Presentation is loading. Please wait.

Presentation is loading. Please wait.

Digital Battlefield Forensics

Published byJemima Strickland Modified over 6 years ago

Similar presentations

Presentation on theme: "Digital Battlefield Forensics"— Presentation transcript:

1 Digital Battlefield Forensics
Eric S. Imsand John A. Hamilton, Jr. Department of Computer Science & Software Engineering

2 Introduction To most people, “information warfare” equals cyber-space, plasma screens, and high-tech command centers. This vision does not mirror reality.

3 Introduction In reality, digital devices are prevalent on modern battlefields Soldiers on both sides may be carrying any/all of the following: Cell phone PDA “Smart” phone Computer Etc.

4 Introduction Digital devices recovered on the battlefield could store highly valuable information Challenge: How do we train our combat forces to seize digital evidence without damaging it?

5 Summary of Auburn Solution
Auburn has embarked on a two-prong solution to this challenge Training “wounded warriors” that are being discharged to function as digital forensic investigators Developing training for current soldiers to seize digital evidence on the battlefield in a forensically sound manner

6 “Wounded Warrior” Training
Partnership with Mississippi State University and Tuskegee University Funding from the National Science Foundation

7 “Wounded Warrior” Training
Overview: Modern medicine has made previously-fatal injuries survivable Result: Many more injured service members than in prior conflicts Many of these service-members are no longer able to serve in the armed forces and have to find new careers

8 “Wounded Warrior” Training
Overview (cont): At the same time, severe shortage of digital forensic investigators across the country Goal: Train injured service members in digital forensics Allow these soldiers to continue to serve their country Fill a vital need faced by our nation

9 “Wounded Warrior” Training
Class format: 40 total hours of instruction Two class formats: One week, 8 hours / day Two weeks, 4 hours / day Chosen class format depends on the needs of the base Some bases cannot support the one week format. Other installations prefer the one week format.

10 “Wounded Warrior” Training
Class format (cont.): Auburn provides all of the necessary course equipment and software Ship a “portable lab” to the site Free of charge to the students, the base, and the service (i.e. Army, Navy, etc.)

11 “Wounded Warrior” Training
Basic Curriculum: Basic Computer Usage For warriors who are not well versed on using a computer Overview of Computer Hardware Hard disks, CPUs, Motherboards, etc. Writing a Business Plan / Small Business Advertising How to advertise your services in the private sector; how to form an investigative firm (if desired) Introduction to Cybercrime What types of crime are being committed?

12 “Wounded Warrior” Training
Basic Curriculum (cont.) Introduction to Forensic Tools Overview of Digital Forensic Search and Seizure Procedures How to properly seize digital evidence so that admissibility is preserved Introduction to Imaging & Hashing Overview of Digital Storage Magnetic vs. optical vs. flash storage

13 “Wounded Warrior” Training
Basic Curriculum (cont.) Introduction to Digital Evidence When is evidence recoverable? When is it gone? Introduction to File Systems Overview of file system concepts

14 “Wounded Warrior” Training Results
Thus far, Auburn has offered 8 classes at bases around the country.

15 “Wounded Warrior” Training Results
Preliminary Findings: These courses have increased… The number of soldiers considering a career in digital forensics Technical skill and proficiency (self-reported by students) Awareness of digital information and its “permanence”

16 “Wounded Warrior” Training: What Next?
Currently exploring ways to get the course to a larger number of students Ex: Online training?

17 Battlefield Forensics
What is “Battlefield Forensics”? Our term for the use of forensicly sound recovery techniques on digital devices seized on the battlefield. i.e. seizing captured devices

18 Battlefield Forensics
Why “Battlefield Forensics”? Increasing number of digital devices found on battlefield Anti-forensic technologies becoming more widespread, easier to use, and more effective Result: The initial window immediately after seizure may represent best case for recovering useable information

19 Battlefield Forensics and Anti-forensic Technologies
In the future, it is likely that devices seized from terrorists or combatants will… … be “booby-trapped” such that improper handling may destroy the desired information. … be encrypted, making future recovery of information unlikely … be damaged by over-eager field commanders searching for intelligence they can leverage in the field. The answer to all of these problems is to increase awareness of the proper handling of digital evidence

20 Battlefield Forensics: Proposed Curriculum
Auburn is developing course materials targeted for ground forces to solve this problem Course format is a small, two-three day course (8 hours of instruction per day). Course is targeted at laypeople. The following is a listing of the topics that are currently included in the curriculum

