DIGITAL FORENSICSXinwen Fu

Associate ProfessorDepartment of Computer Science

University of Massachusetts LowellCenter for Cyber Forensics, UMass Lowell

Outline Introduction

Our Network Forensic Toolkits

Conclusion

2

Xinwen Fu

Introduction3

Based on Symantec Internet Security Threat Report 2011 Trends

Symantec blocked more than 5.5 billion attacks in 2011

Over 154 attacks took place per day in Dec. 2011

Attacks skyrocketed by more than 81% compared with 2010

More than 232.4 million identities were exposed

Xinwen Fu

Digital Forensics Recovery and investigation of material found in

digital devices, often in relation to computer crime Encompassment of the seizure, forensic imaging

(acquisition) and analysis of digital media and the production of a report into collected evidence for the benefit of courts or employers (incrimination or exoneration)

4

Digital Forensics

Computer Forensics

Network Forensics

Xinwen Fu

5

Xinwen FuExam

ple

Com

pute

r For

ensi

c To

olki

t® (F

TK®)

Our Research on Network Forensics

3DLoc2

HAWK

Sr RobotLegend:

Mini Helicopter-based Wireless Kit (HAWK)

3D localization and locking toolkit on vehicle (3DLoc2)

Search and rescue robot (Sr Robot)

6

Hand-held Locator (HaLo)

HaLo

Evil

Xinwen Fu

Outline Introduction

Our Network Forensic Toolkits

Conclusion

7

Xinwen Fu

Demo – HAWK: mini-Helicopter-based Aerial Localization Wireless Kit

8youtu.be/watch?v=ju86xnHbEq0

Xinwen Fu

Demo - HaLo: Hand-held Locator youtu.be/QGhBrt26Q8Y

9

Xinwen Fu

Outline Introduction

Our Network Forensic Toolkits

Conclusion

10

Xinwen Fu

Conclusion Digital forensics is the science fighting against

cyber crime

We researched and implemented novel network forensic toolkits and demonstrated HAWK – mini-Helcipter-based Aerial Wireless Kit HaLo – Hand-held Locator

We study related laws in Network Forensics

We refine the framework of Network Forensics

11

Xinwen Fu

12 Xinwen Fu 12/15Xinwen Fu

Thank you!Xinwen Fu