Embed Size (px)
Citation preview
COMPUTER FORENSICS
By B.C.Sangeetha
Table of Contents• Introduction
• History of Computer Forensics
• What is Computer Forensics
• Goals of Computer Forensics
• Digital Evidence
• Categories of Evidence
• Advantages and Disadvantages of Computer Forensics
• Applications of Computer Forensics
• Skills required for Computer Forensics
• Conclusion
• References
Introduction
Computer forensics (sometimes known as computer forensic science) is a branch of digital forensic science pertaining to legal evidence found in computers and digital storage media.
It is a Scientific process of Preserving, Identifying, Extracting, Documenting.
History of Computer Forensics
• 1970s-First crimes cases involving computers, mainly financial fraud
• 1980’s -Financial investigators and courts realize that in some cases all the records and evidences were only on computers.
• 1984-FBI Magnetic Media Program created. Later it become Computer Analysis and Response Team (CART)
• 1987 Acces Data – Cyber Forensic Company formed• 1993- First International Conference on Computer Evidence
held• 1995- International Organization on Computer Evidence (IOCE)
formed.
History of Computer Forensics
• 1997-The G8 countries in Moscow declared that “Law enforcement personnel must be trained and equipped to address high-tech crimes”.
• 1998-In March G8 appointed IICE to create international principles, guidelines and procedures relating to digital evidence
• 1999-FBI CART case load exceeds 2000 cases, examining 17 terabytes of data
• 1998-In March G8 appointed IICE to create international principles, guidelines and procedures relating to digital evidence
• 1999-FBI CART case load exceeds 2000 cases, examining 17 terabytes of data
• 2000-First FBI Regional Computer Forensic Laboratory established
• 2003-FBI CART case load exceeds 6500 cases, examining 782 terabytes of data.
What is Computer Forensics??– Computer forensics, also called cyber forensics, is the
application of computer investigation and analysis techniques to gather evidence suitable for presentation in a court of law.
– In the field of computer forensics, crucial data can be gathered from dozens of sources.
– These sources may include computer messaging, e-mails, the Internet, tapes CDs, Pen drives, or printouts
Goals of Computer Forensics
Evidence Collection: Analysis: Reporting:
Federal bureau of Investigation logo
Digital Evidence
Digital evidence or electronic evidence before accepting digital evidence a court will determine if the evidence is relevant, whether it is authentic, if it is hearsay and whether a copy is acceptable or the original is required.
Ex:Latent as Fingerprint or DNA The use of digital evidence has increased in the past few
decades as courts have allowed the use of e-mails, digital photographs, ATM transaction logs, word processing documents, instant message histories, internet browser histories, computer backups, computer printouts e.t.c
Categories of Evidence• There are two categories of Evidence. They are
DNA Evidence Crime Evidence
EQUIPMENTS USED FOR DIGITAL EVIDENCE
Advantages:Ability to search through a massive amount of data.
Quickly Thoroughly In any language
Disadvantages: must prove that there is no tampering all evidence must be fully accounted for computer forensic specialists must have complete
knowledge of legal requirements, evidence handling and storage and documentation procedures
Advantages and Disadvantages of Computer ForensicsAdvantages and Disadvantages of Computer Forensics
• Criminal• Domestic• Security• Marketing
Applications of Computer ForensicsApplications of Computer Forensics
Skills required for Computer Forensics
• To start a computer forensics career, you'll likely need a computer forensics degree or a related degree (e.g., computer science, criminal justice or engineering).
• Cryptology• Reverse software engineering• Investigative techniques• Computer forensics tools, such as password
crackers, email converters, or the EnCase or Forensic Toolkit (FTK) software applications.
Conclusion
Hence, by this technology of computer forensics, crime
cases can be solved very easily within a very short time
span and the accused is easily caught by the sure shot
evidences. The reasons behind the crime scene can be
easily determined and solved in various situations and
scenarios.
QUESTIONS??
References:
• www.compforensics.com/references.htm
• en.wikipedia.org/wiki/Computer_forensics
• books.google.co.in/books?isbn=1584503890
• www.edrm.net/resources/glossary/c/computer-forensics
• www2.opensourceforensics.org/node/95
THANKS FOR YOUR ATTENTION
