Indian Efforts in Cyber Forensics
|
|
- Christine Wheeler
- 8 years ago
- Views:
Transcription
1 Indian Efforts in Cyber Forensics B. Ramani Addl. Director 10-Feb-09 Resource Centre for Cyber Forensics 1
2 Presentation Overview About C-DAC Resource Centre for Cyber Forensics C-DAC Cyber Forensics Solutions Future Plans 10-Feb-09 Resource Centre for Cyber Forensics 2
3 National Coverage C-DAC, Pune C-DAC, Bangalore C-DAC, Delhi C-DAC, Hyderabad C-DAC, Mumbai C-DAC, Chennai C-DAC, Kolkata C-DAC, Mohali C-DAC, Noida C-DAC, Trivandrum
4 C-DAC Trivandrum An ISO certified premier R&D Institution involved in the design, development and deployment of world class electronic and IT solutions for economic and human advancement, under DIT,Govt of India Established in 1974 as Keltron R&D Center; Taken by GoI in 1988; Formerly Known as ERDCI Work force of 800+
5 AREAS OF RESEARCH Control & Instrumentation Power Electronics Broadcast & Communications Strategic Electronics ASIC Design Cyber Forensics
6 Resource Centre for Cyber Forensics The Resource Centre for Cyber Forensics (RCCF) is the premier centre for cyber forensics in India. It was setup in C- DAC, Thiruvananthapuram by the Ministry of Communications and Information Technology and has been functioning for the past three years. The primary objectives of RCCF are Develop Cyber Forensics tools based on requirements from Law Enforcement Agencies Carry out advanced research in cyber forensics Provide technical support to LEAs 10-Feb-09 Resource Centre for Cyber Forensics 6
7 C-DAC Cyber Forensics Solutions 10-Feb-09 Resource Centre for Cyber Forensics 7
8 C-DAC Tools CyberCheck Suite Disk Forensics Tools TrueBack V3.1 on Linux Disk Imaging Tool TrueBack V1.0 on Windows Disk Imaging Tool CyberCheck V3.2 on Windows Data Recovery and Analysis Tool NetForce Suite Network Forensics Tools CyberInvestigator V1.0 on Windows Forensic Log Analyzer NeSA V1.0 on Linux Network Session Analyzer Tracer V3.0 on Windows Tool for tracing sender of DeviceAnalyst Suite Device Forensics Tools PDA Imager & Analyzer Tool for imaging and analyzing PDA contents SIM Card Imager & Analyzer Tool for imaging and analyzing GSM SIM Cards CDR Analyzer Tool for analyzing Call Data Records Cyber Forensics Hardware Tools TrueImager High speed H/W based Disk Imaging Tool TrueLock H/W based drive lock for write protecting IDE/SATA disks 10-Feb-09 Resource Centre for Cyber Forensics 8
9 TrueBack Tuesday, February 10,
10 TrueBack Disk Imaging Tool Software Tool for seizing, acquiring and authenticating Digital Evidence Indigenously developed by RCCF, C-DAC, Thiruvananthapuram Widely used and Certified by agencies like NPA, CBI, IB, CBI Academy, Kerala Police, Forensics Science Laboratories and GEQDs Import substitution for similar products Cost-effective solution Ideal for the use of Indian Law Enforcement Agencies
11 TrueBack Disk Imaging Tool National Institute of Standards and Technology (NIST), USA, disk imaging tool specification compliant Implementation of National Police Academy (NPA) procedures for Seizure and Acquisition Preview, Seize, Acquire and Seize & Acquire modes of operation Imaging of IDE, SCSI, SATA, CD, DVD, Floppy and USB devices Storage media content previewing facility before seizure and acquisition Report generation in each mode of operation
12 TrueBack Disk Imaging Tool Main User Interface
13 TrueBack Disk Imaging Tool Collecting case details
14 TrueBack Disk Imaging Tool Selecting media for Seizure
15 TrueBack Disk Imaging Tool Case data summary
16 TrueBack Disk Imaging Tool TrueBack Seizure process in progress
17 TrueBack Disk Imaging Tool Seizure process completed
18 TrueBack Disk Imaging Tool Seizure Report
19 TrueBack Disk Imaging Tool Hash values of media and blocks
20 CyberCheck Tuesday, February 10,
21 CyberCheck Data Recovery and Analysis Tool Software Tool for authenticating, recovering, analyzing and reporting Digital Evidence Indigenously developed by RCCF, C-DAC, Thiruvananthapuram Widely used (Over 175 copies have been sold) and Certified by agencies like NPA, CBI, IB, CBI Academy, Kerala Police, Forensics Science Laboratories and GEQDs Import substitution for similar products Cost-effective solution Ideal for the use of Indian Law Enforcement Agencies
22 CyberCheck Data Recovery and Analysis Tool Features Indian Language support Powerful Data recovery facilities High speed search facility Comprehensive Timeline features Detailed Report Generation facility Integrated and Internet History Viewer Facility for identifying password protected files Facility for viewing nested ZIP files
23 CyberCheck Data Recovery and Analysis Tool Unicode and Indian Language Support
24 CyberCheck Data Recovery and Analysis Tool Table and Disk views
25 CyberCheck Data Recovery and Analysis Tool Picture Gallery View
26 CyberCheck Data Recovery and Analysis Tool Timeline View
27 CyberCheck Data Recovery and Analysis Tool Search hits view
28 CyberCheck Data Recovery and Analysis Tool Recovery of deleted file
29 CyberCheck Data Recovery and Analysis Tool Report generated by CyberCheck
30 Tracer Tuesday, February 10,
31 Tracer S/W tool for tracing sender of an Features Trace the originating IP address and other details from header Generates detailed HTML report of header analysis Find the city level details of the sender Plot Route traced by the mail Display the originating geographic location of the mail in the world map Keyword searching facility on content including attachment Tuesday, February 10,
32 Tracer S/W tool for tracing sender of an Tuesday, February 10,
33 Tracer S/W tool for tracing sender of an Tuesday, February 10,
34 Tracer S/W tool for tracing sender of an Tracer WhoIs Search Tuesday, February 10,
