SlideShare ist ein Scribd-Unternehmen logo

Cyber Forensics and Digital Evidence Analysis

subramanian K
subramanian K

requirement engineering for cyber forensics

Technologie
1 von 32
Downloaden Sie, um offline zu lesen
Cyber Forensics An intro & Requirement Engineering Prof. K. Subramanian SM(IEEE), SMACM, FIETE, LSMCSI,MAIMA,MAIS,MCFE,LM(CGAER) Academic Advocate ISACA(USA) in India Professor & Former Director, Advanced Center for Informatics & Innovative Learning (ACIIL), IGNOU HON.IT Adviser to CAG of India & Ex-DDG(NIC), Min of Communications & Information Technol9ogy Former President, Cyber Society of India Founder President, eInformation Systems Security Audit Association (eISSA), India 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 1
LOSS OF CREDIBILITY INTERCEPTION SOCIAL ENGINEERING ATTACK ACCIDENTAL DAMAGE AUTHORISATION PROGRAM CHANGE SCAVENGING DOCUMENTATION PASSWORDS AUDIT TRAILS NATURAL DISASTER TROJAN HORSES DATA EMBARRASSMENT DIDDLING INPUT VALIDATIONS IS BACKUPS VIRUS ATTACK ANTI-VIRUS ENCRYPTION SECURITY GUARDS FINANCIAL INCOMPLETE LOSS PROGRAM CHANGES HARDWARE MAINTENANCE BUSINESS CONTINUITY PLAN UNAUTHORISED ACCESS HARDWARE / SOFTWARE FAILURE FRAUD & THEFT LOSS OF LOSING TO CUSTOMERS COMPETITION 2 12/14/13 2 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013
Enterprise Management 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 3 3
Cyber/Information Forensics New Challenges  Evidence  Collection  Collation  Organization  Analysis  Presentation  Preservation  Acceptable to Judiciary  Environment  Identity Management  Access Mechanism   Local Remote  Single network  Multiple network  Access control    Password controlled Token Controlled Bio-metric Controlled  Encrypted/Non Encrypted 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 4 4
Whose Responsibility? Digital Forensics  Police/Investigators  Prosecutors  Auditors  Technologists What is required?     A highly trained manpower Appropriate tools Strong Cyber Law Certified Fraud Examiners Methods:      12/14/13 E-mail tracking Hard Disk forensics Decrypting of data Finding hidden/ embedded links Tracing compromised source servers 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 5 5
What could all this lead to? Loss of Confidential//Secret Information Loss of Confidential Secret Information Loss of intellectual property Loss of intellectual property Loss of customer confidence Loss of customer confidence Loss of Revenue Loss of Revenue Implications on social set up Implications on social set up CYBER TERRORISM CYBER TERRORISM 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 6 6
 Auditors fail to discover Fraud because they are not looking for it!  Victims seldom squeal! It is not good form to be the whistle blower, the bad guy, one who reveals all.  Human nature:  Hide failures not admit them  Conceal problems not discuss them  Defend wrong decisions not admit them  Cover up mistakes not own up 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 7 7
What is Forensic Audit? Forensic – “Belonging to, used in or suitable to courts of judicature or to public discussion and debate.   Audit - the process which identifies the extent of conformance (or otherwise) of actual events with intended events and pre-determined norms for different activity segments in accordance with established criteria. 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 8 8
Forensic Auditing  Forensic Auditing encompasses:  Fraud detection  Fraud investigation  Fraud prevention  Skills required of forensic accountants:  Accounting/Finance expertise  Fraud knowledge  Knowledge of legal system  Ability to work with people 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 9 9
Change in the focus of Forensic Audit  changing environment  technological advances  emerging expectations and the widening gap, and  changes in the profile of the fraudster and frauds and fraudster technologies themselves. 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 10 10
Financial Auditing vs. Fraud Auditing Financial Auditing  Program procedural approach  Control risk approach (focus on IC strengths)  Focus on errors and omissions 12/14/13 Fraud Auditing  Not program oriented  “Think like a crook” approach (focus on IC weaknesses)  Focus on exceptions, oddities, and patterns of conduct 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 11 11
Financial Auditing vs. Fraud Auditing Financial Auditing  Emphasis on materiality  Logical accounting and auditing background  Internal/external auditors are credited with finding about 4% to 20% of uncovered fraud 12/14/13 Fraud Auditing  “Where there’s smoke, there’s fire.”  Illogical, behavioral motive, opportunity, integrity  Fraud examiner rate much higher because fraud auditors are only called in when fraud is known or highly suspected. 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 12 12
Types of Frauds  Management Frauds  Direct Illegal Acts  Employee Frauds  White collar crimes 12/14/13  Corruption and bribing  Cyber/Net frauds  Cyber terrorism  InfoTech Warfare 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 13 13
 Forensic Audit should ensure that it is –  A means to an end  A guide to decision making  Enables improvement of society  Empowers decision makers with state of the art verifiable inputs  Enables enactment of effective laws  Promotes effective delivery of justice in accordance with the cannons and tenets 12/14/13 Cyber security & Cyber forensics seminar CSI-IETE March KS@2013 cit FDP coimbatore Dec 21,2013 12/14/13 Prof.28, 2009 14 14
Tools & Technologies  database,  Certified tool & Proprietary tool  Natural Methods of evidence Collection-  Built-in tools  Centralized Vs Decentralized & Distributed  Investigative Data Mining and Problems in Fraud Detection  Definitions  Technical and Practical Problems  Existing Fraud Detection Methods  Widely used methods  The Crime Detection Method  Comparisons with Minority Report  Classifiers as Precogs  Combining Output as Integration Mechanisms  Cluster Detection as Analytical Machinery  Visualization Techniques as Visual Symbols 12/14/13 machine learning, neural networks, data visualization, statistics, distributed data mining.  Communication & Network technologies          Wired Wireless Mobile Web & Internet Cyber security & Cyber forensics seminar CSI-IETE March KS@2013 cit FDP coimbatore Dec 21,2013 12/14/13 Prof.28, 2009 15 15
Implementing the Crime Detection System: Action Components Preparation components  Investigation objectives  Collected data  Preparation of collected data to achieve objectives 12/14/13  Which experiments generate best predictions?  Which is the best insight?  How can the new models and insights be deployed within an organization? 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 16 16
Fraud Detection Problems Technical & Practical Practical Technical • Imperfect data • – Usually not collected for data mining – Inaccurate, incomplete, and irrelevant data attributes • Highly skewed data – Many more legitimate than • fraudulent examples – Higher chances of over fitting • Black-box predictions – Numerical outputs – Predictive accuracy are useless for • skewed data sets Great variety of fraud scenarios over time Soft fraud – Cost of investigation > Cost of fraud – Hard fraud – Circumvents anti-fraud coimbatore Dec 21,2013 17 17 12/14/13 Prof. KS@2013 cit FDP measures incomprehensible to people 12/14/13 Lack of domain knowledge – Important attributes, likely relationships, and known patterns – Three types of fraud offenders and their modus operandi Assessing data mining potential –
Widely Used Methods in Fraud •Detection Insurance Fraud – Cluster detection -> decision tree induction -> domain knowledge, statistical summaries, and visualisations – Special case: neural network classification -> cluster detection • Credit Card Fraud – Decision tree and naive Bayesian classification -> stacking • Telecommunications Fraud – Cluster detection -> scores and rules 12/14/13 Cyber security & Cyber forensics seminar CSI-IETE March KS@2013 cit FDP coimbatore Dec 21,2013 12/14/13 Prof.28, 2009 18 18
The Crime Detection Method Comparisons with Minority Report • Precogs – Foresee and prevent crime – Each precog contains multiple classifiers • Integration Mechanisms – Combine predictions • Analytical Machinery – Record, study, compare, and represent predictions in simple terms – Single “computer” • Visual Symbols – Explain the final predictions – Graphical visualizations, numerical scores, and descriptive rules 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 19 19
Classifiers as Precogs Precog One: Naive Bayesian Classifiers – – – Statistical paradigm Simple and Fast Redundant and not normally distributed attributes* Precog Two: Classifiers – – – Computer metaphor Explain patterns and quite fast Scalability and efficiency Precog Three: Back-propagation Classifiers – – 12/14/13 Brain metaphor Long training times and extensive parameter tuning* 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 20 20
Combining Output as Integration Mechanisms • Cross Validation – Divides training data into eleven data partitions – Each data partition used for training, testing, and evaluation once* – Slightly better success rate • Bagging – Unweighted majority voting on each example or instance – Combine predictions from same algorithm or different algorithms* – Increases success rate 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 21
Combining Output as Integration Mechanisms • Stacking – Meta-classifier – Base classifiers present predictions to metaclassifier – Determines the most reliable classifiers 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 22 22
Cluster Detection as Analytical Machinery Visualisation Techniques as Visual Symbols • Analytical Machinery: Self Organising Maps – Clusters high dimensional elements into more simple, low dimensional maps – Automatically groups similar instances together – Do not specify an easy-to-understand model* • Visual Symbols: Classification and Clustering Visualisations – Classification visualisation – confusion matrix - naive Bayesian visualisation – Clustering visualisation - column grap 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 23 23
The Crime Detection System: •Preparation Component Problem Understanding – Determine investigation objectives - Choose - Explain – Assess situation - Available tools - Available data set - Cost model – Determine data mining objectives - Max hits/Min false alarms – Produce project plan - Time - Tools 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 24 24
The Crime Detection System: Preparation Component  Data Understanding  Describe data - Explore data - Claim trends by month - Age of vehicles - Age of policy holder  Verify data - Good data quality - Duplicate attribute, highly skewed attributes 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 25 25
The Crime Detection System: Preparation Component  Data Preparation  Select data - All, except one attribute, are retained for analysis  Clean data - Missing values replaced - Spelling mistakes corrected  Format data - All characters converted to lowercase - Underscore symbol  Construct data - Derived attributes - - Numerical input  Partition data - Data multiplication or oversampling - For example, 50/50 distribution 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 26 26
Implementing the Crime Detection System: Action Component 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 27 27
• Deployment – Plan deployment - Manage geographically distributed databases using distributed data mining - Take time into account – Plan monitoring and maintenance - Determined by rate of change in external environment and organisational requirements - Rebuild models when cost savings are below a certain percentage of maximum cost savings possible 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 28 28
• • • • • • • • New Crime Detection Method Crime Detection System Cost Model Visualisations Statistics Score-based Feature Extensive Literature Review In-depth Analysis of Algorithms 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 29 29
• Imperfect data – – – – Statistical evaluation and confidence intervals Preparation component of crime detection system Derived attributes Cross validation • Highly skewed data – Partitioned data with most appropriate distribution – Cost model • Black-box predictions – Classification and clustering visualisation – Sorted scores and predefined thresholds, rules 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 30 30
• Lack of domain knowledge – Action component of crime detection system – Extensive literature review • Great variety of fraud scenarios over time – SOM – Crime detection method – Choice of algorithms • Assessing data mining potential – Quality and quantity of data – Cost model – z-scores 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 31 31
 FOR FURTHER INFORMATION PLEASE CONTACT :- E-MAIL: ksdir@nic.in, ks@eissa.org;ksmanian@ignou.ac.in;   ksmanian48@gmail.com  91-11-29533068  Fax:91-11-29533068  ACIIL, Block &, Room 16,  Maidan Garhi, IGNOU  Open for Interaction? New Delhi-110068 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 32 32

