SlideShare ist ein Scribd-Unternehmen logo

Digital forensics ahmed emam

Als PPTX, PDF herunterladen
ahmad abdelhafeez
ahmad abdelhafeez

network,security

Ingenieurwesen
1 von 27
Digital Forensics Presented by: Ahmed Emam Presented to: Dr. Ashraf Tammam
Outline • Introduction • Categories • History • Review • Types of computer crimes and investigations. • Anti-forensics • Future Challenges • Real life cases • Conclusion • References
Introduction • Your computer will betray you. • Change is inevitable. • digital forensics is still in its infancy.
Introduction – cntd’ According to a study by University of California – Berkeley in 2001. It was found that 93% of all new information at that time was created entirely in digital format.
What? • Forensics is the application of science to solve a legal problem. • Digital Forensics is the preservation, identification, extraction, interpretation and documentation of computer evidence which can be used in the court of law. • In Forensic Magazine, Ken Zatyko defined digital forensics this way: “The application of computer science and investigative procedures for a legal purpose involving the analysis of digital evidence after proper search authority, chain of custody, validation with mathematics, use of validated tools, repeatability, reporting, and possible expert presentation.”
Digital Forensics Categories
History • The field started to emerge in the 1980’s. • Since the late 1970s the amount of crime involving computers has been growing very quickly, creating a need for constantly developing forensic tools and practices. • The first computer crimes were recognized in the 1978 Florida Computer Crimes Act, which included legislation against the unauthorized modification or deletion of data on a computer system. • In the 1980’s, the federal laws began to incorporate computer offences and Canada was the first country to pass legislation in 1983. • Starting 2000, in response to the need for standardization, various bodies and agencies have published guidelines for digital forensics. • Many of the early members were computer hobbyists and became responsible for the field's initial research and direction. • One of the first practical (or at least publicized) examples of digital forensics was Cliff Stoll's pursuit of hacker Markus Hess in 1986.
Review – Why and Who? • Why? - Due to the growth in computer crime law enforcement agencies began establishing specialized groups to handle the technical aspects of investigations. • Who? - Criminal Prosecutors & law enforcement agencies, Insurance Companies, Private Corporations.
Review – How?
Types of Computer Crimes and Investigations • Types of Computer Crimes:  Computer based crimes.  Computer facilitated crimes. • Types of Investigations:  Criminal forensics.  Intelligence gathering.  civil litigation – Also known as Electronic discovery (eDiscovery).  Intrusion investigation.  administrative matters.
Conditions of Reliability • The “conditions of reliability” are generally the same for most jurisdictions and it was stated that electronic copies of data are admissible provided that:  They were from the indicated source.  They were acquired using proven tools and techniques.  They have not been altered since the time of acquisition.
Challenges – Digital Forensics • Digital evidence accepted into court. • Costs. • Presents the potential for exposing privileged documents. • Legal practitioners must have extensive computer knowledge.
Locard’s Exchange Principle • “Wherever he steps, whatever he touches, whatever he leaves, even unconsciously, will serve as a silent witness against him. Not only his fingerprints or his footprints, but his hair, the fibers from his clothes, the glass he breaks, the tool mark he leaves, the paint he scratches, the blood or semen he deposits or collects. All of these and more, bear mute witness against him. This is evidence that does not forget. It is not confused by the excitement of the moment. It is not absent because human witnesses are. It is factual evidence. Physical evidence cannot be wrong, it cannot perjure itself, it cannot be wholly absent. Only human failure to find it, study and understand it, can diminish its value.” • It can be interpreted as follows: In the physical world, when perpetrators enter or leave a crime scene, they will leave something behind and take something with them. Examples include DNA, latent prints, hair, and fibers
Locard’s Analogy for Digital Forensics • Registry keys and log files can serve as the digital equivalent to hair and fiber. • Like DNA, our ability to detect and analyze these artifacts relies heavily on the technology available at the time. • Viewing a device or incident through the “lens” of Locard’s principle can be very helpful in locating and interpreting not only physical but digital evidence as well.
The field of Anti-forensics • To counter the relatively new forensic advances, anti- forensic tools and techniques are cropping up in significant numbers. • They are being used by criminals, terrorists, and corporate executives. • Definition: “an approach to manipulate, erase, or obfuscate digital data or to make its examination difficult, time consuming, or virtually impossible”
