Presentation is loading. Please wait.

Presentation is loading. Please wait.

CYBER FORENSICS | Kiran Bettadapur S. | 5/8/2018.

Published byAubrey Powell Modified over 6 years ago

Similar presentations

Presentation on theme: "CYBER FORENSICS | Kiran Bettadapur S. | 5/8/2018."— Presentation transcript:

1 CYBER FORENSICS | Kiran Bettadapur S. | 5/8/2018

2 DIGITAL ERA 5/8/2018

3 INTERNET TRAFFIC Over 100,000 Petabytes/Month in 2016
100,000,000,000 Gigabytes  STORE… ALL FILMS [HD]: 2000X ALL BOOKS [PDF]: 333X ALL YOUTUBE: 1,000X 5/8/2018

4 CYBERCRIME C Y B E R C R I M E T Y P E S COMPUTER AS OBJECT:
ILLEGAL ACCESS UNLAWFUL DATA TRANSMISSION DATA DELETION WEBSITE DEFACING COMPUTER AS MEDIUM: ID THEFT FRAUD E-THEFT PHISHIING CONTENTS OF COMPUTER: CHILD PORNOGRAPHY STOLEN SENSITIVE INFO TERROR ATTACK DETAILS C Y B E R C R I M E T Y P E S AGAINST PERSONS: IDENTITY THEFT INFO THEFT DEFAMATION CYBER THREATS, BULLYING & STALKING FORGERY HARASSMENT SPOOFING & SPAM; PHISHING CHILD SOLICITING AGAINST GOVERNMENT: SALE OF ILLEGAL ITEMS: WEAPONS, WILDLIFE, DRUGS CYBER WAR & TERRORISM CHILD PORNOGRAPHY ONLINE GAMBLING SECURE SYSTEM HACKING ONLINE ESPIONAGE AGAINST PROPERTY DENIAL OF SERVICE MALWARE: Viruses, Trojans, Worms, Mail Bombs, Ransomware CYBER SQUATTING HACKING SALAMI SLICING (PENNY SHAVING) CREDIT CARD FRAUD IP CRIMES: Software Piracy; IP Violations (Copyright, TM, etc.) 5/8/2018

5 WHAT IS? CYBER FORENSICS Challenges of Cyber Crime: Emerging Field
On the Increase Skillful Criminals No Barriers or Borders Evolving Laws Digital Evidence Sources Computers Storage Devices Mobile Devices: Phones, Tabs, etc. Electronic Gadgets: Cameras, etc. Emerging Field Digital Evidence Collection Analysis Results From: Incidents Result Of: Investigation Results In: Legal Evidence CYBER FORENSICS 5/8/2018

6 [part of digital forensics]
BRANCHES B r a n c h e s o f C Y B E R F O R E N S I C S [part of digital forensics] CLOUD & NETWORK FORENSICS: SECURITY ATTACKS & PROBLEM INCIDENTS TWO SYSTEMS: ─ CATCH-IT-AS-YOU-CAN… Batch-mode Traffic Analysis …Needs Storage ─ STOP-LOOK-’N-LISTEN… Individual Packet Analysis …Needs processing power MOBILE DEVICE FORENSICS: CELL PHONES; DIGITAL CAMERAS; I-PODS; etc… ANY MEDIUM FOR STORAGE OF CONTENT DATA & DATABASE FORENSICS SERVER SIDE CLIENT SIDE MALWARE & SOCIAL MEDIA INCIDENT RESPONSE AUDITS 5/8/2018

7 WHAT IT ENTAILS CYBER FORENSICS Intrusion Detection & Access Control
2. Web History & Storage Analysis 1. Network Evidence 3. CYBER FORENSICS Image or Clone Creation 7. System Artifacts: Logs, users media, etc. 8. Tracing & Data Recovery 6. Traffic & Flow Analysis 4. Attack Pattern Analysis 5. 5/8/2018

8 DIGITAL EVIDENCE ASPECTS
PRIMARY STORAGE OFFLINE STORAGE PHYSICAL : Chain of Custody Document Secure Storage Photos Original + Backup + Working LOGICAL : Work on Copy Minimal Access of Original Use Write-blocking Use Hash Functions SECONDARY STORAGE TERTIARY / NEARLINE / CLOUD STORAGE 5/8/2018

9 COLLECTION CHALLENGES
DELETED / ERASED 2. PRESENT 1. HIDDEN 3. DIGITAL EVIDENCE CORRUPTED 6. ENCRYPTED 4. COMPRESSED 5. 5/8/2018

10 EVIDENCE TAMPERING LEVELS OF TAMPERING 2. 1. 3. 6. 4. 5.
REMOVING [From Recycle Bin] 2. DELETING & TRAPPING 1. FORMATTING [Index, not actual data removed] 3. LEVELS OF TAMPERING DEVICE DESTRUCTION [Shredding & Melting] 6. WIPING [Changed to 0’s & 1’s] 4. PHYSICAL DAMAGING [Hammering] 5. 5/8/2018

