Logs Related to E-mail Router logs Record all incoming and outgoing traffic Have rules to allow or disallow traffic You can resolve the path a transmitted e-mail has taken Firewall logs Filter e-mail traffic Verify whether the e-mail passed through You can use any text editor or specialized tools

45 45 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.7 Using Network Logs Related to E-mail (Cont.)

46 46 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.8 Understanding E-mail Server E-mail server log file

47 47 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.8.1 Examining UNIX E-mail Server Logs Log files and configuration files provide information related to e-mail investigation The syslog.conf file gives specification for saving various types of e-mail log files Typical syslog.conf file

48 48 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.8.2 Examining Microsoft E-mail Server Logs Message tracking log in verbose mode

49 49 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.8.3 Examining Novell GroupWise E-mail Logs GroupWise The Novell e-mail server software is a database server like Microsoft Exchange and UNIX Send mail Group Wise organize mailbox in two ways: Permanent index files with IDX extension Group Wise QuickFinder action Group Wise manage the e-mail server in a centralized manner using NGWGUARD.Db

50 50 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.9 Using Specialized E-mail Forensic Tools Tools that can investigate e-mail messages: EnCase FTK FINALeMAIL Sawmill-GroupWise Audimation for Logging

51 51 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.9.1 FINALeMAIL Can restore lost emails to their original state. Can recover the entire e-mail database files FINALeMAIL e-mail search results

52 52 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.9.2 R-MAIL R-Mail is basically an e-mail recovery tool, which recovers the e-mail messages deleted accidentally

53 53 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.9.3 E-Mail Examiner by Paraben Deleted mails can be recovered Examines more than 14 mail types Recovers email deleted from deleted items Supports Windows 95/98/2000/2003/NT 4/ME/XP

54 54 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.4.9.4 Network E-Mail Examiner by Paraben Examine variety of network e-mail archives like Exchange Server, Lotus Domino Server etc Views all the individual email accounts Supports Microsoft Exchange and Lotus Notes

55 9.5 Tracing Back

56 56 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics The first step in tracing back fakemail is to view the header information The header will show the originating mail server ex: mail.example.com With a court order served by law enforcement or a civil complaint filed by attorneys, obtain the log files from mail.example.com to determine who sent the message

57 57 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.5.1 Tracing Back Web Based E-mail Web based e-mail accounts (Webmail) can make establishing the identity of the sender more difficult It is possible to create a new online Webmail account easily www.hotmail.com www.yahoo.com www.lycosmail.com www.hyshmail.com The above sites maintain the source IP address of each connection that accesses the online webmail Contact the mail provider (ex: Microsoft) to reveal subscriber information

58 9.6 Searching E-mail Addresses

59 59 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics Internet search engines make the search of specific e-mail addresses easy The following sites provide e-mail searching services: http://www.emailaddresses.com http://www.dogpile.com http://www.google.com http://www.altavista.com http://www.infospace.com http://www.mamma.com http://www.searchscout.com

60 60 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.6.1 E-mail Search Site EmailChange.com is the one providing the Internet’s first email change registry and search engine since Oct 1996

61 9.7 Handling Spam

62 62 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics Before taking legal action send a short notice on the illegality of spam to the system administrator of the domain

63 63 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.7.1 Network Abuse Clearing House

64 64 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.7.2 Abuse.Net Abuse.net provides a platform to report abusive activity on the Internet to people who can do something about it It provides only complaining services and has nothing to do with blacklist or spam analysis services Once registered,messages can be send to domain-name@abuse.net where source of abusive practices is the domain-name and from there message is re-mailed to the best reporting address(es)

65 9.8 Protecting E-mail Address from Spam

66 66 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics One way to protect is to "encode" the e-mail address, making it more difficult to discover Be cautious before giving e-mail address online as posting email address on web- site will make spam the inbox

67 67 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.8.1 Tool Enkoder Form is a powerful tool designed to prevent e-mail harvesting http://automaticlabs.com/cgi-bin/index.cgi

68 68 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics 9.8.1 Tool (Cont.) eMailTrackerPro analyzes the e-mail header and provides the IP address of the machine that sent the e-mail SPAM Punish This anti-spam tool makes the search for spammer ISP address easy A complain can be send to the ISP of the sender using Send Complaint to

69 69 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics Summary To investigate an e-mail, know how an e-mail server records and handles e- mail messages E-mail servers are databases of user information and e-mail messages All e-mail servers contain a log file which can tell valuable information when investigating a crime For many e-mail investigations, rely on the message files, e-mail headers, and e-mail server log files to investigate e-mail crimes E-mail fraudsters use phishing and spoofing scam techniques Send and receive e-mail via Internet or a LAN Both environments use client/server architecture