35 Tracer S/W tool for tracing sender of an Tracer NS LookUp Tuesday, February 10,
36 Tracer S/W tool for tracing sender of an Tracer IP TraceBack Tuesday, February 10,
37 Tracer S/W tool for tracing sender of an Tuesday, February 10, 2009 Detailed Report 37
38 CyberInvestigator Tuesday, February 10,
39 CyberInvestigator Indigenously developed by CDAC Thiruvananthapuram Helps Law Enforcement Agencies in investigating Cyber Crimes Log analysis tool Analyses Windows and Linux Logs Offline Intrusion Analysis Querying facility
40 Features of CyberInvestigator Supports analysis of offline logs Built in & User defined queries. Signature based Offline Intrusion Analysis Supports analysis of Windows event logs Supports analysis of Linux logs like message log, utmp,wtmp & Cron Supports web traffic analysis Supports analysis of Access log & IIS Log Collects information regarding the insertion of USB devices Collects information regarding unauthorised access
41 CyberInvestigator- Main User Interface
42 Query Interface for Windows Event log
43 Analysis O/P of wtmp log
44 Network Session Analyzer (NeSA) Tuesday, February 10,
45 NeSA Indigenously developed by CDAC Thiruvananthapuram Helps Law Enforcement Agencies in investigating Cyber Crimes Offline Network session analysis tool Reconstructs network sessions from dump files Helps in network trouble shooting and debugging Misuse detection Gather network statistics
46 Features of NeSA Session Reconstruction - HTTP, SMTP, POP3 and FTP Displays the data in Hex view, Image view, File view and Mail view Powerful & Flexible filtering and searching facility Filtering based on MAC, IP, Port, Protocol, Date and Time Facility to export reconstructed files Statistics generation based on different criteria Time zone based analysis
47 POP3 Session Hex View
48 HTTP Session Thumb Nail View
49 POP3 Session Mail View
50 PDA Imager & Analyzer Tuesday, February 10,
51 Introduction Many criminals are now using electronic devices other than PCs to commit illegal activities. Cellular telephones, Smart Phones, and Personal Digital Assistants (PDAs) are only a few of the devices that must now be examined by forensic investigators. CDAC(T) has developed forensics software and hardware tools for the analysis of such devices and PDA Forensics Suite is one among them. PDA Forensics Suite is a is a software tool to forensically acquire, analyze and present the digital evidence from WinCE and Palm OS based PDAs/Smart Phones before the court of law. It consists of two software tools - PDA Imager and PDA Analyzer
52 PDA Imager PDA Imager is used to forensically image PDAs and Smart Phones. It performs logical and physical acquisition of the devices. It also performs Hashing for authenticating the evidence. Version 1.0 of this software supports acquisition of WinCE and Palm OS based PDAs and Smart Phones. This tool is developed as per the directions provided by the NIST for handheld devices.
53 PDA Imager Features Standard Windows application Imaging tool for WinCE/Pocket PC/ Windows Mobile/Palm OS PDAs. Acquisition through USB connection. Supports physical and logical acquisition. Logical acquisition includes files, database and registry. Supports MD5 Hashing. Creates a single evidence file with a specific format. Supports comprehensive HTML reporting.
54 PDA Imager
55 Seizure & Acquisition PDA Imager
56 Acquiring PDA
57 Acquisition Report
58 PDA Analyzer PDA Analyzer is used to forensically examine the evidence collected from PDAs and Smart Phones. It takes the acquired evidence file taken by PDA Imager as input and identify the required information from the image if present and display it in a file viewer with all details.
59 PDA Analyzer Features Standard Windows application. User login facilities. Creates log of each analysis session and analyzing officer s details. Explorer type view of contents of the whole evidence file. Display of folders and files with all attributes. Text/Hex view of the content of a file. Picture view of an image file. Gallery view of images. Timeline View of Files Single and Multiple Keyword search. Search with GREP expressions. File search based on extension. Book marking facility for data, files and folders Registry viewer
60 PDA Analyzer
61 File Viewer
62 Gallery Viewer
63 Timeline Viewer Features(Contd.)
64 Analysis Report Features(Contd.)
65 SIM Card Imager & Analyzer Tuesday, February 10,
66 SIM Card Imager & Analyzer A forensic acquisition tool for GSM Sim Cards Indigenously developed by Resource Centre for Cyber Forensics Analysis methods as per NIST guidelines Generates a detailed report for presentation in court
67 SIM Card Imager & Analyzer Acquires the following contents from SIM Card Phone Book Messages Location Information IMSI Last Dialed Numbers
68 SIM Card Imager & Analyzer
69 SIM Card - Acquisition
70 SIM Card - Acquisition
71 SIM Card - Acquisition
72 SIM Card - Analysis Phone Book Details
73 SIM Card - Analysis Message Details
74 SIM Card - Analysis Location Information
75 SIM Card - Analysis Message Summary
76 SIM Card - Analysis Hash Values of different items
77 Cyber Forensics Hardware Tools TrueImager & TrueLock Tuesday, February 10,
78 Hardware Tools TrueImager A disk forensic hardware tool for seizing and acquiring storage media from the scene of cyber crime specially designed for Indian Law Enforcement Agencies TrueLock A hardware forensic tool for write protecting suspect storage media while seizing and acquiring the media from the scene of cyber crime
79 Features & Benefits Smart, Portable handheld Cyber Forensics Digital Evidence Image Recorder. - Seizure - Acquisition High speed data transfer at the rate of 3GB/min Offers built in write-protection of suspect disk. Support Wiping feature for sanitizing the evidence disk.
