07-03-2011, 10:43 AM
[attachment=9656]
COMPUTER FORENSICS
INTRODUCTION
• Definition of computer forensics
• Use of Evidence
- UK Legal Guidelines
• Forensics Process
- Volatile Data
- Techniques : Cross-drive analysis, Live analysis, Deleted files
- Analysis tools : Encase, FTK, PTK forensics, The Sleuth Kit, The Coroner’s Toolkit, COFEE, Selective file dumper.
NEED OF COMPUTER FORENSIC
• Cyber Crime
• Corporations
OBJECTIVE
• Recover, analyze and prevent computer based material for use as evidence in a court of law.
• It is essential that none of the equipment or procedures used during examination of computer obviate this single requirement.
SOURCE OF DATA
• Forensic Acquisition Utilities
• TestDisk
• LiveView
• X-Way Forensic Software
• Hard drive recovery tools
File Ripper
Disktype
Fatback
File Audit Security Toolkit
File
DATA ANALYSIS & INTERPRETATION
• The auditor can determine the objectives and is capable of identifying the organizational systems.
• The information that is requested from the organization should be sufficient, relevant, as well as reliable.
• The procedures to extract the data.
• Data is important to determine the authenticity of the data and verify the information by appropriate investigations.
• Data analysis procedures include data profiling.
FINDINGS
• People should have proper awareness of the risk of cybercrime.
• Surf the internet safely.
• Live onscreen data is seen by using forensics techniques and tools with touch screen technology.
FUTURE SCOPE
• We can easily find the criminals with proper proofs to be submitted in the court.
• We can see the live crimes to be happened in the future onscreen.
• The most important thing is that more than other technologies in IT industry computer forensics play a major role.
CONCLUSION
• Computer forensics is also called as cyberforensics.
• It is an application of computer investigation and analysis techniques to gather evidence.
• It performs a structured investigation.
• Investigators use a variety of techniques and proprietary forensic applications.