Several Techniques for Anti-forensics • Hiding Data:  Changing file names and extensions.  Burying files deep within seemingly unrelated directories.  Hiding files within files.  Encryption.  Steganography. • Destroying Data:  Drive wiping  “Darik’s Boot and Nuke”  “DiskWipe”  “CBL Data Shredder”  “Webroot Window Washer”  “Evidence Eliminator”
Concerns about Data wiping • From an evidentiary or investigative perspective, the presence or use of these applications can serve as the next best thing to the original evidence. • As Seen, some tales are left in the registry
More concerns • When looking at the drive at the bit level, a distinct repeating pattern of data may be seen. This is completely different from what would normally be found on a hard drive in everyday use.
More concerns • Some operating systems, Apple OSX Lion for example, ship with a drive wiping utility installed. Called Secure Erase, this utility offers multiple options for data destruction.
Future Challenges and POR • Standards and Controls: Standards and controls are a fundamental part of scientific analysis, including forensic science. Its relevance to digital forensics is a matter of dispute. Standard Control A prepared sample that has known properties that is used as a control during forensic analyses. A test performed in parallel with experimental samples that is designed to demonstrate that a procedure is working correctly and the results are valid.
Future Challenges and POR • Standards and Control – cntd’:  Two opinions exist. John Barbra Scientific Working Group on Digital Evidence “In the end, closely following these established scientific practices ensures that any results gained are accurate, reliable, and repeatable. He further argued that without the use of standards and controls, it would be “extremely difficult or impossible to scientifically assess the validity of the results obtained from the analysis of the physical evidence” “Their position is that standards are being used in digital forensics, but controls are “not applicable in the computer forensics sub-discipline”  SWGDE’s position centers on false positives.  Tools and processes may miss evidence, but they will never find evidence that doesn’t exist.
Future Challenges and POR • CLOUD FORENSICS  Technically: Deleted files on a magnetic drive remain on the disk until they are overwritten. In the cloud, when a file is deleted the mapping is removed immediately, usually within a matter of seconds. This means that there is no remote access to the deleted data.  Legally: Dealing with multiple jurisdictions can significantly frustrate efforts to get to the relevant data • SOLID STATE DRIVES (SSD) • SPEED OF CHANGE
Case Scenarios – Case 1 Italian Case Law on Digital Evidence • Digital evidence could be altered and can contain countless pieces of information. The “Garlasco” case is a clear example of this.
Case Scenarios – Case 2 BTK Killer • The case of Dennis Rader, better known as the BTK killer. • It was solved thirty years later with the help of digital forensics. • He murdered ten people in Kansas from 1974 to 1991. Rader managed to avoid capture for over thirty years until technology betrayed him. • A floppy disk was received from the BTK killer. • The disc contained a file named “Test A.rtf.” (The .rtf extension stands for “Rich Text File”). A forensic exam of the file struck gold. The file’s metadata (the data about the data) gave investigators the leads they had been waiting over thirty years for. Aside from the “Date Created” (Thursday, February 10, 2005 6:05:34 PM) and the “Date Modified” (Monday, February 14, 2005 2:47:44 PM) were the “Title” (Christ Lutheran Church) and “Last Saved By:” (Dennis).
Conclusion • Digital Forensics field is an emerging field and it faces lots of challenges that are still POR. However, the intense research makes it viable to be taken into consideration in house of court.
Thank You Any Questions?
References • The Basics of Digital Forensics, by Johm Sammons • http://www.cert.org/digital-intelligence/history.cfm • http://www.cert.org/about/ • http://resources.sei.cmu.edu/library/asset-view.cfm?assetid=59056 • http://resources.sei.cmu.edu/asset_files/TechnicalNote/2013_004_001_40234.pdf • http://resources.sei.cmu.edu/asset_files/WhitePaper/2012_019_001_52449.pdf • http://resources.sei.cmu.edu/asset_files/CERTResearchReport/2009_013_001_51315.pdf • http://resources.sei.cmu.edu/asset_files/TechnicalNote/2008_004_001_14948.pdf • http://resources.sei.cmu.edu/asset_files/Handbook/2005_002_001_14429.pdf • http://resources.sei.cmu.edu/asset_files/Handbook/2005_002_001_14432.pdf • http://www.cert.org/digital-intelligence/case-studies/tjx-heartland.cfm • http://www.cert.org/digital-intelligence/case-studies/iceman.cfm • http://www.us-cert.gov/sites/default/files/publications/infosheet_Cyber%20Exercises.pdf • http://en.wikipedia.org/wiki/Digital_forensics • http://www.techopedia.com/definition/27805/digital-forensics • http://www.forensicswiki.org/wiki/Main_Page • http://www.tees.ac.uk/undergraduate_courses/Crime_Scene_&_Forensic_Science/BSc_(Hons)_Computer_ and_Digital_Forensics.cfm • https://eforensicsmag.com • http://www.dfrws.org • http://en.wikibooks.org/wiki/Introduction_to_Digital_Forensics/Acquisition • http://researchrepository.murdoch.edu.au/14422/2/02Whole.pdf • http://prezi.com/4_azs1ecvq4y/crimes-solved-using-digital-forensics/ • Slide Share presentations.