80 Features Contd. Support 3 types of Suspect disk media: IDE disk SATA disk USB disk Different Views.
81 TrueLock A hardware drive lock which prevents all data writes to hard disk drives connected to a computer s IDE interface. Helps in the preservation of digital evidence. A cost-effective solution for supporting disk imaging Connecting Hard disk to PC through True Lock
82 Features Write protects the IDE Hard Disc connected to the PC s IDE interface. Supports all IDE Drives. Requires no special software. Physical Dimension: 84mm X 41.5mm X 25mm
83 Achievements Designed and developed the first indigenous suite of products for carrying out cyber forensics investigation More than 175 copies of C-DAC s CyberCheck Suite licensed to Law Enforcement Agencies Conducted more than 25 basic and advanced level training programmes on Cyber Forensics to LEAs Analyzed more than 200 Cyber Crime cases and submitted technical reports to different courts in India 10-Feb-09 Resource Centre for Cyber Forensics 83
84 Organizations that use CyberCheck Suite Hitech Cyber Cell, Thiruvananthapuram Army Cyber Security Establishment, New Delhi Intelligence Bureau, New Delhi Delhi Police, New Delhi CBI Academy, Ghaziabad GEQDs of Hyderabad and Shimla CFSL, Hyderabad FSLs of Chandigarh, Chennai, Thiruvananthapuram and Haryana DFSL, Gujarat Cyber Crime Investigation Cell, Thane, Maharashtra Cyber Cells of Bangalore and Arunachal Pradesh SCRB, Thiruvananthapuram National Academy of Taxes, Nagpur National Police Academy, Hyderabad Cabinet Secretariat, New Delhi Kerala IT Mission, Thiruvananthapuram
85 Training on Cyber Forensics Successfully conducted more than 25 training programmes covering basic and advanced Cyber Forensics concepts. Conducted a certificate programme on Cyber Forensics to 32 officers of Kerala Police. Conducted 2 weeks separate training programmes on Cyber Forensics to officers from Intelligence Bureau and Forensic Science Laboratories. Conducted 7 training programmes of one week duration to Judicial Officers in collaboration with CCA at different State Judicial Academies. Recently conducted one month training programme on Cyber Forensics to 51 Police Officers from all Police Districts of Kerala.
86 Case Categories Nature of Crime Number Hacking 17 Document Forgery 65 Financial Frauds 22 Software Piracy 7 Pornography 13 Mobile Phone Crime 64 Crimes 41 Total 229
87 Cyber Forensic Analysis Statistics Agency Reported Cases Analysis Completed RAW 1 1 CBI Bangalore Police 6 6 CCPS Bangalore Chennai Police 3 2 Crime Branch, Kerala Vigilance, Kerala 16 9 Kerala Police Total
88 Advantages of C-DAC Solutions Completely indigenous development Self-reliance in technology Cost-effective solution Developed for Law Enforcement Agencies and Corporate houses Total technical support 10-Feb-09 Resource Centre for Cyber Forensics 88
89 Current Activities Development of Enterprise Forensics System that will provide proactive solutions to cyber crimes and offences in Enterprise and Corporate networks. Design and development of advanced forensic tools for memory analysis, malware analysis, software forensics, peripheral device forensics, etc. Setting up Virtual Training Environment facilities for training 10-Feb-09 Resource Centre for Cyber Forensics 89
90 What C-DAC can offer Provide a well tested and certified cyber forensics suite of products (CyberCheck Suite) for acquisition and analysis on portable lab as well as forensic workstation Cost effective solution Software for Network Forensics, Live Forensics and Device Forensics Hardware tools for disk forensics Introductory training in cyber forensics Advanced training in cyber forensics 10-Feb-09 Resource Centre for Cyber Forensics 90
91 Contacts: B.Ramani, Addl. Director : ramani@cdactvm.in V.K.Bhadran, Addl. Director : bhadran@cdactvm.in K.L.Thomas, Jt.Director : thomaskl@cdactvm.in Resource Centre for Cyber Forensics Centre for Development of Advanced Computing Vellayambalam, Thiruvananthapuram Kerala Phone: Tuesday, February 10,
92 THANK YOU 10-Feb-09 Resource Centre for Cyber Forensics 92
Hands-On How-To Computer Forensics Training
j8fm6pmlnqq3ghdgoucsm/ach5zvkzett7guroaqtgzbz8+t+8d2w538ke3c7t 02jjdklhaMFCQHihQAECwMCAQIZAQAKCRDafWsAOnHzRmAeAJ9yABw8v2fGxaq skeu29sdxrpb25zidxpbmznogtheories...ofhilz9e1xthvqxbb0gknrc1ng OKLbRXF/j5jJQPxXaNUu/It1TQHSiyEumrHNsnn65aUMPnrbVOVJ8hV8NQvsUE
More informationGuide to Computer Forensics and Investigations, Second Edition
Guide to Computer Forensics and Investigations, Second Edition Chapter 4 Current Computer Forensics Tools Objectives Understand how to identify needs for computer forensics tools Evaluate the requirements
More informationCertified Digital Forensics Examiner
Certified Digital Forensics Examiner Course Name: CDFE V6.0 Duration: Language: 5 days English Format: Instructor-led (Lecture and Lab) Prerequisite: Experience in using a computer Student Materials: Student
More informationCertified Digital Forensics Examiner
Certified Digital Forensics Examiner Course Name: CDFE V6.0 Duration: Language: 5 days English Format: Instructor-led (Lecture and Lab) Prerequisite: Experience in using a computer Student Materials: Student
More informationCertified Digital Forensics Examiner
Cyber Security Training & Consulting Certified Digital COURSE OVERVIEW 5 Days 40 CPE Credits $3,000 Digital is the investigation and recovery of data contained in digital devices. This data is often the
More informationCYBER FORENSICS (W/LAB) Course Syllabus
6111 E. Skelly Drive P. O. Box 477200 Tulsa, OK 74147-7200 CYBER FORENSICS (W/LAB) Course Syllabus Course Number: CSFS-0020 OHLAP Credit: Yes OCAS Code: 8134 Course Length: 130 Hours Career Cluster: Information
More informationEC-Council Ethical Hacking and Countermeasures
EC-Council Ethical Hacking and Countermeasures Description This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.
