1 / 0

Digital Crime Can Computer Forensics Save Us?

Digital Crime Can Computer Forensics Save Us?. Darren Hayes March, 2009. Objectives. Understanding Crime  Understanding Security Understanding Computer Forensics  Understand Compromises Understand How to be Proactive Learn how to Investigate Ownership Control Intent.

lucita
Télécharger la présentation

Digital Crime Can Computer Forensics Save Us?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Digital CrimeCan Computer Forensics Save Us?

    Darren HayesMarch, 2009
  2. Objectives Understanding Crime  Understanding Security Understanding Computer Forensics  Understand Compromises Understand How to be Proactive Learn how to Investigate Ownership Control Intent
  3. Changes in Digital Crime Criminal Minds Better understanding of covering tracks Impersonation International Criminals More influence from international crime
  4. Control of Computers Botnets RoBOTNETworks 1.5 Million computers infected Uses IRC 70% Spam  Botnets
  5. Spamhaus
  6. Spamhaus Name: “Bad Cow” Country: Russian Federation Russian/American spammer. Does "OEM CD" pirated software spam, copy-cat pharmaceuticals, porn spam, porn payment collection, etc. Spams using virus-created botnets and seems to be involved in virus distribution. Partnered with Vlad - aka "Mr. Green"
  7. Xsox Lease Botnets Proxy Attacks DELBOT Used to render computers useless
  8. Xsox
  9. Hide Identity Russian Business Network Money Mules Anyproxy.net Russian Web Proxy Server 4,220 US users Vip72.com Endless supply of Proxy Servers 8,000 US monthly subscribers
  10. Hide Identity Loads.cc Botnets By hackers for hackers Allows you to spread your malware Fraud Crew
  11. Fraud Crew
  12. Botnet Crime Credit Card Fraud Card Forms Preauthorization Primarily Used for Online Gambling Spam Stock Manipulation Online Poll Manipulation
  13. Network Attacks Spear Phishing Government contractor compromised
  14. Cellular Phone Forensics
  15. Overview 2002 – First Imaging Software for CellphonesMade Available 2008 – Memory Dump Available on 40% of Cellphones Mandate – GPS Chip in Every Cellphoneby 2009
  16. Different Forensics Communication through Embedded Chip Different File System Active Memory Storage Smaller Onboard Capacity
  17. iPhone File System Depends on Chip Solid State Memory Larger Storage Capacity Multi-tier Wireless Communication Bit-stream Memory Image Marketing Tracking Device Avg. Memory Capture: 1.4 tb
  18. Blackberry Move from Business  Consumer IPD Backup on Desktop Timestamped Unencrypted 65 Primary databases Parsed to be viewed
  19. Computer Forensics in Practice?
  20. Enron Fastow, Skilling & Lay found Guilty Hundreds of Employee Computers Examined Thousands of E-mails Researched Documents Required Full Text Search Capabilities 31 Terabytes (1012 bytes) of Data (~15 Academic Libraries)
  21. Virginia Tech Massacre Killer: Seung-Hui Cho 32 Murdered Ebay Searches
  22. Scott Peterson Murder Trial Searched Online for Boats Boat Ramps Tides Knots
  23. Toys R Us Fraud Case Gift Cards Scam NYC & Chicago Kings County D.A. Evidence AOL (Login times) Toys R Us (Activity Logs) UPS (Delivery Logs) Computer
  24. Passwords Websites Visited Emails (Sent / Received) File Creation, Access, Modified, Deletion Dates & Times Chat Sessions Files Copied Programs Installed Files Transferred Images Viewed or Saved Data Recovered
  25. Hard Disk Floppy Disk Zip Disk CD DVD Blackberry USB Tapes TiVo Xbox DVR Smartphone Devices
  26. In the Classroom
  27. Microsoft Applications PowerPoint Student Presentations Lab Layout Link
  28. Microsoft Applications Excel Crimes Hardware Inventory Evidence Form Link Word Research Paper Evidence Form Link
  29. Web Design
  30. Other Applications YouTube Podcasting (www.camstudio.org) Blogging (www.blosxom.com or www.wordpress.org) Wikis (www.wikispaces.com) Social Networking (www.ning.com) Mashups (www.popfly.com)
  31. Computer Forensics Software Helix (Imaging) FTK (Imager) Invisible Secrets (Steganography) Wireshark (Network Tracking) Snort (Network Intrusion Prevention System) Nmap (Security Auditing) S-Tool (Center for Internet Security) Vmware (Reverse-Engineer Malware)
  32. Resources http://berghel.com/home.php http://www.simson.net/cv/pubs.php http://www.cylab.cmu.edu/ http://www.wireshark.org/ http://www.swgde.org/ http://www.rcfl.gov http://www.ssddfj.org/
  33. Summary Rise in Botnet Activity Anonymous Users Organized Crime Decrease in Password Cracking Increase in Network Attacks Increasing Importance of Mobile Forensics
More Related