Empfohlen

PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)Pace IT at Edmonds Community College
 
PACE-IT, Security + 5.1: Summary of Authentication Services
PACE-IT, Security + 5.1: Summary of Authentication ServicesPACE-IT, Security + 5.1: Summary of Authentication Services
PACE-IT, Security + 5.1: Summary of Authentication ServicesPace IT at Edmonds Community College
 
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)Pace IT at Edmonds Community College
 
Facilitating Scientific Collaborations by Delegating Identity Management
Facilitating Scientific Collaborations by Delegating Identity Management Facilitating Scientific Collaborations by Delegating Identity Management
Facilitating Scientific Collaborations by Delegating Identity Management Von Welch
 
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 2)
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 2)PACE-IT, Security+ 6.1: Introduction to Cryptography (part 2)
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 2)Pace IT at Edmonds Community College
 
PACE-IT, Security + 5.3: Security Controls for Account Management
PACE-IT, Security + 5.3: Security Controls for Account ManagementPACE-IT, Security + 5.3: Security Controls for Account Management
PACE-IT, Security + 5.3: Security Controls for Account ManagementPace IT at Edmonds Community College
 
Data Leakage Prevention - K. K. Mookhey
Data Leakage Prevention - K. K. MookheyData Leakage Prevention - K. K. Mookhey
Data Leakage Prevention - K. K. MookheyNetwork Intelligence India
 