70 70 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics Summary (Cont.) E-mail investigations are similar to other kinds of investigations Access victim’s computer to recover evidence Copy and print the e-mail message involved in the crime or policy violation Find e-mail headers Investigating e-mail abuse Be familiar with e-mail servers and clients’ operations Check E-mail message files, headers, and server log files

71 71 Chapter 9 Tracking E-mails and Investigating E-mail Crimes SAK4801 Introduction to Computer Forensics Summary (Cont.) Currently, only a few forensics tools can recover deleted Outlook and Outlook Express messages For e-mail applications that use the mbox format, a hexadecimal editor can be used to carve messages manually

72 End of Chapter 9

Download ppt "SAK 4801 INTRODUCTION TO COMPUTER FORENSICS Chapter 9 Tracking E-mails and Investigating E-mail Crimes Mohd Taufik Abdullah Department of Computer Science."

Similar presentations

Kalpesh Vyas & Seward Khem

Kalpesh Vyas & Seward Khem
Basic Communication on the Internet:

Basic Communication on the Internet:
Guide to Computer Forensics and Investigations Fourth Edition

Guide to Computer Forensics and Investigations Fourth Edition
6 C H A P T E R © 2001 The McGraw-Hill Companies, Inc. All Rights Reserved1 Electronic Mail Electronic mail has revolutionized the way people communicate.

6 C H A P T E R © 2001 The McGraw-Hill Companies, Inc. All Rights Reserved1 Electronic Mail Electronic mail has revolutionized the way people communicate.
Email Basics. 2 Class Outline Part 1 - Introduction –Explaining email –Parts of an email address –Types of email services –Acquiring an email account.

Basics. 2 Class Outline Part 1 - Introduction –Explaining –Parts of an address –Types of services –Acquiring an account.
Standard Grade Computing Electronic Communication.

Standard Grade Computing Electronic Communication.
Basic Communication on the Internet: E-Mail Integrated Browser E-Mail Programs and Web-Based E-Mail Services Tutorial 3.

Basic Communication on the Internet: Integrated Browser Programs and Web-Based Services Tutorial 3.
How Clients and Servers Work Together. Objectives Web Server Protocols Examine how e-mail server and client software work Use FTP to transfer files Initiate.

How Clients and Servers Work Together. Objectives Web Server Protocols Examine how server and client software work Use FTP to transfer files Initiate.
XP Browser and E-mail Basics1. XP Browser and E-mail Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.

XP Browser and Basics1. XP Browser and Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.
91.580.203 Computer & Network Forensics Xinwen Fu Chapter 13 E-mail Investigations.

Computer & Network Forensics Xinwen Fu Chapter 13 Investigations.
Guide to Computer Forensics and Investigations Third Edition Chapter 12 E-mail Investigations.

Guide to Computer Forensics and Investigations Third Edition Chapter 12 Investigations.
COS/PSA 413 Day 17. Agenda Lab 8 write-up grades –3 B’s, 1 C and 1 F –Answer the Questions!!! Capstone progress report 2 overdue Today we will be discussing.

COS/PSA 413 Day 17. Agenda Lab 8 write-up grades –3 B’s, 1 C and 1 F –Answer the Questions!!! Capstone progress report 2 overdue Today we will be discussing.
COS 413 Day 17. Agenda Quiz 2 corrected –2 A’s, 6 B’s & 1 C Assignment 5 corrected –5 B’s, 2 C’s, 1 non-submit & 1 corrupt file that I cannot read Lab.

COS 413 Day 17. Agenda Quiz 2 corrected –2 A’s, 6 B’s & 1 C Assignment 5 corrected –5 B’s, 2 C’s, 1 non-submit & 1 corrupt file that I cannot read Lab.
Browser and E-mail Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.

Browser and Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.
Guide to Operating System Security Chapter 10 E-mail Security.

Guide to Operating System Security Chapter 10 Security.
E-mail-I CS-3505 Wb_e-mail-I.ppt. Email 4 The most useful feature of the internet 4 Lots of different email programs, but most of them can talk to each.

-I CS-3505 Wb_ -I.ppt. 4 The most useful feature of the internet 4 Lots of different programs, but most of them can talk to each.
» Explain the way that electronic mail (e-mail) works » Configure an e-mail client » Identify e-mail message components » Create and send e-mail messages.

» Explain the way that electronic mail ( ) works » Configure an client » Identify message components » Create and send messages.
Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.

Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.
Hands-on: Capturing an Image with AccessData FTK Imager

Hands-on: Capturing an Image with AccessData FTK Imager
Guide to Computer Forensics and Investigations Fourth Edition Chapter 12 E-mail Investigations.

Guide to Computer Forensics and Investigations Fourth Edition Chapter 12 Investigations.

Similar presentations

Ads by Google