Battling Current Technological Trends



Similar documents
National District Attorneys Association National Center for Prosecution of Child Abuse. Computer Forensics for Prosecutors

Hands-On How-To Computer Forensics Training

Digital Forensics for Attorneys Overview of Digital Forensics

New Hampshire Cyber Crime Initiative Overview Briefing. NH Assistant Attorney General Lucy H. Carrillo Internet Crimes Prosecutor

Digital Evidence Collection and Use. CS 585 Fall 2009

Digital Evidence. Robert J. O Leary, CFCE; DFCP Director NIJ ECTCoE 550 Marshall St. Suite B Phillipsburg, NJ 08865

MARK J. ESKRIDGE, OWNER / INVESTIGATOR DIGITAL FORENSIC INVESTIGATIONS, INC. California Private Investigator license #26633

Trends in Arrests for Child Pornography Possession: The Third National Juvenile Online Victimization Study (NJOV 3)

MSc Computer Security and Forensics. Examinations for / Semester 1

AN INVESTIGATION INTO COMPUTER FORENSIC TOOLS

Revit products will use multiple cores for many tasks, using up to 16 cores for nearphotorealistic

Overview of Computer Forensics

COMPUTER FORENSICS (EFFECTIVE ) ACTIVITY/COURSE CODE: 5374 (COURSE WILL BE LISTED IN THE CATE STUDENT REPORTING PROCEDURES MANUAL)

Digital Forensics Tutorials Acquiring an Image with FTK Imager

WILLIAM OETTINGER PHONE (702)

Certified Digital Forensics Examiner

Certified Digital Forensics Examiner

Evaluation of Software Write Blocking In SAFE Block XP V1.1

Computer Forensics. Securing and Analysing Digital Information

Digital Forensics for Attorneys - Part 2

How To Solve A Violent Home Invasion With A United Force

About Your Presenter. Digital Forensics For Attorneys. Overview of Digital Forensics

Quantifying Hardware Selection in an EnCase v7 Environment

Digital Forensics. Larry Daniel

Urbana Police Department Memorandum

Chapter 7 Securing Information Systems

Autodesk Revit 2016 Product Line System Requirements and Recommendations

Certified Digital Forensics Examiner

Review of the Internet Crimes Against Children Task Force Program

Information Technologies and Fraud

Services. Computer Forensic Investigations

IAPE STANDARDS SECTION 16 DIGITAL EVIDENCE

Council of Europe Project on Cybercrime in Georgia Report by Virgil Spiridon and Nigel Jones. Tbilisi 28-29, September 2009


National Strategy Conference on Combating Child Exploitation

Presentation Title Presentation Subtitle. The Unique Alternative to the Big Four

CERTIFIED DIGITAL FORENSICS EXAMINER

Getting Physical with the Digital Investigation Process

CERIAS Tech Report GETTING PHYSICAL WITH THE DIGITAL INVESTIGATION PROCESS. Brian Carrier & Eugene H. Spafford

Information Technology Audit & Forensic Techniques. CMA Amit Kumar

Digital Forensics. Tom Pigg Executive Director Tennessee CSEC

Regional Computer Forensic Laboratory & Digital Forensics. Presented By: D. Justin Price FBI - Philadelphia Computer Analysis Response Team

Professional Experience

Digital Forensics, ediscovery and Electronic Evidence

Large Scale Cloud Forensics

STATE OF MONTANA DEPARTMENT OF CORRECTIONS POLICY DIRECTIVE

Massachusetts Digital Evidence Consortium. Digital Evidence Guide for First Responders

24/7 High Tech Crime Network

Upgrade to Webtrends Analytics 8.7: Best Practices

Authority: State Trooper - Pennsylvania State Police United States Marshall Special Deputy

CYBER FORENSICS (W/LAB) Course Syllabus

PTK Forensics. Dario Forte, Founder and Ceo DFLabs. The Sleuth Kit and Open Source Digital Forensics Conference

Strategic Priorities for the Cooperation against Cybercrime in the Eastern Partnership Region

Recovery Act - ICAC Awards As of May 21, 2009

EC-Council Ethical Hacking and Countermeasures

Agency Request Budget. Criminal Justice Division

How To Test For Performance And Scalability On A Server With A Multi-Core Computer (For A Large Server)

Digital Forensics for IaaS Cloud Computing

How To Image A Single Vm For Forensic Analysis On Vmwarehouse.Com

Attorney General Balderas Criminal Affairs Update to Courts, Corrections & Justice Interim Committee

FORENSIC ANALYSIS OF USB MEDIA EVIDENCE. Jesús Alexander García. Luis Alejandro Franco. Juan David Urrea. Carlos Alfonso Torres

Computer Forensic Capabilities

AP ENPS ANYWHERE. Hardware and software requirements

South Carolina Internet Crimes Against Children Task Force. Deborah R.J. Shupe Assistant Attorney General Task Force Commander

Incident Response and Computer Forensics

Where is computer forensics used?

CYBERCRIMES CERTIFICATIONS COURSE

HAVE YOUR COMPUTER FORENSICS TOOLS BEEN TESTED?

Lecture outline. Computer Forensics and Digital Investigation. Defining the word forensic. Defining Computer forensics. The Digital Investigation

Accessing vlabs using the VMware Horizon View Client for OSX

EnCase Portable Demo P A G E 0

Digital Evidence Search Kit

Roy D. Rector CFCE EnCE

VMware Horizon FLEX User Guide

The Virtual Digital Forensics Lab: Expanding Law Enforcement Capabilities

CONCEPT MAPPING FOR DIGITAL FORENSIC INVESTIGATIONS

Autodesk 3ds Max 2010 Boot Camp FAQ

See Criminal Internet Communication as it Happens.