More informationComputer Forensics and Investigations Duration: 5 Days Courseware: CT 0619217065
Computer Forensics and Investigations Duration: 5 Days Courseware: CT 0619217065 Introduction The Computer Forensics and Investigation course presents methods to properly conduct a computer forensics investigation
More informationElectronic Crime Scene Investigation: A Guide for First Responders, Second Edition
APR. 08 Electronic Crime Scene Investigation: A Guide for First Responders, Second Edition Cover photographs copyright 2001 PhotoDisc, Inc. NCJ 219941 Chapter 1. Electronic Devices: Types, Description,
More informationDigital Forensics Tutorials Acquiring an Image with FTK Imager
Digital Forensics Tutorials Acquiring an Image with FTK Imager Explanation Section Digital Forensics Definition The use of scientifically derived and proven methods toward the preservation, collection,
More informationMSc Computer Security and Forensics. Examinations for 2009-2010 / Semester 1
MSc Computer Security and Forensics Cohort: MCSF/09B/PT Examinations for 2009-2010 / Semester 1 MODULE: COMPUTER FORENSICS & CYBERCRIME MODULE CODE: SECU5101 Duration: 2 Hours Instructions to Candidates:
More informationChapter 7 Securing Information Systems
1 Chapter 7 Securing Information Systems LEARNING TRACK 3: COMPUTER FORENSICS For thirty years, a serial murderer known as the BTK killer (standing for bind, torture, and kill) remained at large in Wichita,
More informationGFSU Certified Cyber Crime Investigator GFSU-CCCI. Training Partner. Important dates for all batches
GFSU Certified Cyber Crime Investigator GFSU-CCCI 1. Internet Fundamentals 2. Cyber Crime Essentials 3. Cyber Investigation Essentials 4. Digital Evidence in Computer Devices 5. Cyber Forensics Essentials
More informationCDFE Certified Digital Forensics Examiner (CFED Replacement)
Course: CDFE Certified Digital Forensics Examiner (CFED Replacement) Description: Price: $3,450.00 Category: Popular Courses Duration: 5 days Schedule: Request Dates Outline: COURSE OVERVIEW Computer Forensics
More informationInfoSec Academy Forensics Track
Fundamental Courses Foundational Courses InfoSec Academy Specialized Courses Advanced Courses Certification Preparation Courses Certified Information Systems Security Professional (CISSP) Texas Security
More informationImpact of Digital Forensics Training on Computer Incident Response Techniques
Impact of Digital Forensics Training on Computer Incident Response Techniques Valorie J. King, PhD Collegiate Associate Professor University of Maryland University College Presentation to AFCEA June 25,
More informationCYBER FORENSICS. KRISHNA SASTRY PENDYALA Cyber Forensic Division Central Forensic Science Laboratory Hyderabad.