11 ANALYSIS M E T H O D S & T E C H N I Q U E S CROSS-DRIVE ANALYSIS:
CORRELATION…of info on multiple devices IDENTIFY SOCIAL NETWORKS ANOMALY DETECTION LIVE ANALYSIS: SYTEM EXAMINATION… from within the OS CUSTOM TOOLS SYSADMIN TOOLS DE-ENCRYPTION STOCHASTIC FORENSICS: PROBABILITY THEORY ACTIVITIES LACKING DIGITAL ARTIFACTS DATA THEFT M E T H O D S & T E C H N I Q U E S STEGANALYSIS: STEGANOGRAPHY Concealment of Data … in picture or digital image Encrypted Payload BARRAGE NOISE Random data; white noise, Misinformation, meaningless drivel DETECTING HASH VALUE CHANGES DELETED FILE RETRIEVAL: DISK RECONSTRUCTION Reconstruct from file sectors FILE CARVING Search for file-headers in disk image Reconstruct Deleted Material CRYPTANALYSIS: DECIPHERING ENCRPTED MESSAGES No access to key or encryption algorithm SYMMETRIC KEY Block Ciphers (Blocks of text) Stream Ciphers (Individual characters) HASH FUNCTIONS 5/8/2018

12 PROCESS TRIAL & TESTIMONY COLLECTION: PREPARATION EXAMINATION:
Devices/Sources: RFID, Black-boxes (vehicle), etc. Due Care No Heat, X-Ray, etc. Imaging media Chain of custody Document PREPARATION Training of Investigators Tools & Planning Suspect Questioning Warrant EXAMINATION: Electronic Content Procedures & Techniques: Case by Case basis ANALYSIS; REPORTING Tools: Integrated / Special EnCase, FTK, Sleuth Kit, Scalpel, ProDiscover Logs, files, s, registry, Browsing History, etc. Cracking PWD Extracting files Presenting Exhibits TRIAL & TESTIMONY 5/8/2018

13 5/8/2018

14 “Thank You!” 5/8/2018

Download ppt "CYBER FORENSICS | Kiran Bettadapur S. | 5/8/2018."

Similar presentations

OC RIMS Cyber Safety & Security Incident Response.

OC RIMS Cyber Safety & Security Incident Response.
2 Language of Computer Crime Investigation

2 Language of Computer Crime Investigation
Computer Forensics By: Stephanie DeRoche Benjamin K. Ertley.

Computer Forensics By: Stephanie DeRoche Benjamin K. Ertley.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
CYBER CRIME AND SECURITY TRENDS

CYBER CRIME AND SECURITY TRENDS
presentation topic : cyber crimes and security By ashwini awatare

presentation topic : cyber crimes and security By ashwini awatare
GROUP 7 RAHUL JIMMY RONEY GEORGE SHABNAM EKKA SHEETHAL JOSEPH Cyber Laws in India- IT Act, 2000; 2004.

GROUP 7 RAHUL JIMMY RONEY GEORGE SHABNAM EKKA SHEETHAL JOSEPH Cyber Laws in India- IT Act, 2000; 2004.
Introduction to Computer Forensics Fall 2007. Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (http://www.forensics.nl).http://www.forensics.nl.

Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (
Discovering Computers 2010

Discovering Computers 2010
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #12 Computer Forensics Analysis/Validation and Recovering Graphic.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #12 Computer Forensics Analysis/Validation and Recovering Graphic.
CJ © 2011 Cengage Learning Chapter 17 Cyber Crime and The Future of Criminal Justice.

CJ © 2011 Cengage Learning Chapter 17 Cyber Crime and The Future of Criminal Justice.
Guide to Computer Forensics and Investigations Fourth Edition Chapter 12 E-mail Investigations.

Guide to Computer Forensics and Investigations Fourth Edition Chapter 12 Investigations.
CYBER FORENSICS PRESENTER: JACO VENTER. CYBER FORENSICS - AGENDA Dealing with electronic evidence – Non or Cyber Experts Forensic Imaging / Forensic Application.

CYBER FORENSICS PRESENTER: JACO VENTER. CYBER FORENSICS - AGENDA Dealing with electronic evidence – Non or Cyber Experts Forensic Imaging / Forensic Application.
By: Lukas Touder Cortney Warrick Jennifer Wehner Zachary Westpy Nicholas Whelan Cybercrime.

By: Lukas Touder Cortney Warrick Jennifer Wehner Zachary Westpy Nicholas Whelan Cybercrime.
Securing Information Systems

Securing Information Systems
Cyber Crime & Security Raghunath M D BSNL Mobile Services,

Cyber Crime & Security Raghunath M D BSNL Mobile Services,
Cyber Crimes.

Cyber Crimes.
Use of IT Resources for Evidence Gathering & Analysis Use of IT Resources for Evidence Gathering & Analysis Raymond SO Wing-keung Assistant Director Independent.

Use of IT Resources for Evidence Gathering & Analysis Use of IT Resources for Evidence Gathering & Analysis Raymond SO Wing-keung Assistant Director Independent.

Similar presentations

Ads by Google