System Requirements. SuccessMaker 5

Toolbox 4.3. System Requirements

Panasas at the RCF. Fall 2005 Robert Petkus RHIC/USATLAS Computing Facility Brookhaven National Laboratory. Robert Petkus Panasas at the RCF

BEST PRACTICES FOR A COLLECTION OF AN IOS MOBILE DEVICE

What Happens When You Press that Button? Explaining Cellebrite UFED Data Extraction Processes

AN INVESTIGATION INTO THE METHODS USED FOR TRAFFICKING OF CHILD ABUSE MATERIAL

Paragon Backup Retention Wizard

Designated personnel will be trained and authorized to conduct field testing.

PARALLELS SERVER BARE METAL 5.0 README

Autodesk Inventor on the Macintosh

The Internet and Network Technologies

Digital Forensic Techniques

Computer Forensics Processing Checklist. Pueblo High-Tech Crimes Unit

Transcription:

Law Enforcement Incident Response to Cybercrimes & Battling Current Technological Trends Corey J. Bourgeois, Computer Forensic Examiner & David Ferris, Investigator Louisiana Department of Justice

HTCU A brief history...

Louisiana ICAC Louisiana Department of Justice 1 director (ICAC commander) 1 lab supervisor 1 Supervisory Investigator 5 investigators 10 forensic examiners 2 analysts 1 Prosecutor 174 affiliates

High Tech Investigations

Proactive & Reactive Investigations

Undercover Chatting Peer 2 Peer Juvenile Prostitution

Undercover Chatting Target - suspects online praying on children in chat rooms, social networking sights, and gaming sights Requires law enforcement officers to assume roles as either a child, the mother/father, or as individuals of like mind Covered under - indecent behavior with a juvenile, computer aided solicitation of a minor and pornography involving juveniles

Peer 2 Peer Investigations Peer to Peer File Sharing Sharing occurs when two computers are directly connected and downloading files from their shared folder Primarily used to download, possess, and distribute images and movies of child pornography

Pros Known image Tracking of image origination Documents the trafficking of images previously unknown in circulation Establishes historical record of SHA values

Cons IP based investigations - tied to subscriber, not necessarily the suspect ISP Errors/Hijacked IP Address Very large pool of targets

Identifying Contraband

Sha-1 Algorithm file encryption method which may be used to produce a unique digital signature of a file. it is computationally infeasible (2^160th) to find two different files that produce the same SHA-1 value.

Sha-1 EXAMPLE JQTPDSTHWKMNDT2VLIE3H7EVLMPH6QNO S33EBO3O5SKAHKKHVATJWSXYSZFQJ5NF

JUVENILE PROSTITUTION Investigations can target the Johns or attempt to recover the juveniles A large majority of your current prostitutes began when they were juveniles. Juvenile prostitution stings can occur: Craigslist, Backpage, Cityvibe, chat rooms and social networking sites These stings involve juveniles selling themselves as well as parents of the juveniles selling their children

Reactive Online Investigations Internet Crime Complaint Center (IC3) National White Collar Crime (NWC3) National Center for Missing and Exploited Children (NCMEC) Cybertips Citizen s Complaint

Computer Forensics preservation identification extraction documentation interpretation...of computer data

Initial Response Arrive on scene Photograph computer location, screen, and any connections. Open case photograph the inside of the computer Conduct forensic preview Bag & Tag

Basic Methodology acquire evidence without altering or damaging the original authenticate that your recovered evidence is the same as the originally seized data analyze the data without modifying it

Acquire

Authenticate

Analyze

Always use sound forensic practices

Always work under the assumption that a case, no matter how small, could end up in a court of law.

Forensic Toolbox Forensic Computer (Standalone) Virtual Machine Application (VMWare Fusion or Parallels) Writeblockers (IDE, SATA, Firewire, USB) EnCase developed by Guidance Software FTK (Forensic Tool Kit) developed by Access Data Blacklight, MacQuisition, Softblock developed by Blackbag Technologies Internet Evidence Finder developed by JAD Software Cellebrite Oxygen Secure View Super Yahoo Chat Decoder

Don t focus on a particular tool to get the job done. Think of computer forensics as a concept and the application and understanding of this concept is especially important for the credibility of the forensic examiner in a court of law

Our Lab 11 nerds (including myself) 11 mac pros 2 x 2.93 GHz Quad - Core Intel Xeon Processors 16 GB 1066 Mhz RAM 4 x 1TB 7200 RPM Hitachi Hard drives 184 TB SAN (Storage Area Network) 144 TB usable storage 2 x Xserve RAID

Assistance to Others Training Cell phone examination Computer forensic On-scene forensic Peer 2 Peer Undercover Chat Undercover Prostitution Training On-Scene Seizure of Digital Evidence Purchasing equipment for affiliate agencies

Challenges storage media cell phones and cellular technology the cloud bit torrent encryption ios computing power time keeping up with new technology security wellness

Questions?

Corey Bourgeois, Lab Supervisor David Ferris, Lead Investigator Louisiana Department of Justice bourgeoisc@ag.state.la.us ferrisd@ag.state.la.us 225.326.6100

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information