computer forensic softwares
TRANSCRIPT
Index – Computer Forensic Software
•What is forensic and its types?
•What is Computer forensics
• Benefits of Computer forensics
• Steps in conducting computer forensics
• Evaluation of forensic software
• Popular forensic software
What is forensic ?
• Derived from Latin word “forēnsis”
• Application of scientific techniques of• Gathering and
• Examination of information
• Which can be used in court of law
• Dates back to 44 B.C. for first such case
Major forensic fields
• Criminalistics
• Computer
• Odontology
• Toxicology
• Psychiatry & Behavioural Science
• Pathology/Biology
What is Computer Forensic ?
• Application of • Investigation and Analysis techniques to• Gather and preserve• Evidence from a computing device so as• Effectively produce as a admissible evidence• In court of law
What is Computer Forensic ?
• Goal of a computer forensic is to • Perform a structured investigation
• Maintain documented chain of evidence
• To determine what happened through the device
• To determine who was responsible for the same
Benefits of Computer Forensic ?
• Prosecutors – Evidence in incriminating documents
• Civil Litigators – Personal records
• Insurance Companies – Evidence to substantiate actual fraud
• Corporations – Evidence relating to misappropriations or embezzlements
• Law Enforcement – Post search handling of computing devices
Steps in Computer Forensic
• Acquisition• Making an Image
• Verifying the integrity of Image
• Extraction• Data viewing
• Key word based search
• Password protected then dictionary attack or brute force
Steps in Computer Forensic
• Reconstruction• Re create the crime scene with computer image
• Run software to analyze the image
• Reporting• Create an effective report
• Crisp with hard evidences
• Log anaylsis
Steps in Computer Forensic
Types of forensic techniques•Hardware forensic tools• Range from single-purpose components to complete
computer systems and servers. Advantage of hardware forensic tools is that embedded development is done which saves the space and time. The products will be portable and speedy acquisition of digital data’s can be done.
• Software forensic tools• Commonly used to copy data from a suspect’s disk drive to
an image file.
Evaluating Software
• Versatility• Work in any condition
• Able to accommodate any various type of inputs
• Flexibility• Should not be stringent with its capabilities
• Able to adapt to different users and their different needs
Evaluating Software• Robustness• Ability to cope with any errors
• Algorithm to operate despite abnormalities in Inputs.
• Software should be independent of• Operating & File System
• Script capabilities
• Automated features
• Vendors reputation should be impeccable
Popular analytical software• Encase Forensic• Fully automated program touted as highly user friendly
• Includes mechanized imaging and verification
• Provides tree like registry
• Provides for Internet and Email searching
• Vendor provides regular updates on regular court decisions
• Preserves high integrity
• Tablet and smartphone data acquisition possible
• Automatic and customizable reports
• Costly with upgrades also expensive
Popular analytical software• Access Data• Simple Data extraction
• Wizard driven interface
• Various data extraction options which maintain integrity
• Broad support for Mobile and various OS
• Court cited solutions
• Database driven for speed and resilience
• Integrated feature set
• Rich reporting