A Proactive Approach in Network Forensic Investigation Process
A Proactive Approach in Network Forensic Investigation ProcessA Proactive Approach in Network Forensic Investigation Process
A Proactive Approach in Network Forensic Investigation ProcessEditor IJCATR
 

Empfohlen

PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)Pace IT at Edmonds Community College
 
PACE-IT, Security + 5.1: Summary of Authentication Services
PACE-IT, Security + 5.1: Summary of Authentication ServicesPACE-IT, Security + 5.1: Summary of Authentication Services
PACE-IT, Security + 5.1: Summary of Authentication ServicesPace IT at Edmonds Community College
 
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)Pace IT at Edmonds Community College
 
Facilitating Scientific Collaborations by Delegating Identity Management
Facilitating Scientific Collaborations by Delegating Identity Management Facilitating Scientific Collaborations by Delegating Identity Management
Facilitating Scientific Collaborations by Delegating Identity Management Von Welch
 
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 2)
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 2)PACE-IT, Security+ 6.1: Introduction to Cryptography (part 2)
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 2)Pace IT at Edmonds Community College
 
PACE-IT, Security + 5.3: Security Controls for Account Management
PACE-IT, Security + 5.3: Security Controls for Account ManagementPACE-IT, Security + 5.3: Security Controls for Account Management
PACE-IT, Security + 5.3: Security Controls for Account ManagementPace IT at Edmonds Community College
 
Data Leakage Prevention - K. K. Mookhey
Data Leakage Prevention - K. K. MookheyData Leakage Prevention - K. K. Mookhey
Data Leakage Prevention - K. K. MookheyNetwork Intelligence India
 
A Proactive Approach in Network Forensic Investigation Process
A Proactive Approach in Network Forensic Investigation ProcessA Proactive Approach in Network Forensic Investigation Process
A Proactive Approach in Network Forensic Investigation ProcessEditor IJCATR
 
PACE-IT, Security+ 4.1: Application Security Controls and Techniques
PACE-IT, Security+ 4.1: Application Security Controls and TechniquesPACE-IT, Security+ 4.1: Application Security Controls and Techniques
PACE-IT, Security+ 4.1: Application Security Controls and TechniquesPace IT at Edmonds Community College
 
Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Network Intelligence India
 
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)Pace IT at Edmonds Community College
 
Information Leakage & DLP
Information Leakage & DLPInformation Leakage & DLP
Information Leakage & DLPYun Lu
 
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)Pace IT at Edmonds Community College
 
PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)Pace IT at Edmonds Community College
 
PACE-IT, Security+ 6.2: Cryptographic Methods (part 1)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 1)PACE-IT, Security+ 6.2: Cryptographic Methods (part 1)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 1)Pace IT at Edmonds Community College
 
The Realm Of Digital Forensics
The Realm Of Digital ForensicsThe Realm Of Digital Forensics
The Realm Of Digital ForensicsDonald Tabone
 
DLP Executive Overview
DLP Executive OverviewDLP Executive Overview
DLP Executive OverviewKim Jensen
 
Symantec DLP for Tablet
Symantec DLP for TabletSymantec DLP for Tablet
Symantec DLP for TabletSymantec
 
Data Leakage Presentation
Data Leakage PresentationData Leakage Presentation
Data Leakage PresentationMike Spaulding
 
apsec 7 Golden Rules Data Leakage Prevention / DLP
apsec 7 Golden Rules Data Leakage Prevention / DLPapsec 7 Golden Rules Data Leakage Prevention / DLP
apsec 7 Golden Rules Data Leakage Prevention / DLPandreasschuster
 
2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deck2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deckRichard (Dick) Kaufman
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security madunix
 
Data Leakage Prevention
Data Leakage Prevention Data Leakage Prevention
Data Leakage Prevention Dhananjay Aloorkar
 
AI and ML in Cybersecurity
AI and ML in CybersecurityAI and ML in Cybersecurity
AI and ML in CybersecurityForcepoint LLC
 
ISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting GroupISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting Groupaengelbert
 
Shariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentationShariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentationShariyaz Abdeen
 
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...Forcepoint LLC
 
The forrester wave™ endpoint security software as a service, q2 2021
The forrester wave™ endpoint security software as a service, q2 2021The forrester wave™ endpoint security software as a service, q2 2021
The forrester wave™ endpoint security software as a service, q2 2021Andy Kwong
 
Cyber Crimes & Cyber Forensics
Cyber Crimes & Cyber ForensicsCyber Crimes & Cyber Forensics
Cyber Crimes & Cyber Forensicsjahanzebmunawar
 
Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensicsChaitanya Dhareshwar
 

Weitere ähnliche Inhalte

Was ist angesagt?

PACE-IT, Security+ 4.1: Application Security Controls and Techniques
PACE-IT, Security+ 4.1: Application Security Controls and TechniquesPACE-IT, Security+ 4.1: Application Security Controls and Techniques
PACE-IT, Security+ 4.1: Application Security Controls and TechniquesPace IT at Edmonds Community College
 
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)Pace IT at Edmonds Community College
 
Information Leakage & DLP
Information Leakage & DLPInformation Leakage & DLP
Information Leakage & DLPYun Lu
 
The Realm Of Digital Forensics
The Realm Of Digital ForensicsThe Realm Of Digital Forensics
The Realm Of Digital ForensicsDonald Tabone
 
DLP Executive Overview
DLP Executive OverviewDLP Executive Overview
DLP Executive OverviewKim Jensen
 
Symantec DLP for Tablet
Symantec DLP for TabletSymantec DLP for Tablet
Symantec DLP for TabletSymantec
 
Data Leakage Presentation
Data Leakage PresentationData Leakage Presentation
Data Leakage PresentationMike Spaulding
 
apsec 7 Golden Rules Data Leakage Prevention / DLP
apsec 7 Golden Rules Data Leakage Prevention / DLPapsec 7 Golden Rules Data Leakage Prevention / DLP
apsec 7 Golden Rules Data Leakage Prevention / DLPandreasschuster
 
2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deck2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deckRichard (Dick) Kaufman
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security madunix
 
AI and ML in Cybersecurity
AI and ML in CybersecurityAI and ML in Cybersecurity
AI and ML in CybersecurityForcepoint LLC
 
ISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting GroupISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting Groupaengelbert
 
Shariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentationShariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentationShariyaz Abdeen
 