CYBER FORENSICS KRISHNA SASTRY PENDYALA Cyber Forensic Division Central Forensic Science Laboratory Hyderabad. 11 DIGITAL EVIDENCE? Cyber crimes Digital evidence Digital evidence is any information of
More informationDigital Forensic Techniques
Digital Forensic Techniques Namrata Choudhury, Sr. Principal Information Security Analyst, Symantec Corporation Professional Techniques T23 CRISC CGEIT CISM CISA AGENDA Computer Forensics vs. Digital Forensics
More informationComputer Forensic Tools. Stefan Hager
Computer Forensic Tools Stefan Hager Overview Important policies for computer forensic tools Typical Workflow for analyzing evidence Categories of Tools Demo SS 2007 Advanced Computer Networks 2 Important
More informationOverview of Computer Forensics
Overview of Computer Forensics Don Mason, Associate Director National Center for Justice and the Rule of Law University of Mississippi School of Law [These materials are based on 4.3.1-4.3.3 in the National
More informationLecture outline. Computer Forensics and Digital Investigation. Defining the word forensic. Defining Computer forensics. The Digital Investigation
Computer Forensics and Digital Investigation Computer Security EDA263, lecture 14 Ulf Larson Lecture outline! Introduction to Computer Forensics! Digital investigation! Conducting a Digital Crime Scene
More informationCERTIFIED DIGITAL FORENSICS EXAMINER
CERTIFIED DIGITAL FORENSICS EXAMINER KEY DATA Course Title: C)DFE Duration: 5 days CPE Credits: 40 Class Format Options: Instructor-led classroom Live Online Training Computer Based Training Who Should
More informationComputer Hacking Forensic Investigator v8
CÔNG TY CỔ PHẦN TRƯỜNG CNTT TÂN ĐỨC TAN DUC INFORMATION TECHNOLOGY SCHOOL JSC LEARN MORE WITH LESS! Computer Hacking Forensic Investigator v8 Course Description: EC-Council releases the most advanced Computer
More informationCOMPUTER FORENSICS (EFFECTIVE 2013-14) ACTIVITY/COURSE CODE: 5374 (COURSE WILL BE LISTED IN THE 2013-14 CATE STUDENT REPORTING PROCEDURES MANUAL)
COMPUTER FORENSICS (EFFECTIVE 2013-14) ACTIVITY/COURSE CODE: 5374 (COURSE WILL BE LISTED IN THE 2013-14 CATE STUDENT REPORTING PROCEDURES MANUAL) COURSE DESCRIPTION: Computer Forensics is focused on teaching
More informationEnCase v7 Essential Training. Sherif Eldeeb https://eldeeb.net
هللامسب EnCase v7 Essential Training What s in this course Explore the most notable features of the new version. Everything you need to know about EnCase v7 to conduct basic investigations. Create Cases
More informationInformation Technology Audit & Forensic Techniques. CMA Amit Kumar
Information Technology Audit & Forensic Techniques CMA Amit Kumar 1 Amit Kumar & Co. (Cost Accountants) A perfect blend of Tax, Audit & Advisory services Information Technology Audit & Forensic Techniques
More informationComputer Forensics Processing Checklist. Pueblo High-Tech Crimes Unit
Computer Forensics Processing Checklist Pueblo High-Tech Crimes Unit Cmdr. Dave Pettinari Pueblo County Sheriff's Office davepet@cops.org The purpose of this document is to provide computer forensic technicians
More information9236245 Issue 2EN. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation
9236245 Issue 2EN Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation Nokia 9300 Configuring connection settings Legal Notice Copyright Nokia 2005. All rights reserved. Reproduction,
More informationEFFICIENT FORENSIC TOOLS FOR HANDHELD DEVICES: A COMPREHENSIVE PERSPECTIVE
EFFICIENT FORENSIC TOOLS FOR HANDHELD DEVICES: A COMPREHENSIVE PERSPECTIVE Somasheker Akkaladevi 1 1 Virginia State University Department of Computer Information Systems Petersburg, Virginia 23806, USA
More informationComputer Forensics. Liu Qian, Fredrik Höglin, Patricia Alonso Diaz. Uppsala University 2007-10-08
Computer Forensics Liu Qian, Fredrik Höglin, Patricia Alonso Diaz Uppsala University 2007-10-08 Outline This PM will give a brief overview of the field of computer forensics, including background, definitions,
More informationDeveloping Computer Forensics Solutions for Terabyte Investigations
Developing Computer Forensics Solutions for Terabyte Investigations Eric Thompson Corporation Orem, Utah USA www.accessdata.com Overview Computer Forensic Definition, Objectives and Policies History of
More information1 Attack Top Attackers Report, Top Targets Report, Top Protocol Used by Attack Report, Top Attacks Report, Top Internal Attackers Report, Top External Attackers Report, Top Internal Targets Report, Top
More informationDigital Forensics & e-discovery Services
Digital Forensics & e-discovery Services U.S. Security Associates Digital Forensics & e-discovery Services 21st century fraud investigations require expert digital forensics skills to deal with the complexities
More informationDIGITAL FORENSIC INVESTIGATION, COLLECTION AND PRESERVATION OF DIGITAL EVIDENCE. Vahidin Đaltur, Kemal Hajdarević,
DIGITAL FORENSIC INVESTIGATION, COLLECTION AND PRESERVATION OF DIGITAL EVIDENCE Vahidin Đaltur, Kemal Hajdarević, Internacional Burch University, Faculty of Information Technlogy 71000 Sarajevo, Bosnia
More informationBest Practices. For Seizing Electronic Evidence. v.3 A Pocket Guide for First Responders. United States Secret Service
Best Practices For Seizing Electronic Evidence v.3 A Pocket Guide for First Responders U.S. Department of Homeland Security United States Secret Service BEST PRACTICES FOR SEIZING ELECTRONIC EVIDENCE This
More informationENTERPRISE COMPUTER INCIDENT RESPONSE AND FORENSICS TRAINING
ENTERPRISE COMPUTER INCIDENT RESPONSE AND FORENSICS TRAINING MODULE A INTRODUCTION TO COMPUTER FORENSICS AND NVESTIGATIONS A1.0 Explain concepts related to computer forensics. A1.1 This module is measured
More informationDigital Forensics & e-discovery Services
Digital Forensics & e-discovery Services Andrews International Digital Forensics & e-discovery Services 21st century fraud investigations require expert digital forensics skills to deal with the complexities
More informationDigital Evidence Search Kit
Digital Evidence Search Kit K.P. Chow, C.F. Chong, K.Y. Lai, L.C.K. Hui, K. H. Pun, W.W. Tsang, H.W. Chan Center for Information Security and Cryptography Department of Computer Science The University
More informationFramework for Live Digital Forensics using Data Mining
Framework for Live Digital Forensics using Data Mining Prof Sonal Honale #1, Jayshree Borkar *2 Computer Science and Engineering Department, Aabha Gaikwad College of Engineering, Nagpur, India Abstract
More informationHealth Informatics in India : Vision and Activities
Health Informatics in India : Vision and Activities September 5, 2008 S. Ramakrishnan ramki@cdac.in 1 Health Informatics : Multidisciplinary in Nature Medicine Biology Computer Science Health Informatics
More informationInformation Technologies and Fraud
Information Technologies and Fraud Florin Gogoasa CISA, CFE, CGEIT, CRISC ACFE Romania - Founder and Board member Managing Partner Blue Lab Consulting Information Technologies for Fraud investigation A.
