Forensics Lect1_handout

Forensics Lect1_handout - Overview of this lecture Computer...

Info iconThis preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon
15/8/2005- B. Smeets IT - Secure Sys & Applic - Computer Forensics 1 Computer Forensics Parts of this material has been compiled from various open sources 15/8/2005- B. Smeets IT - Secure Sys & Applic - Computer Forensics 2 Overview of this lecture ± What is Computer Forensics? ± Terminology ± Incident handling ± Organizational Roles & Responsibilities ± Detection and Correlation Tips ± When to Call for Help! ± Tools 15/8/2005- B. Smeets IT - Secure Sys & Applic - Computer Forensics 3 What is computer forensics? 15/8/2005- B. Smeets IT - Secure Sys & Applic - Computer Forensics 4 Uh Oh. You ve been compromised!
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
15/8/2005- B. Smeets IT - Secure Sys & Applic - Computer Forensics 5 A computer user is using the computer in an unauthorized manner! 15/8/2005- B. Smeets IT - Secure Sys & Applic - Computer Forensics 6 Statistics of computer crime - germany 15/8/2005- B. Smeets IT - Secure Sys & Applic - Computer Forensics 7 Computer forensics is: ± The lawful and ethical seizure, acquisition, analysis, reporting and safeguarding of data and meta-data derived from digital devices which may contain information that is notable and perhaps of evidentiary value to the trier of fact in managerial, administrative, civil and criminal investigations. - Larry Leibrock, PhD, 1998 ± One uses also the term: Data forensics 15/8/2005- B. Smeets IT - Secure Sys & Applic - Computer Forensics 8 Main steps in Computer Forensics ± Imaging data stored in electronic format ± Authentication of Image ± Analyzing the data ± Reporting results in a neutral manner
Background image of page 2
15/8/2005- B. Smeets IT - Secure Sys & Applic - Computer Forensics 9 Digital forensics is not: ± Pro-active (security) ± It is reactive to an event or request ± About finding the bad guy ± It is about finding evidence of value ± Something you do for fun ± Proper forensic investigations require expertise ± Quick ± 400GB drives are becoming available 15/8/2005- B. Smeets IT - Secure Sys & Applic - Computer Forensics 10 Who uses digital evidence ? (1/3) Many types of criminal and civil proceedings can and do make use of evidence revealed by computer forensics specialists: ± Criminal justice agencies ± Prosecutor s Office/DA, Attorneys, and Judges ± Corporate Councils ± Company Legal resources ± Human Resources (HR=personal avdelningen) ± Auditors ± Individuals ± Crackers/Hackers - Caution 15/8/2005- B. Smeets IT - Secure Sys & Applic - Computer Forensics 11 Who uses digital evidence ? (2/3) ± Criminal Prosecutors use computer evidence in a variety of crimes where incriminating documents can be found: homicides, financial fraud, drug and embezzlement record- keeping, and child pornography. ± Civil litigations can readily make use of personal and business records found on computer systems that bear on: fraud, divorce, discrimination, and harassment cases. ± Insurance Companies may be able to mitigate costs by using discovered computer evidence of possible fraud in accident, arson, and workman's compensation cases.
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 4
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 04/06/2011 for the course CS 6963 taught by Professor Walterbruehs during the Spring '10 term at NYU Poly.

Page1 / 16

Forensics Lect1_handout - Overview of this lecture Computer...

This preview shows document pages 1 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online