Image Source: thecomputerforensics.info. DAY ONE (Monday) › Lecture and TWO activities Activity...
-
Upload
flora-amy-robertson -
Category
Documents
-
view
214 -
download
1
Transcript of Image Source: thecomputerforensics.info. DAY ONE (Monday) › Lecture and TWO activities Activity...
Image Source: thecomputerforensics.info
DAY ONE (Monday)› Lecture and TWO activities
Activity One: Who are you? Activity Two: Digital Forensic Cases
DAY TWO (Tuesday)› Lecture and ONE activity
Activity Three: Acquiring an Image of Evidence Media and Recovering a Deleted File
DAY THREE (Wednesday)› Lecture and THREE activities
Activity Four: Cookies and Grabbing Passwords with Wireshark Activity Five: Encryptor and Decryptor Activity Six: Steganography
DAY FOUR (Thursday) Activity Seven: Digital Photo Scavenger Hunt Activity Eight: Writing a wrap-up report Activity Nine: Preparing the Friday Presentation
DAY Five (Friday) Presentation in the closing session
Summer Bridge Program at Radford University 2
Activity TwoBy: Aqurra C. , Autumn P. , Que J., Tiyana M.
BTK Killer
In January 1975 , he killed
four family members: Joseph
Otero, 38/ Julie (his wife), 34/
Joseph II and Josephine (his
two kids), 9 and 11
Over 15 years killed 6 other
females
He killed his 4 family
members by strangling them
and then took a radio and
watch
More About BTK Killer
In 1974 he started to go under
the name BTK Strangler and he
sent teases to the police about
his killings (BTK: bind , torture ,
strangle )
After sending the floppy disk
to the police they were able
to track him down and
capture him.
Chat History
Advantages You can talk to anyone
online about whatever you want and not be judged.
You can feel safe behind a computer screen.
You can remain anonymous.
You can go by a nickname.
Its fun, free, quick, and easy.
Good for shy people. Good for people who
wants to learn new things about people all around the world.
People can empty out their souls without being under pressure.
Chat History
Disadvantages
People can lie about their identity.
Can lead to a plethora of scams.
Lack of emotion. Can be dangerous if
the personal details are passed on.
Can go offline without warning.
Young ones could easily be fooled by older people.
Could be a place for foul language and cyber sex.
Summary In this activity we learned that many
sources of digital evidence can be used in solving a crime.
Almost ever crime involves a type of digital evidence. Without forensic experts and scientist, we wouldn’t be able to identify the criminals.
This class has been a great experience for us all and gave us a lot of new information and insights in this field.
Thank you!
MY TEAM!!!
Allejah, Anu, Sophie, Tamara
• Activity Three allowed us to copy a drive and
obtain deleted files that had not yet been
overwritten by the computer
• When a file is “deleted” it is put away from user view, but
it still exists in the computer’s memory
• It will cease to exist when the computer replaces it with
other data when storage is needed
• The purpose of Activity Three was to make a copy
of the contents of a flash drive
• We had to do this to preserve the original data on
the drive
• It is important to keep the information untouched
so that it can be used as evidence if needed – this
is an integral principle of forensic analysis
• Make an image of the drive from which you want
to recover a file (create physical drive) – We used
AccessData FTK Imager
• Go through the copy of the evidence
• Identify which documents you would like to
recover or access
• Right-click on the deleted files that still retain data
and export them to your hard drive
• We exported the data into the Raw Destination Form
• The unallocated, or ‘empty’, space is very important to
Forensic Analysts – it may contain deleted files which
have not been replaced
• The data can be separated into files of varying size
• The hashes can indicate if the data is modified
• Digital Forensics requires analysis of evidence
stored using technology – either the hard drive or
external storage
• The analysts cannot modify the original data, but
by making a copy, they can look through the files
and recover deleted files to be used as evidence.
Briana, Simone, Nikki, Nadia
Activity Four
Activity Five Encryptor and Decryptor
Terminology EncryptionEncryption
the process of encoding messages in such a way that hackers can not read it.
DecryptionDecryption the process of converting ciphertext (encrypted data) into plaintext.
AlgorithmAlgorithmmathematical steps to convert the plaintext into ciphertext.
Process
PKI Demo Applet
Encryption
Decryption
Usages● Make sensitive information harder to find
and understando For example, passwords on a database might be
encrypted in case it get hackedo Encrypting the passwords also make it more
complicated for hackers to know what the passwords are even if they find the database if they do not have the key
● Criminals can also use encryption to conceal incriminating evidence
Activity 6: Steganography
Ann Tay
Elizabeth
Background from- http://www.gfi.com/blog/threats-steganography/
Steganography is hiding a secret message within a picture
Encryption can also be used when hiding messages in pictures. Encryption is the use of a variety of symbols and numbers to hide a message that can later be translated into plain English
Decryption is the process that is used to reverse encryption or translate the encrypted message back into plain text
Which picture has the hidden message?
Which picture has the hidden message?