Empfohlen

Digital forensic principles and procedure
Digital forensic principles and procedureDigital forensic principles and procedure
Digital forensic principles and procedurenewbie2019
 
Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)AltheimPrivacy
 
computer forensics
computer forensicscomputer forensics
computer forensicsAkhil Kumar
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic toolsParsons Corporation
 
Brief introduction to digital forensics
Brief introduction to digital forensicsBrief introduction to digital forensics
Brief introduction to digital forensicsMarco Alamanni
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensicsanupriti
 
Incident response process
Incident response processIncident response process
Incident response processBhupeshkumar Nanhe
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 

Empfohlen

Digital forensic principles and procedure
Digital forensic principles and procedureDigital forensic principles and procedure
Digital forensic principles and procedurenewbie2019
 
Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)AltheimPrivacy
 
computer forensics
computer forensicscomputer forensics
computer forensicsAkhil Kumar
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic toolsParsons Corporation
 
Brief introduction to digital forensics
Brief introduction to digital forensicsBrief introduction to digital forensics
Brief introduction to digital forensicsMarco Alamanni
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensicsanupriti
 
Incident response process
Incident response processIncident response process
Incident response processBhupeshkumar Nanhe
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
Digital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsDigital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsFilip Maertens
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics OverviewYansi Keim
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsMithileysh Sathiyanarayanan
 
Legal aspects of handling cyber frauds
Legal aspects of handling cyber fraudsLegal aspects of handling cyber frauds
Legal aspects of handling cyber fraudsSagar Rahurkar
 
Digital Forensic ppt
Digital Forensic pptDigital Forensic ppt
Digital Forensic pptSuchita Rawat
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsRoberto Ellis
 
Operating System Forensics
Operating System ForensicsOperating System Forensics
Operating System ForensicsArunJS5
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodologyPiyush Jain
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidencerakesh mishra
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsyash sawarkar
 
Anti forensic
Anti forensicAnti forensic
Anti forensicMilap Oza
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxBhupeshkumar Nanhe
 
Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 
Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensicsChaitanya Dhareshwar
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber ForensicsKathirvel Ayyaswamy
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 
Network forensic
Network forensicNetwork forensic
Network forensicManjushree Mashal
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsVikas Jain
 
Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Sagar Rahurkar
 

Weitere ähnliche Inhalte

Was ist angesagt?

Digital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsDigital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsFilip Maertens
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics OverviewYansi Keim
 
Legal aspects of handling cyber frauds
Legal aspects of handling cyber fraudsLegal aspects of handling cyber frauds
Legal aspects of handling cyber fraudsSagar Rahurkar
 
Digital Forensic ppt
Digital Forensic pptDigital Forensic ppt
Digital Forensic pptSuchita Rawat
 
Operating System Forensics
Operating System ForensicsOperating System Forensics
Operating System ForensicsArunJS5
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodologyPiyush Jain
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidencerakesh mishra
 
Anti forensic
Anti forensicAnti forensic
Anti forensicMilap Oza
 
L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxBhupeshkumar Nanhe
 
Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 

Was ist angesagt? (20)

Digital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsDigital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic Investigations
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkit
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics Overview
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Legal aspects of handling cyber frauds
Legal aspects of handling cyber fraudsLegal aspects of handling cyber frauds
Legal aspects of handling cyber frauds
 
Digital Forensic ppt
Digital Forensic pptDigital Forensic ppt
Digital Forensic ppt
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Operating System Forensics
Operating System ForensicsOperating System Forensics
Operating System Forensics
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodology
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidence
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Anti forensic
Anti forensicAnti forensic
Anti forensic
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
 
L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptx
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
 
Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensics
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensics
 
Network forensic
Network forensicNetwork forensic
Network forensic
 

Andere mochten auch

Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsVikas Jain
 
Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Sagar Rahurkar
 
Dennis Rader
Dennis RaderDennis Rader
Dennis Radermabrandt
 
Conducting Digital Forensics against Crime and Fraud
Conducting Digital Forensics against Crime and FraudConducting Digital Forensics against Crime and Fraud
Conducting Digital Forensics against Crime and FraudGoutama Bachtiar
 
Network forensics and investigating logs
Network forensics and investigating logsNetwork forensics and investigating logs
Network forensics and investigating logsanilinvns
 
Network Forensics Intro
Network Forensics IntroNetwork Forensics Intro
Network Forensics IntroJake K.
 
