Digital Cameras. An evaluation of the collection, preservation and evaluation of data collected from digital
|
|
- Shannon McLaughlin
- 6 years ago
- Views:
Transcription
1 Ronald Prine CSC Digital Forensics New Mexico Institute of Mining and Technology October 17, 2006 Digital Cameras Executive Summary An evaluation of the collection, preservation and evaluation of data collected from digital image recorders (digital cameras). Preservation includes the protection of the data from outside sources like WiFi, Bluetooth and cell phone connections. A perspective on the gaps in current forensic techniques. Two examples of current research that involves user and device identification from digital images. An example of a future device that could aid in the collection and preservation of digital camera data. Digital Forensic Purpose The purpose of forensic work in relation to digital cameras and other digital recording devices like digital camcorders is to control, collect, preserve and evaluate the evidence. Control of the evidence is ensuring that the data is not changed or lost prior to collection. The collection process is to gather all data in a forensically sound fashion. This collection, in the case of digital cameras, would involve volatile and non-volatile data. The volatile data would be memory internal to the camera that a suspect may have used for their own purposes. The non-volatile data would be the data stored on removable media or flash memory built into the camera. The
2 evaluation of collected data will involve many tools with the intention to prove or disprove that crimes have occurred. State of Practice When a digital camera is involved in a forensic investigation many aspects of this technology need to be taken into consideration while seeking evidence of a crime. An electronic imaging device in its simplest form is the combination of an image recorder and a method of storing that data. The storage and capture of images is the main goal of a digital camera, but any electronic data can be stored on this device. Forensically this means that the digital camera needs to be treated like any data storage device. Digital cameras have used internal memory, floppy disk, flash memory, CDs, DVDs and hard drives as a storage mediums. In addition to the collection of data from the digital camera there is a new technology that has been integrated into many of these devices. This technology is wireless communications. Cameras now can contain WiFi, Bluetooth and cell phone technology. The initial intent of this addition was to facilitate the transfer of data from the camera to computers or to other cameras. The manufactures of these devices have now made it possible to control the digital camera remotely. This means that forensically the data on a camera can be erased or modified remotely. With this knowledge the forensic investigator must protect the evidence by collecting the data quickly and by shielding the device from any network connections. This shielding can be done in many ways, but should not include removing the camera s internal power source due to the possible loss of volatile memory within the device. Data collection from the removable media is achieved by mounting the media in a read only mode on a computer. This data would then be imaged or cloned using the tool dd. The goal is to collect all data from the storage device, including allocated, unallocated, slack and all parts Digital Forensics New Mexico Tech R Prine 2
3 of the storage medium. Allocated data would be the files that are currently on the media, unallocated would be parts of files that were previously deleted. The slack data is the parts of old data that are contained in the last block of an allocated or unallocated file. The remaining parts of the storage media could contain data that has been hidden or partitions that have been deleted. In general most media from digital cameras will only have one partition, but the newer cameras no can use hard drives as their storage media. Because of the use of hard drives the ability to hide data within a digital camera has a higher possibility. Additional data collection can be done on the physical hardware of the camera. With the ability to flash the working internal memory of the camera, additional storage is available to hide data. Flash files for most digital cameras are available from the manufactures and could be reverse engineered to free up large amounts of non-volatile memory. By removing most of the features that a camera has built into it, the camera could still function as a camera and yet could be used primarily as a storage device. In addition to re-writing the flash memory, there is internal memory that may be accessible for additional storage. This data should be investigated and collected. An additional concern about this data is that some of it may be lost if the batteries fail or are removed prior to investigating the data. Other data of interest within the digital device may be time stamps, GPS location, phone numbers, access history and photo logs. With the practice of expanding the uses of digital devices, digital cameras will become more comparable to phones or PDAs and thus will have to have the same forensic techniques of phones and PDAs applied to them. After all data is collected, standard file and memory forensic tools can be used to evaluate the data. Some of the tools that can be used are Sleuthkit, Autopsy, Retriever, and Digital Forensics New Mexico Tech R Prine 3