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...Forcepoint LLC
 
The forrester wave™ endpoint security software as a service, q2 2021
The forrester wave™ endpoint security software as a service, q2 2021The forrester wave™ endpoint security software as a service, q2 2021
The forrester wave™ endpoint security software as a service, q2 2021Andy Kwong
 

Was ist angesagt? (20)

PACE-IT, Security+ 4.1: Application Security Controls and Techniques
PACE-IT, Security+ 4.1: Application Security Controls and TechniquesPACE-IT, Security+ 4.1: Application Security Controls and Techniques
PACE-IT, Security+ 4.1: Application Security Controls and Techniques
 
Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)
 
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)
 
Information Leakage & DLP
Information Leakage & DLPInformation Leakage & DLP
Information Leakage & DLP
 
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)
 
PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)
 
PACE-IT, Security+ 6.2: Cryptographic Methods (part 1)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 1)PACE-IT, Security+ 6.2: Cryptographic Methods (part 1)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 1)
 
The Realm Of Digital Forensics
The Realm Of Digital ForensicsThe Realm Of Digital Forensics
The Realm Of Digital Forensics
 
DLP Executive Overview
DLP Executive OverviewDLP Executive Overview
DLP Executive Overview
 
Symantec DLP for Tablet
Symantec DLP for TabletSymantec DLP for Tablet
Symantec DLP for Tablet
 
Data Leakage Presentation
Data Leakage PresentationData Leakage Presentation
Data Leakage Presentation
 
apsec 7 Golden Rules Data Leakage Prevention / DLP
apsec 7 Golden Rules Data Leakage Prevention / DLPapsec 7 Golden Rules Data Leakage Prevention / DLP
apsec 7 Golden Rules Data Leakage Prevention / DLP
 
2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deck2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deck
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security
 
Data Leakage Prevention
Data Leakage Prevention Data Leakage Prevention
Data Leakage Prevention
 
AI and ML in Cybersecurity
AI and ML in CybersecurityAI and ML in Cybersecurity
AI and ML in Cybersecurity
 
ISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting GroupISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting Group
 
Shariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentationShariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentation
 
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
 
The forrester wave™ endpoint security software as a service, q2 2021
The forrester wave™ endpoint security software as a service, q2 2021The forrester wave™ endpoint security software as a service, q2 2021
The forrester wave™ endpoint security software as a service, q2 2021
 

Andere mochten auch

Cyber Crimes & Cyber Forensics
Cyber Crimes & Cyber ForensicsCyber Crimes & Cyber Forensics
Cyber Crimes & Cyber Forensicsjahanzebmunawar
 
Cyber forensic 1
Cyber forensic 1Cyber forensic 1
Cyber forensic 1anilinvns
 
Deep web (Dark side)
Deep web (Dark side)Deep web (Dark side)
Deep web (Dark side)Zied ElAti
 
Cyber forensic standard operating procedures
Cyber forensic standard operating proceduresCyber forensic standard operating procedures
Cyber forensic standard operating proceduresSoumen Debgupta
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Digital Crime & Forensics - Presentation
Digital Crime & Forensics - PresentationDigital Crime & Forensics - Presentation
Digital Crime & Forensics - Presentationprashant3535
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
How ATM card skimming and PIN capturing scams work.
How ATM card skimming and PIN capturing scams work.How ATM card skimming and PIN capturing scams work.
How ATM card skimming and PIN capturing scams work.worldstuff
 

Andere mochten auch (11)

Cyber Crimes & Cyber Forensics
Cyber Crimes & Cyber ForensicsCyber Crimes & Cyber Forensics
Cyber Crimes & Cyber Forensics
 
Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensics
 
Cyber forensic 1
Cyber forensic 1Cyber forensic 1
Cyber forensic 1
 
Cyber crime and forensic
Cyber crime and forensicCyber crime and forensic
Cyber crime and forensic
 
Deep web (Dark side)
Deep web (Dark side)Deep web (Dark side)
Deep web (Dark side)
 
Cyber forensic standard operating procedures
Cyber forensic standard operating proceduresCyber forensic standard operating procedures
Cyber forensic standard operating procedures
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
 
Digital Crime & Forensics - Presentation
Digital Crime & Forensics - PresentationDigital Crime & Forensics - Presentation
Digital Crime & Forensics - Presentation
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
 
How ATM card skimming and PIN capturing scams work.
How ATM card skimming and PIN capturing scams work.How ATM card skimming and PIN capturing scams work.
How ATM card skimming and PIN capturing scams work.
 

Ähnlich wie Cyber Forensics and Digital Evidence Analysis

Application of Data Science in Cybersecurity.pptx
Application of Data Science in Cybersecurity.pptxApplication of Data Science in Cybersecurity.pptx
Application of Data Science in Cybersecurity.pptxchristinacammillus20
 
Securing And Protecting Information
Securing And Protecting InformationSecuring And Protecting Information
Securing And Protecting InformationLaura Martin
 
Digital forensics research: The next 10 years
Digital forensics research: The next 10 yearsDigital forensics research: The next 10 years
Digital forensics research: The next 10 yearsMehedi Hasan
 
The Anti-Forensics Challenge Kamal Dahbur [email pro.docx
The Anti-Forensics Challenge Kamal Dahbur [email pro.docxThe Anti-Forensics Challenge Kamal Dahbur [email pro.docx
The Anti-Forensics Challenge Kamal Dahbur [email pro.docxmehek4
 
The Anti-Forensics Challenge Kamal Dahbur [email pro.docx
The Anti-Forensics Challenge Kamal Dahbur [email pro.docxThe Anti-Forensics Challenge Kamal Dahbur [email pro.docx
The Anti-Forensics Challenge Kamal Dahbur [email pro.docxmattinsonjanel
 
Intrusion Detection System using Data Mining
Intrusion Detection System using Data MiningIntrusion Detection System using Data Mining
Intrusion Detection System using Data MiningIRJET Journal
 
Mobile Devices: Systemisation of Knowledge about Privacy Invasion Tactics and...
Mobile Devices: Systemisation of Knowledge about Privacy Invasion Tactics and...Mobile Devices: Systemisation of Knowledge about Privacy Invasion Tactics and...
Mobile Devices: Systemisation of Knowledge about Privacy Invasion Tactics and...CREST @ University of Adelaide
 
Life and science journal.pdf
Life and science journal.pdfLife and science journal.pdf
Life and science journal.pdfSarita30844
 
