Scribd
Upload
17 views

Computer Forensic

Uploaded by

Jayashree Mohapatra
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
17 views

Computer Forensic

Uploaded by

Jayashree Mohapatra
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 22

Seminar

on
COMPUTER FORENSIC

Presented by: Guided by:


Jyotishree Mohapatra Proadosh Kumar Gantayat
Regd.No:1801229068 Asst.Professor
Branch:CSE Dept.Of CSE

Presented by Jyotishree Mohapatra 1


CONTENTS
• Introduction
• Characteristics
• Needs
• Goal
• Cyber Crime & Evidence
• Rules Of Handling Evidence
• Top 10 Location For Evidence
• Computer Forensics Methodology
• Applications of Computer Forensics
• Who Uses Computer Forensics
• Skills Requirements for Computer Forensics
• Conclusion
• References

Presented by Jyotishree Mohapatra 2


Introduction
➢ “Forensic computing is the process of identifying,
preserving, analyzing and presenting digital evidence in a
manner that is legally acceptable.”

➢ Computer Forensics is the application of computer


investigation and analysis in the interest of determining
potential legal evidence.

Presented by Jyotishree Mohapatra 3


Characteristics
 IDENTIFYING
 PRESERVING
 ANALYZING
 PRESENTING

Presented by Jyotishree Mohapatra 4


NEEDS OF COMPUTER FORENSICS

o To produce evidence in the court that can lead to the


punishment of the actual.
o To ensure the integrity of the computer system.
o To focus on the response to hi-tech offenses, started to
intertwine.

Presented by Jyotishree Mohapatra 5


GOAL OF COMPUTER FORENSICS

 The main goal of computer forensic experts is not only to


find the criminal but also to find out the evidence and the
presentation of the evidence in a manner that leads to
legal action of the criminal.

Presented by Jyotishree Mohapatra 6


Types of Cyber Crime
o Forgery
o Breech of Computer Security
o Fraud/Theft
o Copyright Violations
o Identity Theft
o Threats
o Burglary
o Homicide
o Administrative Investigations
o Cyber Terrorism
o Sales and Investment Fraud
o Electronic Fund Transfer Fraud
Presented by Jyotishree Mohapatra 7
Cybercrime: Top 20 Countries

Presented by Jyotishree Mohapatra 8


Evidence
➢ An item does not become officially a piece of evidence
until a court admits it.
➢ Much of forensics practice concerns how to collect,
preserve and analyze these items without compromising
their potential to be admitted as evidence in a court of
law.

Presented by Jyotishree Mohapatra 9


DIGITAL EVIDENCE
 “Any data that is recorded or preserved on any
medium in or by a computer system or other similar
device, that can be read or understand by a person
or a computer system or other similar device. It
includes a display, print out or other output of that
data.”

Presented by Jyotishree Mohapatra 10


TYPES OF DIGITAL EVIDENCE
1) PERSISTANT DATA
Meaning data that remains intact when the computer is
turned off. E.g. hard drives, disk drives and removable
storage devices (such as USB drives or flash drives).

2) VOLATILE DATA,
Meaning data that would be lost if the computer is
turned off. E.g. deleted files, computer history, the
computer's registry, temporary files and web browsing
history.

Presented by Jyotishree Mohapatra 11


5 RULES OF EVIDENCES
1) Admissible
 Must be able to be used in court or elsewhere.
2) Authentic
 Evidence relates to incident in relevant way.
3) Complete (no tunnel vision)
 Exculpatory evidence for alternative suspects.
4) Reliable
 No question about authenticity & veracity.
5) Believable
 Clear, easy to understand, and believable by a jury.

Presented by Jyotishree Mohapatra 12


TOP 10 LOCATION FOR EVIDENCE

1) Internet History Files


2) Temporary Internet Files
3) Slack/Unallocated Space
4) Buddy lists, personal chat room records, others saved areas
5) News groups/club lists/posting
6) Settings, folder structure, file names
7) File Storage Dates
8) Software/Hardware added
9) File Sharing ability
10) E-mails

Presented by Jyotishree Mohapatra 13


Methodology
1) Shut Down the Computer
2) Document the Hardware Configuration of The
System
3) Transport the Computer System to A Secure
Location
4) Make Bit Stream Backups of Hard Disks and Floppy
Disks
5) Mathematically Verify Data on All Storage Devices
6) Document the System Date and Time
7) Make a List of Key Search Words

Presented by Jyotishree Mohapatra 14


CONT…
8) Evaluate the Windows Swap File
9) Evaluate File Slack
10) Evaluate Unallocated Space (Erased Files)
11) Search Files, File Slack and Unallocated Space for
Key Words
12) Document File Names, Dates and Times
13) Identify File, Program and Storage Anomalies
14) Evaluate Program Functionality
15) Document Your Findings

Presented by Jyotishree Mohapatra 15


Applications
 FINANCIAL FRAUD DETECTION
 CRIMINAL PROSECUTION
 CIVIL LITIGATION
 “CORPORATE SECURITY POLICY AND
VIOLATIONS”

Presented by Jyotishree Mohapatra 16


Who Uses Computer Forensics?
➢ Criminal Prosecutors
➢ Rely on evidence obtained from a computer to
prosecute suspects and use as evidence.

➢ Civil Litigations
➢ Personal and business data discovered on a computer
can be used in fraud, harassment, or discrimination
cases.

➢ Private Corporations
➢ Obtained evidence from employee computers can be
used as evidence in harassment, fraud, and
embezzlement cases.

Presented by Jyotishree Mohapatra 17


Who Uses Computer Forensics? (cont..)

➢ Law Enforcement Officials


➢ Rely on computer forensics to backup search warrants
and post-seizure handling.

➢ Individual/Private Citizens
➢ Obtain the services of professional computer forensic
specialists to support claims of harassment, abuse, or
wrongful termination from employment.

Presented by Jyotishree Mohapatra 18


Skills Required For
Computer Forensics Application
o Programming or computer-related experience
o Broad understanding of operating systems and applications
o Strong analytical skills
o Strong computer science fundamentals
o Strong system administrative skills
o Knowledge of the latest intruder tools
o Knowledge of cryptography and steganography
o Strong understanding of the rules of evidence and evidence
handling
o Ability to be an expert witness in a court of law

Presented by Jyotishree Mohapatra 19


Conclusion

 With computers becoming more and more involved in our


everyday lives, both professionally and socially, there is a
need for computer forensics.
 This field will enable crucial electronic evidence to be
found, whether it was lost, deleted, damaged, or hidden,
and used to prosecute individuals that believe they have
successfully beaten the system.

Presented by Jyotishree Mohapatra 20


References
 http://www.compforensics.com/references.htm

 http://www.edrm.net/resources/glossary/c/computer-
forensics

Presented by Jyotishree Mohapatra 21


THANK YOU

Presented by Jyotishree Mohapatra 22

You might also like