4 Scalpel. The tools will be used to recover and document files and other data from the camera. The use of file carving and steganalysis may also be needed in the collection of data. Gaps in Technology With the speed that new technology is produced the hardware and storage methods used for digital cameras is always changing. The addition of wireless communications into the cameras has increased the need for better forensic techniques. A standardized method of collecting all data on a digital camera is of concern and should be rectified immediately. Currently the method of working with the internals of a digital camera would involve the cooperation of the hardware manufactures to provide methods and possible software to evaluate the device. A second gap in technology is the practice of shielding and providing additional power to digital devices prior to storing evidence. This would prevent the loss of uncollected data. State of Research The State University of New York (SUNY) at Binghamton has two recent advancements in research involving digital cameras. The first involves storing a biometric of the person who took the picture with the camera. The second involves digitally fingerprinting which device produced the digital image. In 2004 Paul Blythe and Jessica Fridrich conducted research in watermarking all images produced by a camera with a unique hidden identifier of the person that took the picture 1. The method involves using and infrared imager inside the view finder of the Digital Forensics New Mexico Tech R Prine 4
5 camera to produce an image of the iris of the eye looking into the viewfinder. This image is embedded into the image of the scene that the camera was taking. This embedded image would not be visible and the embedded image would contain additional information concerning the device that took the photo. This biometric information can be retrieved and processed from a digital image at a future date. This information could be used to prove or disprove who was using a camera. The second research topic was done at SUNY Binghamton in 2006 by Jessica Fridrich 2. This research involved finding which digital device produced and image. This was done by finding the unique characteristics caused by pixel non-uniformity of the CCD array that took the original image. It was found that the cheaper the CCD array was the more data was available to collect from an image. After processing an image through a denoising filter the denoised image can be compared with another image produced by the device in question. The research says this data can also be collected from processed images such as post JPEG processing. What Should Be Done Now The process of collecting and securing data from digital cameras has not been formally defined currently. Without forensically sound techniques to collect data from devices that have the potential of deleting the data within them either from remote access or from loss of internal power warrants further investigation of a standardized technique. Crime investigation units should evaluate their methods of managing incoming digital evidence. After this evaluation they need to set formalized practices to ensure that data is not lost or damaged during the collection and preservation process. Digital Forensics New Mexico Tech R Prine 5
6 Future of Practice The protection of digital data should be on the mind of all forensic investigators at all times. A hardware device that shields a camera from outside networking sources and also supplies power to the camera at all times would ensure that data would not be lost. In addition the thought that the suspect may not of used this camera in a standard way needs to be a constant concern. Failing to realize that a digital camera is a mobile storage device, and that it has many areas to store information in could lead to the loss of valuable data. Future of Research An area of future research would be to design a device that is used only for the collection of forensic data from a digital camera. This device would provide power to the device, download all data from the device and would store the data in a forensically sound fashion. For the cell phone industry there is a device already in existence. This device is from Logicube and is called the CellDEK. This cell phone forensics tool kit contains 40 adapters to connect to over 200 types of cell phones. Inside of this kit is a data unit that will download all information for a phone without damaging any of the data. This unit does not block outside signals but this can be accomplished with a foil pouch or Faraday cage. A device like this could be produced for the camera industry. LogiCube s CellDEK unit 3 Digital Forensics New Mexico Tech R Prine 6
7 Bibliography 1. Secure Digital Camera, Paul Blythe and Jessica Fridrich, 2004, 2. Research at Binghamton, SUNY Binghamton, Jessica Fridrich, April 2006, 3. Logicube, Digital Forensics New Mexico Tech R Prine 7
Digital Forensics Mobile Device Data Extraction. Crime Scene/Digital and Multimedia Division
Mobile Device Data Extraction 12. MOBILE DEVICE DATA EXTRACTION PROCEDURE 12.1. Purpose 12.1.1. The purpose of this procedure is to extract data from mobile devices and/or removable media utilizing the
More informationDigital Forensics Lecture 01- Disk Forensics
Digital Forensics Lecture 01- Disk Forensics An Introduction to Akbar S. Namin Texas Tech University Spring 2017 Digital Investigations and Evidence Investigation of some type of digital device that has
More informationDigital Forensics Lecture 02- Disk Forensics
Digital Forensics Lecture 02- Disk Forensics Hard Disk Data Acquisition Akbar S. Namin Texas Tech University Spring 2017 Analysis of data found on a storage device It is more common to do dead analysis
More informationMOBILE DEVICE FORENSICS
MOBILE DEVICE FORENSICS Smart phones and other handheld electronics have become an important part of our everyday lives and the ever changing technology is making these devices a major source of digital
More informationGuide to Computer Forensics and Investigations Fourth Edition. Chapter 2 Understanding Computer Investigations
Guide to Computer Forensics and Investigations Fourth Edition Chapter 2 Understanding Computer Investigations Objectives Explain how to prepare a computer investigation Apply a systematic approach to an
More informationInvestigation of Non-traditional Equipment: Autos, Washers,
Investigation of Non-traditional Equipment: Autos, Washers, By: Ryan Ware Digital Forensics October 17, 2006 Executive Summary: Traditional digital forensics investigations usually involve the retrieval
More informationWindows Forensics Advanced
Windows Forensics Advanced Index: CF102 Description Windows Forensics - Advanced is the next step for forensics specialists, diving deeper into diverse processes on Windows OS serving computer investigators.