DATA SCIENCE METHODOLOGY FOR CYBERSECURITY PROJECTS
DATA SCIENCE METHODOLOGY FOR CYBERSECURITY PROJECTS DATA SCIENCE METHODOLOGY FOR CYBERSECURITY PROJECTS
DATA SCIENCE METHODOLOGY FOR CYBERSECURITY PROJECTS cscpconf
 
Intrusion Detection System Using Machine Learning: An Overview
Intrusion Detection System Using Machine Learning: An OverviewIntrusion Detection System Using Machine Learning: An Overview
Intrusion Detection System Using Machine Learning: An OverviewIRJET Journal
 
Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016Karl Kispert
 
ATTACK DETECTION AVAILING FEATURE DISCRETION USING RANDOM FOREST CLASSIFIER
ATTACK DETECTION AVAILING FEATURE DISCRETION USING RANDOM FOREST CLASSIFIERATTACK DETECTION AVAILING FEATURE DISCRETION USING RANDOM FOREST CLASSIFIER
ATTACK DETECTION AVAILING FEATURE DISCRETION USING RANDOM FOREST CLASSIFIERCSEIJJournal
 
Attack Detection Availing Feature Discretion using Random Forest Classifier
Attack Detection Availing Feature Discretion using Random Forest ClassifierAttack Detection Availing Feature Discretion using Random Forest Classifier
Attack Detection Availing Feature Discretion using Random Forest ClassifierCSEIJJournal
 
Data mining and privacy preserving in data mining
Data mining and privacy preserving in data miningData mining and privacy preserving in data mining
Data mining and privacy preserving in data miningNeeda Multani
 

Ähnlich wie Cyber Forensics and Digital Evidence Analysis (20)

Application of Data Science in Cybersecurity.pptx
Application of Data Science in Cybersecurity.pptxApplication of Data Science in Cybersecurity.pptx
Application of Data Science in Cybersecurity.pptx
 
A45010107
A45010107A45010107
A45010107
 
A45010107
A45010107A45010107
A45010107
 
Securing And Protecting Information
Securing And Protecting InformationSecuring And Protecting Information
Securing And Protecting Information
 
Digital forensics research: The next 10 years
Digital forensics research: The next 10 yearsDigital forensics research: The next 10 years
Digital forensics research: The next 10 years
 
The Anti-Forensics Challenge Kamal Dahbur [email pro.docx
The Anti-Forensics Challenge Kamal Dahbur [email pro.docxThe Anti-Forensics Challenge Kamal Dahbur [email pro.docx
The Anti-Forensics Challenge Kamal Dahbur [email pro.docx
 
The Anti-Forensics Challenge Kamal Dahbur [email pro.docx
The Anti-Forensics Challenge Kamal Dahbur [email pro.docxThe Anti-Forensics Challenge Kamal Dahbur [email pro.docx
The Anti-Forensics Challenge Kamal Dahbur [email pro.docx
 
Intrusion Detection System using Data Mining
Intrusion Detection System using Data MiningIntrusion Detection System using Data Mining
Intrusion Detection System using Data Mining
 
Mobile Devices: Systemisation of Knowledge about Privacy Invasion Tactics and...
Mobile Devices: Systemisation of Knowledge about Privacy Invasion Tactics and...Mobile Devices: Systemisation of Knowledge about Privacy Invasion Tactics and...
Mobile Devices: Systemisation of Knowledge about Privacy Invasion Tactics and...
 
Life and science journal.pdf
Life and science journal.pdfLife and science journal.pdf
Life and science journal.pdf
 
DATA SCIENCE METHODOLOGY FOR CYBERSECURITY PROJECTS
DATA SCIENCE METHODOLOGY FOR CYBERSECURITY PROJECTS DATA SCIENCE METHODOLOGY FOR CYBERSECURITY PROJECTS
DATA SCIENCE METHODOLOGY FOR CYBERSECURITY PROJECTS
 
Network Intrusion Detection using MRF Technique
Network Intrusion Detection using MRF Technique Network Intrusion Detection using MRF Technique
Network Intrusion Detection using MRF Technique
 
Information Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based ApproachInformation Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based Approach
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
 
Intrusion Detection System Using Machine Learning: An Overview
Intrusion Detection System Using Machine Learning: An OverviewIntrusion Detection System Using Machine Learning: An Overview
Intrusion Detection System Using Machine Learning: An Overview
 
Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016
 
M0446772
M0446772M0446772
M0446772
 
ATTACK DETECTION AVAILING FEATURE DISCRETION USING RANDOM FOREST CLASSIFIER
ATTACK DETECTION AVAILING FEATURE DISCRETION USING RANDOM FOREST CLASSIFIERATTACK DETECTION AVAILING FEATURE DISCRETION USING RANDOM FOREST CLASSIFIER
ATTACK DETECTION AVAILING FEATURE DISCRETION USING RANDOM FOREST CLASSIFIER
 
Attack Detection Availing Feature Discretion using Random Forest Classifier
Attack Detection Availing Feature Discretion using Random Forest ClassifierAttack Detection Availing Feature Discretion using Random Forest Classifier
Attack Detection Availing Feature Discretion using Random Forest Classifier
 
Data mining and privacy preserving in data mining
Data mining and privacy preserving in data miningData mining and privacy preserving in data mining
Data mining and privacy preserving in data mining
 

Mehr von subramanian K

Iob gm's lecture 7th jan 2014 GRC and corporate governance in Financial serv...
Iob gm's lecture 7th jan 2014 GRC and corporate governance in Financial serv...Iob gm's lecture 7th jan 2014 GRC and corporate governance in Financial serv...
Iob gm's lecture 7th jan 2014 GRC and corporate governance in Financial serv...subramanian K
 
Innovation,knowledge management & productivity laxammal college,chennai jan 14
Innovation,knowledge management & productivity laxammal college,chennai jan 14Innovation,knowledge management & productivity laxammal college,chennai jan 14
Innovation,knowledge management & productivity laxammal college,chennai jan 14subramanian K
 
Innovations in ict for mitigating environmental challenges
Innovations in ict for mitigating environmental challengesInnovations in ict for mitigating environmental challenges
Innovations in ict for mitigating environmental challengessubramanian K
 
security and assurance lecture jan 14
security and assurance lecture jan 14security and assurance lecture jan 14
security and assurance lecture jan 14subramanian K
 
Csi taramani lecture jan 14 quality assurance in education
Csi taramani lecture jan 14 quality assurance in educationCsi taramani lecture jan 14 quality assurance in education
Csi taramani lecture jan 14 quality assurance in educationsubramanian K
 
