1. DIGITAL FORENSICS Xinwen Fu Associate Professor Department of Computer Science University of Massachusetts Lowell Center for Cyber Forensics, UMass Lowell

2. Outline  Introduction  Our Network Forensic Toolkits  Conclusion 2 Xinwen Fu

3. Introduction 3 Based on Symantec Internet Security Threat Report 2011 Trends  Symantec blocked more than 5.5 billion attacks in 2011  Over 154 attacks took place per day in Dec. 2011  Attacks skyrocketed by more than 81% compared with 2010  More than 232.4 million identities were exposed Xinwen Fu

4. Digital Forensics  Recovery and investigation of material found in digital devices, often in relation to computer crime  Encompassment of the seizure, forensic imaging (acquisition) and analysis of digital media and the production of a report into collected evidence for the benefit of courts or employers (incrimination or exoneration) 4 Digital Forensics Computer Forensics Network Forensics Xinwen Fu

5. 5 Example Computer Forensic Toolkit ® (FTK ® )

6. Our Research on Network Forensics 3DLoc 2 HAWK Sr Robot Legend: Mini Helicopter-based Wireless Kit (HAWK) 3D localization and locking toolkit on vehicle (3DLoc 2 ) Search and rescue robot (Sr Robot) 6 Hand-held Locator (HaLo) HaLo Evil Xinwen Fu

7. Outline  Introduction  Our Network Forensic Toolkits  Conclusion 7 Xinwen Fu

8. Demo – HAWK: mini-Helicopter-based Aerial Localization Wireless Kit 8 youtu.be/watch?v=ju86xnHbEq0 Xinwen Fu

9. Demo - HaLo: Hand-held Locator youtu.be/QGhBrt26Q8Y youtu.be/QGhBrt26Q8Y 9 Xinwen Fu

10. Outline  Introduction  Our Network Forensic Toolkits  Conclusion 10 Xinwen Fu

11. Conclusion  Digital forensics is the science fighting against cyber crime  We researched and implemented novel network forensic toolkits and demonstrated HAWK – mini-Helcipter-based Aerial Wireless Kit HaLo – Hand-held Locator  We study related laws in Network Forensics  We refine the framework of Network Forensics 11 Xinwen Fu

12. 12 Xinwen Fu12/15 Xinwen Fu Thank you! Xinwen Fu