Cloud Computing : Security and Forensics
Cloud Computing : Security and ForensicsCloud Computing : Security and Forensics
Cloud Computing : Security and ForensicsGovind Maheswaran
 
Wired and Wireless Network Forensics
Wired and Wireless Network ForensicsWired and Wireless Network Forensics
Wired and Wireless Network ForensicsSavvius, Inc
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeAung Thu Rha Hein
 
Digital Crime & Forensics - Presentation
Digital Crime & Forensics - PresentationDigital Crime & Forensics - Presentation
Digital Crime & Forensics - Presentationprashant3535
 

Andere mochten auch (14)

Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...
 
Dennis Rader
Dennis RaderDennis Rader
Dennis Rader
 
Conducting Digital Forensics against Crime and Fraud
Conducting Digital Forensics against Crime and FraudConducting Digital Forensics against Crime and Fraud
Conducting Digital Forensics against Crime and Fraud
 
Cloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit PlanningCloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit Planning
 
Network forensics1
Network forensics1Network forensics1
Network forensics1
 
Network Forensics
Network ForensicsNetwork Forensics
Network Forensics
 
Network forensics and investigating logs
Network forensics and investigating logsNetwork forensics and investigating logs
Network forensics and investigating logs
 
Network Forensics Intro
Network Forensics IntroNetwork Forensics Intro
Network Forensics Intro
 
Network Forensics
Network ForensicsNetwork Forensics
Network Forensics
 
Cloud Computing : Security and Forensics
Cloud Computing : Security and ForensicsCloud Computing : Security and Forensics
Cloud Computing : Security and Forensics
 
Wired and Wireless Network Forensics
Wired and Wireless Network ForensicsWired and Wireless Network Forensics
Wired and Wireless Network Forensics
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research Challenge
 
Digital Crime & Forensics - Presentation
Digital Crime & Forensics - PresentationDigital Crime & Forensics - Presentation
Digital Crime & Forensics - Presentation
 

Ähnlich wie Digital forensics ahmed emam

Social Issues in Computing : Forensics
Social Issues in Computing : ForensicsSocial Issues in Computing : Forensics
Social Issues in Computing : ForensicsKaruna Kak
 
Draft current state of digital forensic and data science
Draft current state of digital forensic and data science Draft current state of digital forensic and data science
Draft current state of digital forensic and data science Damir Delija
 
Network and computer forensics
Network and computer forensicsNetwork and computer forensics
Network and computer forensicsJohnson Ubah
 
Digital&computforensic
Digital&computforensicDigital&computforensic
Digital&computforensicRahul Badekar
 
Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014Muzzammil Wani
 
Legal Research in the Age of Cloud Computing
Legal Research in the Age of Cloud ComputingLegal Research in the Age of Cloud Computing
Legal Research in the Age of Cloud ComputingNeal Axton
 
CS426_forensics.ppt
CS426_forensics.pptCS426_forensics.ppt
CS426_forensics.pptOkviNugroho1
 
CS426_forensics_tools to analyse and deve
CS426_forensics_tools to analyse and deveCS426_forensics_tools to analyse and deve
CS426_forensics_tools to analyse and devevikashagarwal874473
 
cyber law and forensics,biometrics systems
cyber law and forensics,biometrics systemscyber law and forensics,biometrics systems
cyber law and forensics,biometrics systemsMayank Diwakar
 
Digital forensic
Digital forensicDigital forensic
Digital forensicChandan Sah
 
Why i hate digital forensics - draft
Why i hate digital forensics - draftWhy i hate digital forensics - draft
Why i hate digital forensics - draftDamir Delija
 
Computer forensics 1
Computer forensics 1Computer forensics 1
Computer forensics 1Jinalkakadiya
 
What is Digital Forensics.docx
What is Digital Forensics.docxWhat is Digital Forensics.docx
What is Digital Forensics.docxAliAshraf68199
 

Ähnlich wie Digital forensics ahmed emam (20)

Social Issues in Computing : Forensics
Social Issues in Computing : ForensicsSocial Issues in Computing : Forensics
Social Issues in Computing : Forensics
 
Draft current state of digital forensic and data science
Draft current state of digital forensic and data science Draft current state of digital forensic and data science
Draft current state of digital forensic and data science
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Network and computer forensics
Network and computer forensicsNetwork and computer forensics
Network and computer forensics
 