More informationScene of the Cybercrime Second Edition. Michael Cross
Scene of the Cybercrime Second Edition Michael Cross Chapter 1 Facing the Cybercrime Problem Head-On 1 Introduction 2 Defining Cybercrime 2 Understanding the Importance of Jurisdictional Issues 3 Quantifying
More informationComputer Forensics Basics, First Responder, Collection of Evidence
May 7, 2008 1 Computer Forensics Basics, First Responder, Collection of Evidence Omveer Singh Joint Director / Scientist D omveer@cert-in.org.in Indian Computer Emergency Response Team (CERT-In) Department
More informationDigital Forensics. Module 4 CS 996
Digital Forensics Module 4 CS 996 Hard Drive Forensics Acquisition Bit for bit copy Write protect the evidence media EnCase for DOS Safeback (NTI: www.forensics-intl.com) Analysis EnCase FTK (www.accessdata.com)
More informationCHAPTER 18 CYBER CRIMES
CHAPTER 18 CYBER CRIMES 18.1 With increased use of computers in homes and offices, there has been a proliferation of computer-related crimes. These crimes include: Crimes committed by using computers as
More informationGetting Physical with the Digital Investigation Process
Getting Physical with the Digital Investigation Process Brian Carrier Eugene H. Spafford Center for Education and Research in Information Assurance and Security CERIAS Purdue University Abstract In this
More informationChapter 3: The Investigator s Office and Laboratory
Chapter 3: The Investigator s Office and Laboratory Dept. of Computer Science 1 Objectives Describe certification requirements for computer forensics labs List physical requirements for a computer forensics
More informationISACA-Mumbai Chapter CYBER FORENSICS RAKESH M GOYAL. (rakesh@sysman.in)
ISACA-Mumbai Chapter CYBER FORENSICS RAKESH M GOYAL (rakesh@sysman.in) DIRECTOR, CENTRE FOR RESEARCH AND PREVENTION OF COMPUTER CRIMES, (CRPCC) INDIA & MANAGING DIRECTOR, SYSMAN COMPUTERS (P) LTD., INDIA
More informationAdvanced Diploma In Hardware, Networking & Server Configuration
Advanced Diploma In Hardware, Networking & Server Configuration Who should do this course? This course is meant for those persons who have a dream of getting job based on Computer Hardware, Networking
More informationVirtual FAX Function in Vigor IPPBX 2820 Series
Virtual FAX Function in VigorIPPBX 2820 Series In response to environmental policy of paperless in office, DrayTek introduces a new function of Virtual FAX in VigorIPPBX 2820 series. The built in Virtual
More informationTrack 2: Introductory Track PREREQUISITE: BASIC COMPUTER EXPERIENCE
Anne Arundel Community College Tracks Anne Arundel Community College s computer technologies courses have been organized into 10 suggested tracks. The tracks are arranged to ensure that students have the
More informationCOWLEY COLLEGE & Area Vocational Technical School
COWLEY COLLEGE & Area Vocational Technical School COURSE PROCEDURE FOR Student Level: This course is open to students on the college level in either the freshman or sophomore year. Prerequisites: Basic
More informationGuidelines on Digital Forensic Procedures for OLAF Staff
Ref. Ares(2013)3769761-19/12/2013 Guidelines on Digital Forensic Procedures for OLAF Staff 1 January 2014 Introduction The OLAF Guidelines on Digital Forensic Procedures are internal rules which are to
More informationLegal Framework to Combat Cyber Crimes in the Region: Qatar as a Model. Judge Dr. Ehab Elsonbaty Cyber Crime expert ehabelsonbaty@hotmail.
Legal Framework to Combat Cyber Crimes in the Region: Qatar as a Model Judge Dr. Ehab Elsonbaty Cyber Crime expert ehabelsonbaty@hotmail.com Why should we care about CYBER CRIME & CYBER SECURITY? Clarification
More informationAn overview of IT Security Forensics
An overview of IT Security Forensics Manu Malek, Ph.D. Stevens Institute of Technology mmalek@ieee.org www.cs.stevens.edu/~mmalek April 2008 IEEE Calif. 1 Outline Growing Threats/Attacks Need for Security
More informationDigital Forensics. Tom Pigg Executive Director Tennessee CSEC
Digital Forensics Tom Pigg Executive Director Tennessee CSEC Definitions Digital forensics Involves obtaining and analyzing digital information as evidence in civil, criminal, or administrative cases Analyze
More informationCERIAS Tech Report 2003-29 GETTING PHYSICAL WITH THE DIGITAL INVESTIGATION PROCESS. Brian Carrier & Eugene H. Spafford
CERIAS Tech Report 2003-29 GETTING PHYSICAL WITH THE DIGITAL INVESTIGATION PROCESS Brian Carrier & Eugene H. Spafford Center for Education and Research in Information Assurance and Security, Purdue University,
More informationPOLICY STATEMENT Commonwealth of Pennsylvania Department of Corrections
POLICY STATEMENT Commonwealth of Pennsylvania Department of Corrections Policy Subject: Policy Number: Computer Forensic Investigations (CFI) 2.4.1 Date of Issue: Authority: Effective Date: August 28,
More information2! Bit-stream copy. Acquisition and Tools. Planning Your Investigation. Understanding Bit-Stream Copies. Bit-stream Copies (contd.