Assocham conf grc sept 13
Assocham conf grc sept 13Assocham conf grc sept 13
Assocham conf grc sept 13subramanian K
 
Ieee cs lecture sep 2013 digital economy and new generation workforce
Ieee cs lecture sep 2013 digital economy and new generation workforceIeee cs lecture sep 2013 digital economy and new generation workforce
Ieee cs lecture sep 2013 digital economy and new generation workforcesubramanian K
 
Renaissance of electronic engineering fuelling india’s growth ieee-te event k...
Renaissance of electronic engineering fuelling india’s growth ieee-te event k...Renaissance of electronic engineering fuelling india’s growth ieee-te event k...
Renaissance of electronic engineering fuelling india’s growth ieee-te event k...subramanian K
 
Skim lecture @national conference on technoly, innovation & chnge management ...
Skim lecture @national conference on technoly, innovation & chnge management ...Skim lecture @national conference on technoly, innovation & chnge management ...
Skim lecture @national conference on technoly, innovation & chnge management ...subramanian K
 
Security architecture rajagiri talk march 2011
Security architecture rajagiri talk march 2011Security architecture rajagiri talk march 2011
Security architecture rajagiri talk march 2011subramanian K
 
M86 security predictions 2011
M86 security predictions 2011M86 security predictions 2011
M86 security predictions 2011subramanian K
 
Iipa lecture km & good governance jan 12 2011
Iipa lecture km & good governance jan 12 2011Iipa lecture km & good governance jan 12 2011
Iipa lecture km & good governance jan 12 2011subramanian K
 
Ict4 e india and south asia full report
Ict4 e india and south asia full reportIct4 e india and south asia full report
Ict4 e india and south asia full reportsubramanian K
 
Financial inclusion cbt presentation feb 2011
Financial inclusion cbt presentation feb 2011Financial inclusion cbt presentation feb 2011
Financial inclusion cbt presentation feb 2011subramanian K
 
Project Management To Project Governance , Knowledge Management
Project Management To Project Governance , Knowledge ManagementProject Management To Project Governance , Knowledge Management
Project Management To Project Governance , Knowledge Managementsubramanian K
 
Itz Lecture Bi & Web Tech Standards Feb 2009
Itz Lecture Bi & Web Tech Standards Feb 2009Itz Lecture Bi & Web Tech Standards Feb 2009
Itz Lecture Bi & Web Tech Standards Feb 2009subramanian K
 
Empowering The Educators India R & D 2009 Jan 2009
Empowering The Educators India R & D 2009 Jan 2009Empowering The Educators India R & D 2009 Jan 2009
Empowering The Educators India R & D 2009 Jan 2009subramanian K
 
Education ~Skill Development Assocham Conf Feb 2009
Education ~Skill Development Assocham Conf Feb 2009Education ~Skill Development Assocham Conf Feb 2009
Education ~Skill Development Assocham Conf Feb 2009subramanian K
 
Architecting E Governance Space Npc Lecture Feb 2009
Architecting E Governance Space Npc Lecture Feb 2009Architecting E Governance Space Npc Lecture Feb 2009
Architecting E Governance Space Npc Lecture Feb 2009subramanian K
 

Mehr von subramanian K (20)

Iob gm's lecture 7th jan 2014 GRC and corporate governance in Financial serv...
Iob gm's lecture 7th jan 2014 GRC and corporate governance in Financial serv...Iob gm's lecture 7th jan 2014 GRC and corporate governance in Financial serv...
Iob gm's lecture 7th jan 2014 GRC and corporate governance in Financial serv...
 
Innovation,knowledge management & productivity laxammal college,chennai jan 14
Innovation,knowledge management & productivity laxammal college,chennai jan 14Innovation,knowledge management & productivity laxammal college,chennai jan 14
Innovation,knowledge management & productivity laxammal college,chennai jan 14
 
Innovations in ict for mitigating environmental challenges
Innovations in ict for mitigating environmental challengesInnovations in ict for mitigating environmental challenges
Innovations in ict for mitigating environmental challenges
 
security and assurance lecture jan 14
security and assurance lecture jan 14security and assurance lecture jan 14
security and assurance lecture jan 14
 
Csi taramani lecture jan 14 quality assurance in education
Csi taramani lecture jan 14 quality assurance in educationCsi taramani lecture jan 14 quality assurance in education
Csi taramani lecture jan 14 quality assurance in education
 
Assocham conf grc sept 13
Assocham conf grc sept 13Assocham conf grc sept 13
Assocham conf grc sept 13
 
Ieee cs lecture sep 2013 digital economy and new generation workforce
Ieee cs lecture sep 2013 digital economy and new generation workforceIeee cs lecture sep 2013 digital economy and new generation workforce
Ieee cs lecture sep 2013 digital economy and new generation workforce
 
Renaissance of electronic engineering fuelling india’s growth ieee-te event k...
Renaissance of electronic engineering fuelling india’s growth ieee-te event k...Renaissance of electronic engineering fuelling india’s growth ieee-te event k...
Renaissance of electronic engineering fuelling india’s growth ieee-te event k...
 
Skim lecture @national conference on technoly, innovation & chnge management ...
Skim lecture @national conference on technoly, innovation & chnge management ...Skim lecture @national conference on technoly, innovation & chnge management ...
Skim lecture @national conference on technoly, innovation & chnge management ...
 
Security architecture rajagiri talk march 2011
Security architecture rajagiri talk march 2011Security architecture rajagiri talk march 2011
Security architecture rajagiri talk march 2011
 
M86 security predictions 2011
M86 security predictions 2011M86 security predictions 2011
M86 security predictions 2011
 
Its report 050516
Its report 050516Its report 050516
Its report 050516
 
Iipa lecture km & good governance jan 12 2011
Iipa lecture km & good governance jan 12 2011Iipa lecture km & good governance jan 12 2011
Iipa lecture km & good governance jan 12 2011
 
Ict4 e india and south asia full report
Ict4 e india and south asia full reportIct4 e india and south asia full report
Ict4 e india and south asia full report
 
Financial inclusion cbt presentation feb 2011
Financial inclusion cbt presentation feb 2011Financial inclusion cbt presentation feb 2011
Financial inclusion cbt presentation feb 2011
 
Project Management To Project Governance , Knowledge Management
Project Management To Project Governance , Knowledge ManagementProject Management To Project Governance , Knowledge Management
Project Management To Project Governance , Knowledge Management
 