Computer forencis
Computer forencisComputer forencis
Computer forencis
 
Digital&computforensic
Digital&computforensicDigital&computforensic
Digital&computforensic
 
Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014
 
Legal Research in the Age of Cloud Computing
Legal Research in the Age of Cloud ComputingLegal Research in the Age of Cloud Computing
Legal Research in the Age of Cloud Computing
 
CS426_forensics.ppt
CS426_forensics.pptCS426_forensics.ppt
CS426_forensics.ppt
 
CS426_forensics_tools to analyse and deve
CS426_forensics_tools to analyse and deveCS426_forensics_tools to analyse and deve
CS426_forensics_tools to analyse and deve
 
CS426_forensics.ppt
CS426_forensics.pptCS426_forensics.ppt
CS426_forensics.ppt
 
CYBERFORENSICS
CYBERFORENSICSCYBERFORENSICS
CYBERFORENSICS
 
cyber law and forensics,biometrics systems
cyber law and forensics,biometrics systemscyber law and forensics,biometrics systems
cyber law and forensics,biometrics systems
 
Digital forensics by vimal priya.s
Digital forensics by vimal priya.sDigital forensics by vimal priya.s
Digital forensics by vimal priya.s
 
Digital forensic
Digital forensicDigital forensic
Digital forensic
 
Digital Forensic
Digital ForensicDigital Forensic
Digital Forensic
 
Why i hate digital forensics - draft
Why i hate digital forensics - draftWhy i hate digital forensics - draft
Why i hate digital forensics - draft
 
Computer forensics 1
Computer forensics 1Computer forensics 1
Computer forensics 1
 
What is Digital Forensics.docx
What is Digital Forensics.docxWhat is Digital Forensics.docx
What is Digital Forensics.docx
 

Mehr von ahmad abdelhafeez

Surveying cross layer protocols in ws ns
Surveying cross layer protocols in ws nsSurveying cross layer protocols in ws ns
Surveying cross layer protocols in ws nsahmad abdelhafeez
 
Energy harvesting sensor nodes
Energy harvesting sensor nodes Energy harvesting sensor nodes
Energy harvesting sensor nodes ahmad abdelhafeez
 
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...ahmad abdelhafeez
 
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...ahmad abdelhafeez
 
Energy conservation in wireless sensor networks
Energy conservation in wireless sensor networksEnergy conservation in wireless sensor networks
Energy conservation in wireless sensor networksahmad abdelhafeez
 
Sdn pres v2-Software-defined networks
Sdn pres v2-Software-defined networksSdn pres v2-Software-defined networks
Sdn pres v2-Software-defined networksahmad abdelhafeez
 
Malewareanalysis presentation
Malewareanalysis presentationMalewareanalysis presentation
Malewareanalysis presentationahmad abdelhafeez
 

Mehr von ahmad abdelhafeez (20)

Surveying cross layer protocols in ws ns
Surveying cross layer protocols in ws nsSurveying cross layer protocols in ws ns
Surveying cross layer protocols in ws ns
 
Service level management
Service level managementService level management
Service level management
 
Energy harvesting sensor nodes
Energy harvesting sensor nodes Energy harvesting sensor nodes
Energy harvesting sensor nodes
 
V5I3_IJERTV5IS031157
V5I3_IJERTV5IS031157V5I3_IJERTV5IS031157
V5I3_IJERTV5IS031157
 
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
 
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
 
Energy conservation in wireless sensor networks
Energy conservation in wireless sensor networksEnergy conservation in wireless sensor networks
Energy conservation in wireless sensor networks
 
Localization in wsn
Localization in wsnLocalization in wsn
Localization in wsn
 
Routing
RoutingRouting
Routing
 
Wsn security issues
Wsn security issuesWsn security issues
Wsn security issues
 
Trusted systems
Trusted systemsTrusted systems
Trusted systems
 
opnet
opnetopnet
opnet
 
Wsn security issues
Wsn security issuesWsn security issues
Wsn security issues
 
Sdn pres v2-Software-defined networks
Sdn pres v2-Software-defined networksSdn pres v2-Software-defined networks
Sdn pres v2-Software-defined networks
 
Intrusion prevension
Intrusion prevensionIntrusion prevension
Intrusion prevension
 
Digital forensics.abdallah
Digital forensics.abdallahDigital forensics.abdallah
Digital forensics.abdallah
 
Cloud computing final show
Cloud computing final showCloud computing final show
Cloud computing final show
 
Incident handling.final
Incident handling.finalIncident handling.final
Incident handling.final
 