Acquisition and Tools COMP 2555: Principles of Computer Forensics Autumn 2014 http://www.cs.du.edu/2555 1 Planning Your Investigation! A basic investigation plan should include the following activities:!
More informationPage 1 of 5 Position Code #P10260. Forensic Identification - Technological Crimes Unit ASSOCIATION: Civilian LOCATION: Headquarters
Page 1 of 5 Position Code #P10260 POSITION TITLE: Computer Forensics DEPT./DIV.: Investigative Services Support Technician REPORTS TO: Sergeant, Technological Crimes Unit BRANCH: Forensic Identification
More informationDesign Document for Implementing a Digital Forensics Laboratory
Design Document for Implementing a Digital Forensics Laboratory Version.00 Group CNWIS-G4 Department of Computer Science and Engineering University of Moratuwa Project Supervisors: Dr Chandana Gamage Project
More informationCase Study: Mobile Device Forensics in Texting and Driving Cases
Case Study: Mobile Device Forensics in Texting and Driving Cases Company Profile McCann Investigations is a full service private investigation firm providing complete case solutions by employing cutting-edge
More informationCertified Secure Computer User
Certified Secure Computer User Exam Info Exam Name CSCU (112-12) Exam Credit Towards Certification Certified Secure Computer User (CSCU). Students need to pass the online EC-Council exam to receive the
More informationComputer Forensic Capabilities
Computer Forensic Capabilities Agenda What is computer forensics? Where to find computer evidence Forensic imaging Forensic analysis What is Computer Forensics? The preservation, identification, extraction,
More informationCertified Secure Computer User
Certified Secure Computer User Course Outline Module 01: Foundations of Security Essential Terminologies Computer Security Why Security? Potential Losses Due to Security Attacks Elements of Security The
More informationEnterprise Erase LAN
Enterprise Erase LAN Network Erasing and Asset Management Server Version 2.0 Users Guide 888.700.8560 toll free www.tabernus.com 11130 Jollyville Rd Suite 301 Austin, TX 78757 Table of Contents 1 Product
More informationAhmedabad. Bangalore. Chandigarh. Charles Sturt University Curtin University CQUniversity Deakin University James Cook University - Brisbane
Branch Ahmedabad Bangalore Chandigarh Cities Curtin University Chennai Coimbatore Curtin University Delhi Hyderabad Australian Catholic University Kochi Kolkata Ludhiana Curtin University Mumbai Pune Vadodara
More informationEnCase Portable. Extend Your Forensic Reach with Powerful Triage & Data Collection
GUIDANCE SOFTWARE EnCase Portable EnCase Portable Extend Your Forensic Reach with Powerful Triage & Data Collection GUIDANCE SOFTWARE EnCase Portable EnCase Portable Triage and Collect with EnCase Portable
More informationMobile Device Forensics. Rick Ayers
Mobile Device Forensics Rick Ayers Disclaimer Certain commercial entities, equipment, or materials may be identified in this presentation in order to describe an experimental procedure or concept adequately.
More informationComputer Forensics Discipline
Computer Forensics Discipline Technical Procedure Manual Computer Forensics Discipline Technical Procedure Manual Approved By: Date: Reviewed By: Date: Reviewed By: Date: Table of Contents General Flow
More informationEAGLE EYE Wi-Fi. 1. Introduction
1. Introduction Internet access has become very popular by the emergence of broadband services, and busy yet unregulated Internet traffic causes challenges to administration and management. When it comes
More informationTime Clock V1.2 User Manual. Time Clock V1.2. User Manual. Page 1. www.avea.cc
Time Clock V1.2 User Manual Page 1 TABLE OF CONTENTS 1. TIME CLOCK...4 2. SOFTWARE INSTALLATION...5 3. SETTING UP THE TIME CLOCK SYSTEM...6 3.1 Set Password...7 3.2 Login...8 3.3 Setup - Auto IN/OUT Time
More informationMICROSOFT CERTIFIED SYSTEMS ENGINEER Windows 2003 Track
MICROSOFT CERTIFIED SYSTEMS ENGINEER Windows 2003 Track In recent years Microsoft s MCSE programs has established itself as the premier computer and networking industry certification. For the Windows 2003
More informationDigital Forensics. Larry Daniel
Digital Forensics Larry Daniel Introduction A recent research report from The Yankee Group found that 67.6 percent of US households in 2002 contained at least one PC The investigators foresee three-quarters
More informationCYBERCRIME AND THE LAW
CYBERCRIME AND THE LAW INTERNATIONAL LAW CYBERCRIME CONVENTION Convention on Cybercrime / Budapest Convention first international treaty seeking to address Internet and computer crime by harmonizing national
More information"Charting the Course... ... to Your Success!" MOC 50331 D Windows 7 Enterprise Desktop Support Technician Course Summary
Description Course Summary This course provides students with the knowledge and skills needed to isolate, document and resolve problems on a Windows 7 desktop or laptop computer. It will also help test
More informationCCE Certification Competencies
CCE Certification Competencies May 10, 2012 Page 1 The Certified Computer Examiner (CCE) has evolved into one of the most desired certifications in the computer forensics industry. The certification is
More informationUser Guide. Version 3.2. Copyright 2002-2009 Snow Software AB. All rights reserved.