21 Battlefield Forensics: Proposed Curriculum
Proposed topics: Computer organization (i.e. parts of a computer) System analysis (i.e. identifying OS, encryption software, etc.) Persistence of data Introduction to Cryptography Anti-forensic technologies System cracking

22 Battlefield Forensics: Ethical and Practical Concerns
Many of the techniques in this curriculum can be considered offensive (i.e. “hacker” techniques) Our goal is not to train soldiers to “hack” Trainees must be selected judiciously. Not every soldier/sailor/airman/marine needs this training Ultimately this training is no different than other skills taught to service members: when abused they can cause harm Still, we will not teach “Internet” based attacks 

23 Summary Traditional combat is being impacted by digital devices
These digital devices carry potentially valuable information Auburn University is helping to address this need through a two-prong approach: Training injured veterans in digital forensics Designing courses for current soldiers to help them seize digital information securely

24 Acknowledgements This work is supported by the National Science Foundation, grant number # NSF-OCI Our Lab Manager, Mr. James R. Thompson has played a major role in this program. Mr. Thompson is an NSF Scholarship for Service scholar and will join the US Civil Service upon completion of his graduate studies at Auburn University.

25 Questions?

Download ppt "Digital Battlefield Forensics"

Similar presentations

                      Digital Audio 1.

                      Digital Audio 1.
The next generation in digital forensics Mobile Phones A New Frontier in Digital Forensics BK Forensics.

The next generation in digital forensics Mobile Phones A New Frontier in Digital Forensics BK Forensics.
Backup and Disaster Recovery (BDR) A LOGICAL Alternative to costly Hosted BDR ELLEGENT SYSTEMS, Inc.

Backup and Disaster Recovery (BDR) A LOGICAL Alternative to costly Hosted BDR ELLEGENT SYSTEMS, Inc.
An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.

An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.
Challenges facing law enforcement agencies in the fight against cybercrime.

Challenges facing law enforcement agencies in the fight against cybercrime.
MSc in Business Information Technology

MSc in Business Information Technology
Teaching Computer Forensics Using Student Developed Evidence Files Anna Carlin Cal Poly Pomona.

Teaching Computer Forensics Using Student Developed Evidence Files Anna Carlin Cal Poly Pomona.
BACS 371 Computer Forensics

BACS 371 Computer Forensics
Information Assurance & Network Security Certificate Prof. Rafael M. Rivera Universidad del Turabo School of Engineering Institute of Telecommunications.

Information Assurance & Network Security Certificate Prof. Rafael M. Rivera Universidad del Turabo School of Engineering Institute of Telecommunications.
Digital Potential ICT Skills for Computer and Information Literacy.

Digital Potential ICT Skills for Computer and Information Literacy.
By Drudeisha Madhub Data Protection Commissioner Date: 12.08.14.

By Drudeisha Madhub Data Protection Commissioner Date:
Department of Mathematics Computer and Information Science1 Basics of Cyber Security and Computer Forensics Christopher I. G. Lanclos.

Department of Mathematics Computer and Information Science1 Basics of Cyber Security and Computer Forensics Christopher I. G. Lanclos.
Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.

Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.
Recordkeeping for Good Governance Toolkit Digital Recordkeeping Guidance Funafuti, Tuvalu – June 2013.

Recordkeeping for Good Governance Toolkit Digital Recordkeeping Guidance Funafuti, Tuvalu – June 2013.
Overview of Windows and Microsoft Word. Operating System Performs 3 functions –Controls the hardware of the computer Screen, keyboard, disk drives, etc.

Overview of Windows and Microsoft Word. Operating System Performs 3 functions –Controls the hardware of the computer Screen, keyboard, disk drives, etc.
Objectives Overview Identify the qualities of valuable information Describe various information systems used in an enterprise Identify the components of.

Objectives Overview Identify the qualities of valuable information Describe various information systems used in an enterprise Identify the components of.
Undergraduate Technology Programs John Baker Johns Hopkins University Carey Business School 410-516-8563.

Undergraduate Technology Programs John Baker Johns Hopkins University Carey Business School
Data Recovery Techniques Florida State University CIS 4360 – Computer Security Fall 2006 December 6, 2006 Matthew Alberti Horacesio Carmichael.

Data Recovery Techniques Florida State University CIS 4360 – Computer Security Fall 2006 December 6, 2006 Matthew Alberti Horacesio Carmichael.
Computer Forensics Principles and Practices

Computer Forensics Principles and Practices
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #8 Computer Forensics Data Recovery and Evidence Collection September.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #8 Computer Forensics Data Recovery and Evidence Collection September.

Similar presentations

Ads by Google