Malewareanalysis presentation
Malewareanalysis presentationMalewareanalysis presentation
Malewareanalysis presentation
 
pentration testing
pentration testingpentration testing
pentration testing
 

Kürzlich hochgeladen

Introduction to Machine Learning Unit-3 for II MECH
Introduction to Machine Learning Unit-3 for II MECHIntroduction to Machine Learning Unit-3 for II MECH
Introduction to Machine Learning Unit-3 for II MECHC Sai Kiran
 
Piping Basic stress analysis by engineering
Piping Basic stress analysis by engineeringPiping Basic stress analysis by engineering
Piping Basic stress analysis by engineeringJuanCarlosMorales19600
 
lifi-technology with integration of IOT.pptx
lifi-technology with integration of IOT.pptxlifi-technology with integration of IOT.pptx
lifi-technology with integration of IOT.pptxsomshekarkn64
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfAsst.prof M.Gokilavani
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024Mark Billinghurst
 
Concrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxConcrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxKartikeyaDwivedi3
 
Solving The Right Triangles PowerPoint 2.ppt
Solving The Right Triangles PowerPoint 2.pptSolving The Right Triangles PowerPoint 2.ppt
Solving The Right Triangles PowerPoint 2.pptJasonTagapanGulla
 
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsyncWhy does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsyncssuser2ae721
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
Vishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documentsVishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documentsSachinPawar510423
 
Arduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptArduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptSAURABHKUMAR892774
 
Correctly Loading Incremental Data at Scale
Correctly Loading Incremental Data at ScaleCorrectly Loading Incremental Data at Scale
Correctly Loading Incremental Data at ScaleAlluxio, Inc.
 
Work Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvWork Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvLewisJB
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionDr.Costas Sachpazis
 
An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...Chandu841456
 
Class 1 | NFPA 72 | Overview Fire Alarm System
Class 1 | NFPA 72 | Overview Fire Alarm SystemClass 1 | NFPA 72 | Overview Fire Alarm System
Class 1 | NFPA 72 | Overview Fire Alarm Systemirfanmechengr
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx959SahilShah
 
8251 universal synchronous asynchronous receiver transmitter
8251 universal synchronous asynchronous receiver transmitter8251 universal synchronous asynchronous receiver transmitter
8251 universal synchronous asynchronous receiver transmitterShivangiSharma879191
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girlsssuser7cb4ff
 

Kürzlich hochgeladen (20)

Introduction to Machine Learning Unit-3 for II MECH
Introduction to Machine Learning Unit-3 for II MECHIntroduction to Machine Learning Unit-3 for II MECH
Introduction to Machine Learning Unit-3 for II MECH
 
Piping Basic stress analysis by engineering
Piping Basic stress analysis by engineeringPiping Basic stress analysis by engineering
Piping Basic stress analysis by engineering
 
lifi-technology with integration of IOT.pptx
lifi-technology with integration of IOT.pptxlifi-technology with integration of IOT.pptx
lifi-technology with integration of IOT.pptx
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024
 
Concrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxConcrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptx
 
Solving The Right Triangles PowerPoint 2.ppt
Solving The Right Triangles PowerPoint 2.pptSolving The Right Triangles PowerPoint 2.ppt
Solving The Right Triangles PowerPoint 2.ppt
 
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsyncWhy does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
Vishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documentsVishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documents
 
Arduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptArduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.ppt
 
Correctly Loading Incremental Data at Scale
Correctly Loading Incremental Data at ScaleCorrectly Loading Incremental Data at Scale
Correctly Loading Incremental Data at Scale
 
Work Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvWork Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvv
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
 
An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...
 
Class 1 | NFPA 72 | Overview Fire Alarm System
Class 1 | NFPA 72 | Overview Fire Alarm SystemClass 1 | NFPA 72 | Overview Fire Alarm System
Class 1 | NFPA 72 | Overview Fire Alarm System
 
Design and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdfDesign and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdf
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx
 
8251 universal synchronous asynchronous receiver transmitter
8251 universal synchronous asynchronous receiver transmitter8251 universal synchronous asynchronous receiver transmitter
8251 universal synchronous asynchronous receiver transmitter
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girls
 

