Technical Seminar

On
Cyber Forensic in
Diversified Manner By,
Padmashree C
M.Tech 1st year
Under the guidance of,
Prof. Shashikala S V.
HOD, Dept of CS&E.
 CONTENTS
2

 Introduction
 Cyber Crime
 Cyber Forensics
 Literature Survey
 Requirements and Analysis
 Future Enhancement
 Conclusion
 INTRODUCTION
3

The primary purpose of digital forensics is to retrieve and

analyze files with digital forensics hardware and software,
utilizing a scientific methodology that is acceptable in a court
of law. Digital forensics goes well beyond the ability to
resurrect deleted files; numerous other files that are not easily
accessible can be retrieved using digital forensics tools.
Additionally, digital forensic analysis tools have highly
effective search and filtering capabilities. Moreover, many
professional tools provide recovery, searching, password-
cracking and decryption tools.
 CYBER CRIME
4

CYBER CRIME INVESTIGATION

 The investigation of any crime involves the

painstaking collection of clues and forensic evidence.
 It is inevitable that there will be at least one
electronic device found during the course of an
investigation.
 The information held on the computer may be crucial
and must be investigated in the proper manner.
 KEY STEPS IN FORENSIC
INVESTIGATION
5

 Identify the computer crime

 Seize evidence at the crime scene
 Create two-bit stream copies of the evidence
 Store the original evidence in a secure location
 Analyze the image copy for evidence
 Prepare a forensic report
 If required, attend the court and testify as an expert
witness
 DIGITAL EVIDENCE
6

 Graphics files
 Audio and video recording files
 Internet browser histories
 Server logs
 Word processing and spreadsheet
 Emails
 Log files
 CYBER FORENSICS
7

CYBER FORENSIC STEPS

 Acquisition:

 Identification:

 Evaluation:

 Presentation:
 NEEDS OF COMPUTER FORENSICS
8

 To produce evidence in the court that can lead to the

punishment of the actual.
 To ensure the integrity of the computer system.
 To focus on the response to hi-tech offenses, started
to intertwine.
 GOAL OF COMPUTER FORENSICS
9

 The main goal of computer forensic experts is not only to find

the criminal but also to find out the evidence and the
presentation of the evidence in a manner that leads to legal
action of the criminal.
 CYBER CRIME
10

 CYBER CRIME
 Cyber crime occurs when information technology is used to
commit or conceal an offence.
 TYPES OF CYBER CRIME
11

o Forgery
o Breech of Computer Security
o Fraud/Theft
o Copyright Violations
o Identity Theft
o Threats
o Burglary
o Homicide
o Administrative Investigations
o Cyber Terrorism
o Sales and Investment Fraud
o Electronic Fund Transfer Fraud
12
 EVIDENCE
13

 An item does not become officially a piece of evidence until a

court admits it.
 Much of forensics practice concerns how to collect, preserve
and analyze these items without compromising their potential
to be admitted as evidence in a court of law.
 DIGITAL EVIDENCE
14

 “Any data that is recorded or preserved on any medium in or

by a computer system or other similar device, that can be read
or understand by a person or a computer system or other
similar device. It includes a display, print out or other output of
that data.”
 TOP 10 LOCATION FOR EVIDENCE
15

 Internet History Files

 Temporary Internet Files
 Slack/Unallocated Space
 Buddy lists, personal chat room records, others saved
areas
 News groups/club lists/posting
 Settings, folder structure, file names
 File Storage Dates
 Software/Hardware added
 File Sharing ability
 E-mails
 METHODOLOGY
16

 Shut Down the Computer

 Document the Hardware Configuration of The System
 Transport the Computer System to A Secure Location
 Make Bit Stream Backups of Hard Disks and Floppy
Disks
 Mathematically Verify Data on All Storage Devices
 Document the System Date and Time
 Make a List of Key Search Words
 CONT…

 Evaluate the Windows Swap File

 Evaluate File Slack
 Evaluate Unallocated Space (Erased Files)
 Search Files, File Slack and Unallocated Space for Key
Words
 Document File Names, Dates and Times
 Identify File, Program and Storage Anomalies
 Evaluate Program Functionality
 Document Your Findings
 APPLICATIONS
18

 FINANCIAL FRAUD DETECTION

 CRIMINAL PROSECUTION
 CIVIL LITIGATION
 “CORPORATE SECURITY POLICY AND VIOLATIONS”
 CONCLUSION

 With computers becoming more and more involved in our

everyday lives, both professionally and socially, there is a
need for computer forensics.
 This field will enable crucial electronic evidence to be found,
whether it was lost, deleted, damaged, or hidden, and used to
prosecute individuals that believe they have successfully
beaten the system.
 REFERENCES

 www.google.com
 www.wikipedia.com
 www.studymafia.org
21

Thanks