1 / 19

Teaching Computer Forensics Using Student Developed Evidence Files

Teaching Computer Forensics Using Student Developed Evidence Files. Anna Carlin Cal Poly Pomona. Agenda. What is Computer Forensics Trends in Computer Forensics Structure of a Computer Forensics Course Investigative Mindset Criminal Mindset Legal Aspects of Computer Forensics Ethics

loc
Download Presentation

Teaching Computer Forensics Using Student Developed Evidence Files

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Teaching Computer Forensics Using Student Developed Evidence Files Anna Carlin Cal Poly Pomona

  2. Agenda • What is Computer Forensics • Trends in Computer Forensics • Structure of a Computer Forensics Course • Investigative Mindset • Criminal Mindset • Legal Aspects of Computer Forensics • Ethics • Highlights • Questions & Answers

  3. What is Computer Forensics? • Application of computer investigation and analysis in the interests of determining potential legal evidence • Involves the identification, preservation, extraction, documentation, and interpretation of this digital evidence

  4. Trends in Computer Forensics • Computer Information System/Information Technology • 95% or world’s information is being generated and stored in a digital form • Only about one-third of documentary evidence is printed out

  5. Structure Of Course • Prerequisites • Textbooks Used • Group and Individual Projects • Lab Environment/Facility

  6. Quarter System Class • Prerequisites • Cal Poly – Junior/Senior level in a career track • Textbooks • Guide to Computer Forensics from Course Technology • Recommended: Hacking Exposed: Computer Forensics Secrets and Solutions

  7. Topics Covered • Applicable Laws • Processing Crime and Incident Scenes • Collecting Evidence • Recovering Evidence • Computer Forensic Tools • Documenting the Investigation • Communicating the Results

  8. Cal Poly’s Computer Forensics Lab • Allows hands-on experience • Evidence lockers • 3 separate hard drives • Software available: • EnCase Enterprise version 5 • FTK • Open source products • Virtual PC

  9. HexWorkshop Irfanview Paraben PC-Encrypt WinHex BitPim Stegdetect Additional Software

  10. Group Project • The goals are to: • Follow a documented forensics investigation process • Identify relevant electronic evidence associated with various violations of specific laws • Identify probable cause to obtain a search warrant • Recognize the limits of search warrants • Locate and recover relevant electronic evidence • Maintain a chain of custody

  11. Group Project Parts • Create the evidence • Pick a crime and identify the elements • Generate evidence to support that crime • Write and execute a search warrant • Analyzing the evidence seized • Maintain chain of custody • Analyze the digital medium for evidence • Document the process and findings • Presentation of findings

  12. Group Projects Created • Bioterrorism of 80% of the world’s coconut supply on a fictitious island • A Da Vinci Code takeoff where the curator interrupts the robbery of the Mona Lisa and is killed in the process • Murder of a faculty member and where they are buried • Counterfeit Anaheim Angel playoff tickets

  13. Individual Projects (Labs) • Acquiring an image for analysis • Recovering deleted data • Password and encryption methods • Images and steganography • Tracing emails • Email analysis • Cell phones • PDA

  14. Investigative Mindset • Handling the Crime Scene • Ears, Eyes, Hands • Computer Evidence • Digital Evidence • Crime Scene investigation and boundaries • Searching and Collecting evidence • Do’s and Don’ts

  15. Criminal Mindset • Identify Theft • Pornography • Sexual Harassment • Embezzlement • Mail- Hate- Gambling across States- Drug Trafficking- Images • Understanding anti-forensic techniques to hide evidence

  16. Legal Aspects of Computer Forensics • Don’t commit a crime when manufacturing evidence • Verify the tools • Document everything

  17. Ethics • Do your job • Remove any personal agendas you may have about the case/investigation • Knowing it and proving it are 2 different things • State the facts as you see them • It is not your job to be Judge and/or Jury • Ethical Hacking

  18. Highlights • Professor in class challenges: • Time available after class for lab work • Student Technical Experience is varied • Evidence created could be hit or miss • Student creativity • Training/Certifications • Computer Usage Policy • White Hacker Policy

  19. Questions and Answer

More Related