Digital forensics ahmed emam

  • 1. Digital Forensics Presented by: Ahmed Emam Presented to: Dr. Ashraf Tammam
  • 2. Outline • Introduction • Categories • History • Review • Types of computer crimes and investigations. • Anti-forensics • Future Challenges • Real life cases • Conclusion • References
  • 3. Introduction • Your computer will betray you. • Change is inevitable. • digital forensics is still in its infancy.
  • 4. Introduction – cntd’ According to a study by University of California – Berkeley in 2001. It was found that 93% of all new information at that time was created entirely in digital format.
  • 5. What? • Forensics is the application of science to solve a legal problem. • Digital Forensics is the preservation, identification, extraction, interpretation and documentation of computer evidence which can be used in the court of law. • In Forensic Magazine, Ken Zatyko defined digital forensics this way: “The application of computer science and investigative procedures for a legal purpose involving the analysis of digital evidence after proper search authority, chain of custody, validation with mathematics, use of validated tools, repeatability, reporting, and possible expert presentation.”
  • 7. History • The field started to emerge in the 1980’s. • Since the late 1970s the amount of crime involving computers has been growing very quickly, creating a need for constantly developing forensic tools and practices. • The first computer crimes were recognized in the 1978 Florida Computer Crimes Act, which included legislation against the unauthorized modification or deletion of data on a computer system. • In the 1980’s, the federal laws began to incorporate computer offences and Canada was the first country to pass legislation in 1983. • Starting 2000, in response to the need for standardization, various bodies and agencies have published guidelines for digital forensics. • Many of the early members were computer hobbyists and became responsible for the field's initial research and direction. • One of the first practical (or at least publicized) examples of digital forensics was Cliff Stoll's pursuit of hacker Markus Hess in 1986.
  • 8. Review – Why and Who? • Why? - Due to the growth in computer crime law enforcement agencies began establishing specialized groups to handle the technical aspects of investigations. • Who? - Criminal Prosecutors & law enforcement agencies, Insurance Companies, Private Corporations.
  • 10. Types of Computer Crimes and Investigations • Types of Computer Crimes:  Computer based crimes.  Computer facilitated crimes. • Types of Investigations:  Criminal forensics.  Intelligence gathering.  civil litigation – Also known as Electronic discovery (eDiscovery).  Intrusion investigation.  administrative matters.
  • 11. Conditions of Reliability • The “conditions of reliability” are generally the same for most jurisdictions and it was stated that electronic copies of data are admissible provided that:  They were from the indicated source.  They were acquired using proven tools and techniques.  They have not been altered since the time of acquisition.
  • 12. Challenges – Digital Forensics • Digital evidence accepted into court. • Costs. • Presents the potential for exposing privileged documents. • Legal practitioners must have extensive computer knowledge.
  • 13. Locard’s Exchange Principle • “Wherever he steps, whatever he touches, whatever he leaves, even unconsciously, will serve as a silent witness against him. Not only his fingerprints or his footprints, but his hair, the fibers from his clothes, the glass he breaks, the tool mark he leaves, the paint he scratches, the blood or semen he deposits or collects. All of these and more, bear mute witness against him. This is evidence that does not forget. It is not confused by the excitement of the moment. It is not absent because human witnesses are. It is factual evidence. Physical evidence cannot be wrong, it cannot perjure itself, it cannot be wholly absent. Only human failure to find it, study and understand it, can diminish its value.” • It can be interpreted as follows: In the physical world, when perpetrators enter or leave a crime scene, they will leave something behind and take something with them. Examples include DNA, latent prints, hair, and fibers
  • 14. Locard’s Analogy for Digital Forensics • Registry keys and log files can serve as the digital equivalent to hair and fiber. • Like DNA, our ability to detect and analyze these artifacts relies heavily on the technology available at the time. • Viewing a device or incident through the “lens” of Locard’s principle can be very helpful in locating and interpreting not only physical but digital evidence as well.
  • 15. The field of Anti-forensics • To counter the relatively new forensic advances, anti- forensic tools and techniques are cropping up in significant numbers. • They are being used by criminals, terrorists, and corporate executives. • Definition: “an approach to manipulate, erase, or obfuscate digital data or to make its examination difficult, time consuming, or virtually impossible”
  • 16. Several Techniques for Anti-forensics • Hiding Data:  Changing file names and extensions.  Burying files deep within seemingly unrelated directories.  Hiding files within files.  Encryption.  Steganography. • Destroying Data:  Drive wiping  “Darik’s Boot and Nuke”  “DiskWipe”  “CBL Data Shredder”  “Webroot Window Washer”  “Evidence Eliminator”
