ComputerForensics_W12_W2016 - split into one or more partitions Partition A Partition B Volume Analysis Filesystem Analysis Advanced Forensics Analysis

ComputerForensics_W12_W2016 - split into one or more...

This preview shows page 1 - 5 out of 27 pages.

1 Advanced Forensics Analysis Techniques 1 These notes are for use by registered students in INFR 4690 U, Winter 2016 , and may not be used or reproduced for any other purpose 2 split into one or more partitions Partition A Partition B Format (or make filesystem ) OS Installation APP Installation Volume Analysis Filesystem Analysis OS Analysis Network Forensics 3 cont d Physical Memory Forensics or Live Forensics 4 cont d Mobile Device Forensics [1] The PC market is shrinking [2] The PC market is shrinking again as companies stop upgrading.
Image of page 1
2 Multimedia Forensics 5 Dose of Reality: In Digital Age, “seeing is no longer believing” Doctored photos damage someone's reputation 6 D igital Image Forgery 7 Types of Digital Image Forgery Most common tampering techniques: Image semantic content can be altered in two major ways: Copy-move forgery Compositing (Splicing) 8
Image of page 2
3 Forgery of Digital Image Forgeries involving a single image called ( copy - move technique ) 9 Forgeries using multiple images as source for tampering Forgery of Digital Image (cont d) 10 [1] John Kerry - Jane Fonda 2004 election photo controversy. [2] C. Song and X. Lin. Natural Image Splicing Detection Based on Defocus Blur at Edges. IEEE/CIC ICCC 2014. Digital Image Forgery D etection Methods for forgery detection Active way Passive way 11 Digital Image Forgery Detection (cont d) Active method Active authentication implies one has prior knowledge about the image. Example: Watermarking and digital signature 12
Image of page 3
4 Passive method The main purpose of digital image forensics is to evaluate the authenticity and the origin of images. Passive method aim to process image and analysis it in order to recover information about the history of an image. It a technique tries to expose semantic manipulation (forgery) through the study of inconsistencies in the statistics of natural images. [1] I. Amerini, L. Ballan, R. Caldelli, A. Del Bimbo and G. Serra, A SIFT-Based Forensic Method for Copy Move Attack Detection and Transformation Recovery (2011), in: IEEE Transactions on Information Forensics and Security, 6:3(1099-1110) 13 Digital Image Forgery Detection (cont d) [1] I. Amerini, L. Ballan, R. Caldelli, A. Del Bimbo and G. Serra, A SIFT-Based Forensic Method for Copy Move Attack Detection and Transformation Recovery (2011), in: IEEE Transactions on Information Forensics and Security, 6:3(1099-1110) The shows four Iranian missiles but only three of them are real; two different sections (encircled in red and purple, respectively) replicate other image sections by applying a copy-move attack.
Image of page 4
Image of page 5

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture