Presentation is loading. Please wait.

Presentation is loading. Please wait.

MSc in Business Information Technology

Published byWesley Hines Modified over 9 years ago

Similar presentations

Presentation on theme: "MSc in Business Information Technology"— Presentation transcript:

1 MSc in Business Information Technology
An Introduction to Digital Forensics Madli Kaju, IABM MSc in Business Information Technology

2 Agenda Introduction Approach and process of Digital Forensics
Digital Forensics tools State of play of Digital Forensics Conclusion

3 Digital Forensics is processes of analysing and evaluating digital data as evidence
The science of locating, extracting and analysing different types of data from different devices, which specialists then interpret to server as legal evidence (Marcella, Menendez 2008) The practice of scientifically derived and proven technical methods and tools toward the preservation, collection, validation, identification, analysis, interpretation, documentation and presentation of after-the-fact digital information derived from digital sources for the purpose of facilitating or furthering the reconstruction of events as forensic evidence (Willassen, Mjolsnes 2005)

4 After 40 years of history, Digital Forensics is heading towards a crisis
Early years (1970s-1990s) Hardware, software, and application diversity A proliferation of data file formats Heavy reliance on time-sharing and centralized computing facilities Absence of formal process, tools, and training „Golden years“ (1990s-2000s) The widespread use of Microsoft Windows, and specifically Windows XP Relatively few file formats of forensic interest Examinations largely confined to a single computer system belonging to the subject of the investigation Storage devices equipped with standard interfaces (IDE/ ATA) Era of crisis (2010s-...) Growing size of storage devices Increasing prevalence of embedded flash storage Proliferation of hardware interfaces Proliferation of operating systems and file formats Pervasive encryption Use of the “cloud” for remote processing and storage, splitting a single data structure into elements Source: Garfinkel, SimsonL., „Digital Forensics Research: The Next 10 years“, 2010

5 Agenda Introduction Approach and process of Digital Forensics
Digital Forensics tools State of play of Digital Forensics Conclusion

6 Digital Forensics consists of various steps and techniques
The process of digital forensics is typically as follows: Preservation of the state of the device Survey and analysis of the data for evidence Event reconstruction

7 Forensic investigation Live incident response
Main techniques used are forensic duplication and live incident response Forensic investigation Forensic duplication Live incident response

8 Agenda Introduction Approach and process of Digital Forensics
Digital Forensics tools State of play of Digital Forensics Conclusion

9 Several commercial and open source tools for digital forensics are available
EnCase FTK Helix ... Commerical DFF LiveView The Sleuth Kit Open source

10 Agenda Introduction Approach and process of Digital Forensics
Digital Forensics tools State of play of Digital Forensics Conclusion

11 Digital Forensics tools have not kept up with technology and cyber crime
Current digital forensics tools were designed to help examiners find specific evidence, not to assist in investigations for solving crimes committed against people where the evidence is located on a computer, not to assist in solving typical crimes committed with computers or against computers Today's tools cannot deal with increasing complexity arising due to the cloud era Source: Garfinkel, SimsonL., „Digital Forensics Research: The Next 10 years“, 2010

12 Agenda Introduction Approach and process of Digital Forensics
Digital Forensics tools State of play of Digital Forensics Conclusion

13 Conclusion Digital forensics is important for solving crimes
with digital devices against digitial devices against people where evidence may reside in a device Several sound tools and techniques exist to search and analyse digital data Regardless of existing tools, evolving digital age and development of technology requires heavier research in digital forensics

14

15 Thank you for your attention!

Download ppt "MSc in Business Information Technology"

Similar presentations

1 www.vita.virginia.gov Computer Forensics Michael Watson Director of Security Incident Management NSAA Conference 10/2/09 www.vita.virginia.gov 1.

1 Computer Forensics Michael Watson Director of Security Incident Management NSAA Conference 10/2/
Practical Application of Computer Forensics Lisa Outlaw, CISA, CISSP, ITIL Certified.

Practical Application of Computer Forensics Lisa Outlaw, CISA, CISSP, ITIL Certified.
PGCE Secondary ICT SS Session 1. Sessions Overview of course and assignment Overview of course and assignment Using ICT to facilitate learning in Literacy.

PGCE Secondary ICT SS Session 1. Sessions Overview of course and assignment Overview of course and assignment Using ICT to facilitate learning in Literacy.
Computer Forensics.

Computer Forensics.
Digital Preservation - Its all about the metadata right? “Metadata and Digital Preservation: How Much Do We Really Need?” SAA 2014 Panel Saturday, August.

Digital Preservation - Its all about the metadata right? “Metadata and Digital Preservation: How Much Do We Really Need?” SAA 2014 Panel Saturday, August.
2 Language of Computer Crime Investigation

2 Language of Computer Crime Investigation
E-Discovery for System Administrators Russell M. Shumway.

E-Discovery for System Administrators Russell M. Shumway.
We’ve got what it takes to take what you got! NETWORK FORENSICS.

We’ve got what it takes to take what you got! NETWORK FORENSICS.
Computer Forensics and Digital Investigation – a brief introduction Ulf Larson/Erland Jonsson.

Computer Forensics and Digital Investigation – a brief introduction Ulf Larson/Erland Jonsson.
Teaching Computer Forensics Using Student Developed Evidence Files Anna Carlin Cal Poly Pomona.

Teaching Computer Forensics Using Student Developed Evidence Files Anna Carlin Cal Poly Pomona.
Forensic and Investigative Accounting

Forensic and Investigative Accounting
Guide to Computer Forensics and Investigations Fourth Edition

Guide to Computer Forensics and Investigations Fourth Edition
Pertemuan 7-8 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan 7-8 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
AUDITING INFORMATION TECHNOLOGY USING COMPUTER ASSISTED AUDIT TOOLS AND TECHNIQUES.

AUDITING INFORMATION TECHNOLOGY USING COMPUTER ASSISTED AUDIT TOOLS AND TECHNIQUES.
What is meant by computer forensics?  Principle, Function of computer forensics.  History about computer forensics.  Needs of computer forensics.

What is meant by computer forensics?  Principle, Function of computer forensics.  History about computer forensics.  Needs of computer forensics.
Evolution of Data Analysis

Evolution of Data Analysis
Computer Forensics Mr.PRAWEE PROMPONMUANG M.Sc(Forensic Science) NO.515020181-9.

Computer Forensics Mr.PRAWEE PROMPONMUANG M.Sc(Forensic Science) NO
By Drudeisha Madhub Data Protection Commissioner Date: 12.08.14.

By Drudeisha Madhub Data Protection Commissioner Date:
COEN 252 Computer Forensics

COEN 252 Computer Forensics
COEN 252 Computer Forensics Introduction to Computer Forensics  Thomas Schwarz, S.J. 2009 w/ T. Scocca.

COEN 252 Computer Forensics Introduction to Computer Forensics  Thomas Schwarz, S.J w/ T. Scocca.

Similar presentations

Ads by Google