Itz Lecture Bi & Web Tech Standards Feb 2009
Itz Lecture Bi & Web Tech Standards Feb 2009Itz Lecture Bi & Web Tech Standards Feb 2009
Itz Lecture Bi & Web Tech Standards Feb 2009
 
Empowering The Educators India R & D 2009 Jan 2009
Empowering The Educators India R & D 2009 Jan 2009Empowering The Educators India R & D 2009 Jan 2009
Empowering The Educators India R & D 2009 Jan 2009
 
Education ~Skill Development Assocham Conf Feb 2009
Education ~Skill Development Assocham Conf Feb 2009Education ~Skill Development Assocham Conf Feb 2009
Education ~Skill Development Assocham Conf Feb 2009
 
Architecting E Governance Space Npc Lecture Feb 2009
Architecting E Governance Space Npc Lecture Feb 2009Architecting E Governance Space Npc Lecture Feb 2009
Architecting E Governance Space Npc Lecture Feb 2009
 

Kürzlich hochgeladen

DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 

Kürzlich hochgeladen (20)

DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 

Cyber Forensics and Digital Evidence Analysis

  • 1. Cyber Forensics An intro & Requirement Engineering Prof. K. Subramanian SM(IEEE), SMACM, FIETE, LSMCSI,MAIMA,MAIS,MCFE,LM(CGAER) Academic Advocate ISACA(USA) in India Professor & Former Director, Advanced Center for Informatics & Innovative Learning (ACIIL), IGNOU HON.IT Adviser to CAG of India & Ex-DDG(NIC), Min of Communications & Information Technol9ogy Former President, Cyber Society of India Founder President, eInformation Systems Security Audit Association (eISSA), India 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 1
  • 2. LOSS OF CREDIBILITY INTERCEPTION SOCIAL ENGINEERING ATTACK ACCIDENTAL DAMAGE AUTHORISATION PROGRAM CHANGE SCAVENGING DOCUMENTATION PASSWORDS AUDIT TRAILS NATURAL DISASTER TROJAN HORSES DATA EMBARRASSMENT DIDDLING INPUT VALIDATIONS IS BACKUPS VIRUS ATTACK ANTI-VIRUS ENCRYPTION SECURITY GUARDS FINANCIAL INCOMPLETE LOSS PROGRAM CHANGES HARDWARE MAINTENANCE BUSINESS CONTINUITY PLAN UNAUTHORISED ACCESS HARDWARE / SOFTWARE FAILURE FRAUD & THEFT LOSS OF LOSING TO CUSTOMERS COMPETITION 2 12/14/13 2 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013
  • 3. Enterprise Management 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 3 3
  • 4. Cyber/Information Forensics New Challenges  Evidence  Collection  Collation  Organization  Analysis  Presentation  Preservation  Acceptable to Judiciary  Environment  Identity Management  Access Mechanism   Local Remote  Single network  Multiple network  Access control    Password controlled Token Controlled Bio-metric Controlled  Encrypted/Non Encrypted 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 4 4
  • 5. Whose Responsibility? Digital Forensics  Police/Investigators  Prosecutors  Auditors  Technologists What is required?     A highly trained manpower Appropriate tools Strong Cyber Law Certified Fraud Examiners Methods:      12/14/13 E-mail tracking Hard Disk forensics Decrypting of data Finding hidden/ embedded links Tracing compromised source servers 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 5 5
  • 6. What could all this lead to? Loss of Confidential//Secret Information Loss of Confidential Secret Information Loss of intellectual property Loss of intellectual property Loss of customer confidence Loss of customer confidence Loss of Revenue Loss of Revenue Implications on social set up Implications on social set up CYBER TERRORISM CYBER TERRORISM 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 6 6
  • 7.  Auditors fail to discover Fraud because they are not looking for it!  Victims seldom squeal! It is not good form to be the whistle blower, the bad guy, one who reveals all.  Human nature:  Hide failures not admit them  Conceal problems not discuss them  Defend wrong decisions not admit them  Cover up mistakes not own up 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 7 7
  • 8. What is Forensic Audit? Forensic – “Belonging to, used in or suitable to courts of judicature or to public discussion and debate.   Audit - the process which identifies the extent of conformance (or otherwise) of actual events with intended events and pre-determined norms for different activity segments in accordance with established criteria. 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 8 8
  • 9. Forensic Auditing  Forensic Auditing encompasses:  Fraud detection  Fraud investigation  Fraud prevention  Skills required of forensic accountants:  Accounting/Finance expertise  Fraud knowledge  Knowledge of legal system  Ability to work with people 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 9 9
  • 10. Change in the focus of Forensic Audit  changing environment  technological advances  emerging expectations and the widening gap, and  changes in the profile of the fraudster and frauds and fraudster technologies themselves. 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 10 10
  • 11. Financial Auditing vs. Fraud Auditing Financial Auditing  Program procedural approach  Control risk approach (focus on IC strengths)  Focus on errors and omissions 12/14/13 Fraud Auditing  Not program oriented  “Think like a crook” approach (focus on IC weaknesses)  Focus on exceptions, oddities, and patterns of conduct 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 11 11
  • 12. Financial Auditing vs. Fraud Auditing Financial Auditing  Emphasis on materiality  Logical accounting and auditing background  Internal/external auditors are credited with finding about 4% to 20% of uncovered fraud 12/14/13 Fraud Auditing  “Where there’s smoke, there’s fire.”  Illogical, behavioral motive, opportunity, integrity  Fraud examiner rate much higher because fraud auditors are only called in when fraud is known or highly suspected. 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 12 12
  • 13. Types of Frauds  Management Frauds  Direct Illegal Acts  Employee Frauds  White collar crimes 12/14/13  Corruption and bribing  Cyber/Net frauds  Cyber terrorism  InfoTech Warfare 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 13 13
  • 14.  Forensic Audit should ensure that it is –  A means to an end  A guide to decision making  Enables improvement of society  Empowers decision makers with state of the art verifiable inputs  Enables enactment of effective laws  Promotes effective delivery of justice in accordance with the cannons and tenets 12/14/13 Cyber security & Cyber forensics seminar CSI-IETE March KS@2013 cit FDP coimbatore Dec 21,2013 12/14/13 Prof.28, 2009 14 14
  • 15. Tools & Technologies  database,  Certified tool & Proprietary tool  Natural Methods of evidence Collection-  Built-in tools  Centralized Vs Decentralized & Distributed  Investigative Data Mining and Problems in Fraud Detection  Definitions  Technical and Practical Problems  Existing Fraud Detection Methods  Widely used methods  The Crime Detection Method  Comparisons with Minority Report  Classifiers as Precogs  Combining Output as Integration Mechanisms  Cluster Detection as Analytical Machinery  Visualization Techniques as Visual Symbols 12/14/13 machine learning, neural networks, data visualization, statistics, distributed data mining.  Communication & Network technologies          Wired Wireless Mobile Web & Internet Cyber security & Cyber forensics seminar CSI-IETE March KS@2013 cit FDP coimbatore Dec 21,2013 12/14/13 Prof.28, 2009 15 15