  • 17. Concerns about Data wiping • From an evidentiary or investigative perspective, the presence or use of these applications can serve as the next best thing to the original evidence. • As Seen, some tales are left in the registry
  • 18. More concerns • When looking at the drive at the bit level, a distinct repeating pattern of data may be seen. This is completely different from what would normally be found on a hard drive in everyday use.
  • 19. More concerns • Some operating systems, Apple OSX Lion for example, ship with a drive wiping utility installed. Called Secure Erase, this utility offers multiple options for data destruction.
  • 20. Future Challenges and POR • Standards and Controls: Standards and controls are a fundamental part of scientific analysis, including forensic science. Its relevance to digital forensics is a matter of dispute. Standard Control A prepared sample that has known properties that is used as a control during forensic analyses. A test performed in parallel with experimental samples that is designed to demonstrate that a procedure is working correctly and the results are valid.
  • 21. Future Challenges and POR • Standards and Control – cntd’:  Two opinions exist. John Barbra Scientific Working Group on Digital Evidence “In the end, closely following these established scientific practices ensures that any results gained are accurate, reliable, and repeatable. He further argued that without the use of standards and controls, it would be “extremely difficult or impossible to scientifically assess the validity of the results obtained from the analysis of the physical evidence” “Their position is that standards are being used in digital forensics, but controls are “not applicable in the computer forensics sub-discipline”  SWGDE’s position centers on false positives.  Tools and processes may miss evidence, but they will never find evidence that doesn’t exist.
  • 22. Future Challenges and POR • CLOUD FORENSICS  Technically: Deleted files on a magnetic drive remain on the disk until they are overwritten. In the cloud, when a file is deleted the mapping is removed immediately, usually within a matter of seconds. This means that there is no remote access to the deleted data.  Legally: Dealing with multiple jurisdictions can significantly frustrate efforts to get to the relevant data • SOLID STATE DRIVES (SSD) • SPEED OF CHANGE
  • 23. Case Scenarios – Case 1 Italian Case Law on Digital Evidence • Digital evidence could be altered and can contain countless pieces of information. The “Garlasco” case is a clear example of this.
  • 24. Case Scenarios – Case 2 BTK Killer • The case of Dennis Rader, better known as the BTK killer. • It was solved thirty years later with the help of digital forensics. • He murdered ten people in Kansas from 1974 to 1991. Rader managed to avoid capture for over thirty years until technology betrayed him. • A floppy disk was received from the BTK killer. • The disc contained a file named “Test A.rtf.” (The .rtf extension stands for “Rich Text File”). A forensic exam of the file struck gold. The file’s metadata (the data about the data) gave investigators the leads they had been waiting over thirty years for. Aside from the “Date Created” (Thursday, February 10, 2005 6:05:34 PM) and the “Date Modified” (Monday, February 14, 2005 2:47:44 PM) were the “Title” (Christ Lutheran Church) and “Last Saved By:” (Dennis).
  • 25. Conclusion • Digital Forensics field is an emerging field and it faces lots of challenges that are still POR. However, the intense research makes it viable to be taken into consideration in house of court.
  • 27. References • The Basics of Digital Forensics, by Johm Sammons • http://www.cert.org/digital-intelligence/history.cfm • http://www.cert.org/about/ • http://resources.sei.cmu.edu/library/asset-view.cfm?assetid=59056 • http://resources.sei.cmu.edu/asset_files/TechnicalNote/2013_004_001_40234.pdf • http://resources.sei.cmu.edu/asset_files/WhitePaper/2012_019_001_52449.pdf • http://resources.sei.cmu.edu/asset_files/CERTResearchReport/2009_013_001_51315.pdf • http://resources.sei.cmu.edu/asset_files/TechnicalNote/2008_004_001_14948.pdf • http://resources.sei.cmu.edu/asset_files/Handbook/2005_002_001_14429.pdf • http://resources.sei.cmu.edu/asset_files/Handbook/2005_002_001_14432.pdf • http://www.cert.org/digital-intelligence/case-studies/tjx-heartland.cfm • http://www.cert.org/digital-intelligence/case-studies/iceman.cfm • http://www.us-cert.gov/sites/default/files/publications/infosheet_Cyber%20Exercises.pdf • http://en.wikipedia.org/wiki/Digital_forensics • http://www.techopedia.com/definition/27805/digital-forensics • http://www.forensicswiki.org/wiki/Main_Page • http://www.tees.ac.uk/undergraduate_courses/Crime_Scene_&_Forensic_Science/BSc_(Hons)_Computer_ and_Digital_Forensics.cfm • https://eforensicsmag.com • http://www.dfrws.org • http://en.wikibooks.org/wiki/Introduction_to_Digital_Forensics/Acquisition • http://researchrepository.murdoch.edu.au/14422/2/02Whole.pdf • http://prezi.com/4_azs1ecvq4y/crimes-solved-using-digital-forensics/ • Slide Share presentations.