Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Digital Forensics Works
Post: #1

digital forensic investigation is a investigation might follow.
form of digital investigation in which the process follow The process isnâ„¢t unlike that of a physical crime lows rules that allow the results to be entered into a scene investigation.1 In the physical word, investigalegal
court”for example, by maintaining the digital tors first preserve the scene to prevent evidence from data™s chain of custody. being lost. Next, they survey the scene and locate propose that most subscribers to this magazine

obvious evidence”for example, by looking at the victim have conducted a form of digital investigation at some at a murder scene to determine whether she was shot
point in their careers. Debugging your software to decode or stabbed and, based on the obvious evidence, contermine how it got into a given digital state is a form
conducting ducting a detailed search to find more evidence,
Post: #2
Presented By:
sauveer Pandey.

Technical Definition: Digital Forensics
“Tools and techniques used to recover, preserve, and examine digital evidence on or transmitted by digital devices.”
Definition for the Masses
“Deleted” files, on almost any kind of digital storage media, are almost never completely “gone”.
Who Needs It?
 Law enforcement officials
 Prosecution of crimes which involve computers or other digital devices.
 Defending the innocent & Prosecuting the guilty.
 Security agencies (e.g. Secret Service, CIA, FBI, NSA)
 Anti-terrorism efforts.
 Digital espionage.
 General
 Employee misconduct in corporate cases.
 For accidental deletion or malicious deletion of data by a user (or a program).
 Military
 Prosecution of internal computer-related crimes.

 Insurance Companies
Evidence discovered on computer can be used to mollify costs (fraud in accident, arson & worker’s compensation cases etc.)
Digital Forensics-Possibilities & Limitations
 What’s possible?
 Recovery of deleted data.
 Discovery of when files were modified, created, deleted, organized etc.
 Can determine which storage devices were attached to a specific computer.
 Which applications were installed, even if they were uninstalled by the user.
 Which web sites a user visited…
 What’s not…
 If digital media is completely (physically) destroyed, recovery is impossible.
 If digital media is securely overwritten, recovery is very, very complicated, or practically impossible.
A Digital Computer Forensics investigation, involves four major steps
 Acquisition
Obtaining the original evidence.
 Preservation
Protecting the original evidence.
 Analysis
Finding relevant evidence.
 Presentation
Presenting the evidence in court.
Traditional: Where’s the evidence?
 Undeleted files
 Deleted files
 Windows registry
 Print spool files
 Hibernation files
 Temp files (all those .TMP files!)
 Slack space
 Swap files
 Browser caches
 Alternate or “hidden” partitions
 On a variety of removable media (floppies, ZIP, Jazz, tapes, …)
Sources of Digital Evidence
 Computers
 Email
 Digital images
 Documents
 Spreadsheets
 Chat logs
 Illegally copied software or other copyrighted material
 Wireless telephones
 Numbers called
 Incoming calls
 Voice mail access numbers
 Email addresses
 Call forwarding numbers

 PDAs/Smart Phones
 Above, plus contacts, maps, pictures, passwords, documents, …
 Landline Telephones/Answering machines
 Incoming/outgoing messages
 Numbers called
 Incoming call info
 Access codes for voice mail systems
 Contact lists
 Copiers
 Especially digital copiers, which may store entire copy jobs.
 “Deletion” Fallacies
 “I deleted, the file, it’s gone.”
 Deleted files are recoverable using digital forensics tools.
 “I changed the name of the file, now no one will find it”
 Digital forensics tools immediately identify files based on content—names don’t matter at all.
 “I formatted the drive”
 This destroys almost nothing.
 “Deletion” Fallacies
 “I cut the floppy into little pieces- Media Mutilation ”
 At this point, it’s a question of how important it is to recover the data, because it is harder to recover the data.
 “I use only web-based email”
 Some email fragments are still present locally.
 Tools of Digital Forensics
 Encase –
includes tools for data acquisition, file recovery, indexing/search and file parsing.
 Forensic Toolkit –
scans a hard drive looking for various information.
 PTK Forensics –
runs as a GUI interface for The Sleuth Kit, acquiring and indexing digital media for investigation.

 Tools of Digital Forensics
 The Sleuth Kit –
provides a large number of specialized command-line based utilities.
 The Coroner’s Toolkit –
analysis of data recovery from computer disasters.
 Computer Online Forensic Evidence Extractor (COFEE) –
automated forensic tool during a live analysis.
Zacarias Moussaoui
 20th hijacker in the 9/11 (2001) terrorist
attacks against the U.S.
 His laptop, 4 computers, and several email accounts (pilotz123[at] were searched for e-evidence.
 FBI discovered that the 19 hijackers used Kinko's computers in various cities to gain access to the Internet to plan 9/11.
Digital Forensics tools found immense application in investigating
various digital media used in Mumbai Terror attack 26/11.
Future of Digital Forensics
 Digital forensics is now part of criminal investigations.
 Crimes & methods to hide crimes are becoming more sophisticated.
 Digital forensics will be in demand for as long as there are criminals and misbehaving people.
 Will attract students and law professionals who need to update their skills.
 Digital Forensics has gained an important place in criminal investigations pertaining to digital media. Increasing number of computer crime means increasing demand for digital forensics services .
 Today, everyone is exposed to potential attacks and has a responsibility to its network neighbors to minimize their own vulnerabilities in an effort to provide a more secure and stable network.
 The digital forensic needs and challenges can be accomplished only with the cooperation of the private, public, and international sectors.

Important Note..!

If you are not satisfied with above reply ,..Please


So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page
Popular Searches: explain in block diagram how a digital television works, how tachogenerator works pdf, online schooling how it works, works engineering air filter review, electrical project works, works, cryptography and forensics,

Quick Reply
Type your reply to this message here.

Image Verification
Image Verification
(case insensitive)
Please enter the text within the image on the left in to the text box below. This process is used to prevent automated posts.

Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  Digital Signature Full Seminar Report Download computer science crazy 20 14,033 16-09-2015 02:51 PM
Last Post: seminar report asees
  sketch image match to digital image arma 2 736 30-06-2013 12:24 PM
Last Post: Guest
Photo Digital Watermarking Full Seminar Report Download computer science crazy 83 48,458 06-02-2013 12:33 PM
Last Post: Guest
  Digital Light Processing computer science crazy 1 1,439 11-01-2013 10:56 AM
Last Post: seminar details
  Digital Image Watermarking project report helper 3 4,679 19-12-2012 11:48 AM
Last Post: seminar details
  Digital Signature Guidelines Electrical Fan 1 1,083 27-11-2012 12:06 PM
Last Post: seminar details
  digital image processing project topics 1 1,764 19-11-2012 01:46 PM
Last Post: seminar details
  Digital Video Editing computer science crazy 2 3,147 12-11-2012 12:40 PM
Last Post: seminar details
  Analog-Digital Hybrid Modulation for Improved Efficiency over Broadband Wireless Syst electronics seminars 8 5,237 13-03-2012 10:23 AM
Last Post: seminar paper
  SEMINAR REPORT On DIGITAL HUBBUB Computer Science Clay 2 4,629 06-03-2012 09:31 AM
Last Post: seminar paper