  • 16. Implementing the Crime Detection System: Action Components Preparation components  Investigation objectives  Collected data  Preparation of collected data to achieve objectives 12/14/13  Which experiments generate best predictions?  Which is the best insight?  How can the new models and insights be deployed within an organization? 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 16 16
  • 17. Fraud Detection Problems Technical & Practical Practical Technical • Imperfect data • – Usually not collected for data mining – Inaccurate, incomplete, and irrelevant data attributes • Highly skewed data – Many more legitimate than • fraudulent examples – Higher chances of over fitting • Black-box predictions – Numerical outputs – Predictive accuracy are useless for • skewed data sets Great variety of fraud scenarios over time Soft fraud – Cost of investigation > Cost of fraud – Hard fraud – Circumvents anti-fraud coimbatore Dec 21,2013 17 17 12/14/13 Prof. KS@2013 cit FDP measures incomprehensible to people 12/14/13 Lack of domain knowledge – Important attributes, likely relationships, and known patterns – Three types of fraud offenders and their modus operandi Assessing data mining potential –
  • 18. Widely Used Methods in Fraud •Detection Insurance Fraud – Cluster detection -> decision tree induction -> domain knowledge, statistical summaries, and visualisations – Special case: neural network classification -> cluster detection • Credit Card Fraud – Decision tree and naive Bayesian classification -> stacking • Telecommunications Fraud – Cluster detection -> scores and rules 12/14/13 Cyber security & Cyber forensics seminar CSI-IETE March KS@2013 cit FDP coimbatore Dec 21,2013 12/14/13 Prof.28, 2009 18 18
  • 19. The Crime Detection Method Comparisons with Minority Report • Precogs – Foresee and prevent crime – Each precog contains multiple classifiers • Integration Mechanisms – Combine predictions • Analytical Machinery – Record, study, compare, and represent predictions in simple terms – Single “computer” • Visual Symbols – Explain the final predictions – Graphical visualizations, numerical scores, and descriptive rules 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 19 19
  • 20. Classifiers as Precogs Precog One: Naive Bayesian Classifiers – – – Statistical paradigm Simple and Fast Redundant and not normally distributed attributes* Precog Two: Classifiers – – – Computer metaphor Explain patterns and quite fast Scalability and efficiency Precog Three: Back-propagation Classifiers – – 12/14/13 Brain metaphor Long training times and extensive parameter tuning* 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 20 20
  • 21. Combining Output as Integration Mechanisms • Cross Validation – Divides training data into eleven data partitions – Each data partition used for training, testing, and evaluation once* – Slightly better success rate • Bagging – Unweighted majority voting on each example or instance – Combine predictions from same algorithm or different algorithms* – Increases success rate 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 21
  • 22. Combining Output as Integration Mechanisms • Stacking – Meta-classifier – Base classifiers present predictions to metaclassifier – Determines the most reliable classifiers 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 22 22
  • 23. Cluster Detection as Analytical Machinery Visualisation Techniques as Visual Symbols • Analytical Machinery: Self Organising Maps – Clusters high dimensional elements into more simple, low dimensional maps – Automatically groups similar instances together – Do not specify an easy-to-understand model* • Visual Symbols: Classification and Clustering Visualisations – Classification visualisation – confusion matrix - naive Bayesian visualisation – Clustering visualisation - column grap 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 23 23
  • 24. The Crime Detection System: •Preparation Component Problem Understanding – Determine investigation objectives - Choose - Explain – Assess situation - Available tools - Available data set - Cost model – Determine data mining objectives - Max hits/Min false alarms – Produce project plan - Time - Tools 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 24 24
  • 25. The Crime Detection System: Preparation Component  Data Understanding  Describe data - Explore data - Claim trends by month - Age of vehicles - Age of policy holder  Verify data - Good data quality - Duplicate attribute, highly skewed attributes 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 25 25
  • 26. The Crime Detection System: Preparation Component  Data Preparation  Select data - All, except one attribute, are retained for analysis  Clean data - Missing values replaced - Spelling mistakes corrected  Format data - All characters converted to lowercase - Underscore symbol  Construct data - Derived attributes - - Numerical input  Partition data - Data multiplication or oversampling - For example, 50/50 distribution 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 26 26
  • 27. Implementing the Crime Detection System: Action Component 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 27 27
  • 28. • Deployment – Plan deployment - Manage geographically distributed databases using distributed data mining - Take time into account – Plan monitoring and maintenance - Determined by rate of change in external environment and organisational requirements - Rebuild models when cost savings are below a certain percentage of maximum cost savings possible 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 28 28
  • 29. • • • • • • • • New Crime Detection Method Crime Detection System Cost Model Visualisations Statistics Score-based Feature Extensive Literature Review In-depth Analysis of Algorithms 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 29 29
  • 30. • Imperfect data – – – – Statistical evaluation and confidence intervals Preparation component of crime detection system Derived attributes Cross validation • Highly skewed data – Partitioned data with most appropriate distribution – Cost model • Black-box predictions – Classification and clustering visualisation – Sorted scores and predefined thresholds, rules 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 30 30
  • 31. • Lack of domain knowledge – Action component of crime detection system – Extensive literature review • Great variety of fraud scenarios over time – SOM – Crime detection method – Choice of algorithms • Assessing data mining potential – Quality and quantity of data – Cost model – z-scores 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 31 31
  • 32.  FOR FURTHER INFORMATION PLEASE CONTACT :- E-MAIL: ksdir@nic.in, ks@eissa.org;ksmanian@ignou.ac.in;   ksmanian48@gmail.com  91-11-29533068  Fax:91-11-29533068  ACIIL, Block &, Room 16,  Maidan Garhi, IGNOU  Open for Interaction? New Delhi-110068 12/14/13 12/14/13 Prof. KS@2013 cit FDP coimbatore Dec 21,2013 32 32