teaching computer forensics using student developed evidence files n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Teaching Computer Forensics Using Student Developed Evidence Files PowerPoint Presentation
Download Presentation
Teaching Computer Forensics Using Student Developed Evidence Files

play fullscreen
1 / 19

Teaching Computer Forensics Using Student Developed Evidence Files

149 Views Download Presentation
Download Presentation

Teaching Computer Forensics Using Student Developed Evidence Files

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Teaching Computer Forensics Using Student Developed Evidence Files Anna Carlin Cal Poly Pomona

  2. Agenda • What is Computer Forensics • Trends in Computer Forensics • Structure of a Computer Forensics Course • Investigative Mindset • Criminal Mindset • Legal Aspects of Computer Forensics • Ethics • Highlights • Questions & Answers

  3. What is Computer Forensics? • Application of computer investigation and analysis in the interests of determining potential legal evidence • Involves the identification, preservation, extraction, documentation, and interpretation of this digital evidence

  4. Trends in Computer Forensics • Computer Information System/Information Technology • 95% or world’s information is being generated and stored in a digital form • Only about one-third of documentary evidence is printed out

  5. Structure Of Course • Prerequisites • Textbooks Used • Group and Individual Projects • Lab Environment/Facility

  6. Quarter System Class • Prerequisites • Cal Poly – Junior/Senior level in a career track • Textbooks • Guide to Computer Forensics from Course Technology • Recommended: Hacking Exposed: Computer Forensics Secrets and Solutions

  7. Topics Covered • Applicable Laws • Processing Crime and Incident Scenes • Collecting Evidence • Recovering Evidence • Computer Forensic Tools • Documenting the Investigation • Communicating the Results

  8. Cal Poly’s Computer Forensics Lab • Allows hands-on experience • Evidence lockers • 3 separate hard drives • Software available: • EnCase Enterprise version 5 • FTK • Open source products • Virtual PC

  9. HexWorkshop Irfanview Paraben PC-Encrypt WinHex BitPim Stegdetect Additional Software

  10. Group Project • The goals are to: • Follow a documented forensics investigation process • Identify relevant electronic evidence associated with various violations of specific laws • Identify probable cause to obtain a search warrant • Recognize the limits of search warrants • Locate and recover relevant electronic evidence • Maintain a chain of custody

  11. Group Project Parts • Create the evidence • Pick a crime and identify the elements • Generate evidence to support that crime • Write and execute a search warrant • Analyzing the evidence seized • Maintain chain of custody • Analyze the digital medium for evidence • Document the process and findings • Presentation of findings

  12. Group Projects Created • Bioterrorism of 80% of the world’s coconut supply on a fictitious island • A Da Vinci Code takeoff where the curator interrupts the robbery of the Mona Lisa and is killed in the process • Murder of a faculty member and where they are buried • Counterfeit Anaheim Angel playoff tickets

  13. Individual Projects (Labs) • Acquiring an image for analysis • Recovering deleted data • Password and encryption methods • Images and steganography • Tracing emails • Email analysis • Cell phones • PDA

  14. Investigative Mindset • Handling the Crime Scene • Ears, Eyes, Hands • Computer Evidence • Digital Evidence • Crime Scene investigation and boundaries • Searching and Collecting evidence • Do’s and Don’ts

  15. Criminal Mindset • Identify Theft • Pornography • Sexual Harassment • Embezzlement • Mail- Hate- Gambling across States- Drug Trafficking- Images • Understanding anti-forensic techniques to hide evidence

  16. Legal Aspects of Computer Forensics • Don’t commit a crime when manufacturing evidence • Verify the tools • Document everything

  17. Ethics • Do your job • Remove any personal agendas you may have about the case/investigation • Knowing it and proving it are 2 different things • State the facts as you see them • It is not your job to be Judge and/or Jury • Ethical Hacking

  18. Highlights • Professor in class challenges: • Time available after class for lab work • Student Technical Experience is varied • Evidence created could be hit or miss • Student creativity • Training/Certifications • Computer Usage Policy • White Hacker Policy

  19. Questions and Answer