Version 3.2 User Guide Copyright 2002-2009 Snow Software AB. All rights reserved. This manual and computer program is protected by copyright law and international treaties. Unauthorized reproduction or
More informationIncident Response. Six Best Practices for Managing Cyber Breaches. www.encase.com
Incident Response Six Best Practices for Managing Cyber Breaches www.encase.com What We ll Cover Your Challenges in Incident Response Six Best Practices for Managing a Cyber Breach In Depth: Best Practices
More informationDesign and Implementation of a Live-analysis Digital Forensic System
Design and Implementation of a Live-analysis Digital Forensic System Pei-Hua Yen Graduate Institute of Information and Computer Education, National Kaohsiung Normal University, Taiwan amber8520@gmail.com
More informationSystem Security Policy Management: Advanced Audit Tasks
System Security Policy Management: Advanced Audit Tasks White Paper October 6, 2005 2005 Altiris Inc. All rights reserved. ABOUT ALTIRIS Altiris, Inc. is a pioneer of IT lifecycle management software that
More informationCYBERSAFETY AT WESTLAKE GIRLS HIGH SCHOOL
CYBERSAFETY AT WESTLAKE GIRLS HIGH SCHOOL CYBERSAFETY USE AGREEMENT FOR STUDENTS 2014 This document consists of a cover page and three sections: Section A Cybersafety In The School Environment Important
More informationCase Study: Smart Phone Deleted Data Recovery
Case Study: Smart Phone Deleted Data Recovery Company profile McCann Investigations is a full service private investigations firm providing complete case solutions by employing cutting-edge computer forensics
More informationType Message Description Probable Cause Suggested Action. Fan in the system is not functioning or room temperature
Table of Content Error Messages List... 2 Troubleshooting the Storage System... 3 I can t access the Manager... 3 I forgot the password for logging in to the Manager... 3 The users can t access the shared
More informationהמרכז ללימודי חוץ המכללה האקדמית ספיר. ד.נ חוף אשקלון 79165 טל'- 08-6801535 פקס- 08-6801543 בשיתוף עם מכללת הנגב ע"ש ספיר
מודולות הלימוד של מייקרוסופט הקורס מחולק ל 4 מודולות כמפורט:.1Configuring Microsoft Windows Vista Client 70-620 Installing and upgrading Windows Vista Identify hardware requirements. Perform a clean installation.
More informationSensitive Incident Investigations. Digital Risk Management. Forensics Testing.
Sensitive Incident Investigations. Digital Risk Management. Forensics Testing. 2009 Innovation Award Winner Austin Chamber of Commerce 2010 Innovation Award Finalist Austin Chamber of Commerce Only private
More informationManaging Remote Access
VMWARE TECHNICAL NOTE VMware ACE Managing Remote Access This technical note explains how to use VMware ACE to manage remote access through VPN to a corporate network. This document contains the following
More informationShort Manual Intellect v.4.7.6 SP2 module Unipos Contents:
Short Manual Intellect v.4.7.6 SP2 module Unipos Contents: 1. Software Installation... 2 2. Hardware Configuration... 12 3. System Dispatching... 14 3.1. Create dispatching objects... 14 3.2. Graphical
More informationTechnical Procedure for Evidence Search
Technical Procedure for Evidence Search 1.0 Purpose - The purpose of this procedure is to provide a systematic means of searching digital evidence in order to find data sought by the search authorization.
More informationComputer Forensics. Securing and Analysing Digital Information
Computer Forensics Securing and Analysing Digital Information Aims What is a computer? Where is the evidence? Why is digital forensics important? Seizing evidence Encryption Hidden files and folders Live
More informationNetWrix Server Configuration Monitor
NetWrix Server Configuration Monitor Version 2.2 Quick Start Guide Contents NetWrix Server Configuration Monitor Quick Start Guide 1. INTRODUCTION... 3 1.1 KEY FEATURES... 3 1.2 LICENSING... 4 1.3 HOW
More informationRECOMMENDED HARDWARE CONFIGURATION FOR SCRB RECOMMENDED SOFTWARE REQUIREMENT FOR SCRB
RECOMMENDED HARDWARE CONFIGURATION FOR SCRB WEB SERVER DATABASE SERVER Xeon Processor Xeon Processor 1 GB RAM 1 GB RAM 80 GB Hard Disk 140 GB Hard Disk LAN Card LAN Card CLIENT Pentium 4 Processor 512
More informationLoophole+ with Ethical Hacking and Penetration Testing
Loophole+ with Ethical Hacking and Penetration Testing Duration Lecture and Demonstration: 15 Hours Security Challenge: 01 Hours Introduction Security can't be guaranteed. As Clint Eastwood once said,
More informationUser s Manual Network Management Card
User s Manual Network Management Card RMCARD202 Intelligent Network Management Card allows a UPS system to be managed, monitored, and configured Version 1.0 E-K01-SNMP005-0 TABLE OF CONTENTS Introduction
More informationDRAFT Standard Statement Encryption
DRAFT Standard Statement Encryption Title: Encryption Standard Document Number: SS-70-006 Effective Date: x/x/2010 Published by: Department of Information Systems 1. Purpose Sensitive information held
More informationDeciphering the Safe Harbor on Breach Notification: The Data Encryption Story
Deciphering the Safe Harbor on Breach Notification: The Data Encryption Story Healthcare organizations planning to protect themselves from breach notification should implement data encryption in their
More informationPiecing Digital Evidence Together. Company Information
Piecing Digital Evidence Together Company Information About IntaForensics About Us Established in 2006, IntaForensics has grown to become one of the leading providers of digital forensic services in the
More informationDigital Forensics at the National Institute of Standards and Technology
NISTIR 7490 Digital Forensics at the National Institute of Standards and Technology James R. Lyle Douglas R. White Richard P. Ayers NISTIR 7490 Digital Forensics at the National Institute of Standards
More information