More informationIntroduction to Computer Forensics
Introduction to Computer Forensics Subrahmani Babu Scientist- C, Computer Forensic Laboratory Indian Computer Emergency Response Team (CERT-In) Department of Information Technology, Govt of India. babu_sivakami@cert-in.org.in
More informationBreaking the OutGuess
Breaking the OutGuess Jessica Fridrich, Miroslav Goljan, Dorin Hogea * presented by Deepa Kundur Department of Electrical and Computer Engineering * Department of Computer Science SUNY Binghamton, Binghamton,
More informationRunning Head: IPHONE FORENSICS 1. iphone Forensics Jaclyn Sottilaro Monica Figueroa-Santos Antonina Spinella Saint Leo University
Running Head: IPHONE FORENSICS 1 iphone Forensics Jaclyn Sottilaro Monica Figueroa-Santos Antonina Spinella Saint Leo University IPHONE FORENSICS 2 Abstract With an ever-growing evolution on technology,
More informationCOMP116 Final Project. Shuyan Guo Advisor: Ming Chow
Digital Forensics with ios Devices COMP116 Final Project Shuyan Guo Shuyan.guo@tufts.edu Advisor: Ming Chow Abstract This project focuses on ios device forensics. The study provides a general overview
More informationAndroid Forensics: Simplifying Cell Phone Examinations
Android Forensics: Simplifying Cell Phone Examinations Jeff Lessard, Gary Kessler 2010 Presented By: Manaf Bin Yahya Outlines Introduction Mobile Forensics Physical analysis Logical analysis CelleBrite
More informationForensics on the Windows Platform, Part Two by Jamie Morris last updated February 11, 2003
SecurityFocus HOME Infocus: Forensics on the Windows Platform, Part Two 2003-02-17 12:56:05-0900 SFOnline Forensics on the Windows Platform, Part Two by Jamie Morris last updated February 11, 2003 Introduction
More informationDigital Forensics Lecture 7. Network Analysis
Digital Forensics Lecture 7 Network Analysis This Week s Presentations Johnathan Ammons: Web Analysis Kelcey Tietjen: Wireless Network Traffic David Burton: Collection and Analysis of Network Traffic David
More informationAfter the Attack. Business Continuity. Planning and Testing Steps. Disaster Recovery. Business Impact Analysis (BIA) Succession Planning
After the Attack Business Continuity Week 6 Part 2 Staying in Business Disaster Recovery Planning and Testing Steps Business continuity is a organization s ability to maintain operations after a disruptive
More informationComputer Forensic Capabilities. Cybercrime Lab Computer Crime and Intellectual Property Section United States Department of Justice
Computer Forensic Capabilities Cybercrime Lab Computer Crime and Intellectual Property Section United States Department of Justice Agenda What is computer forensics? Where to find computer evidence Forensic
More informationIntroduction to Volume Analysis, Part I: Foundations, The Sleuth Kit and Autopsy. Digital Forensics Course* Leonardo A. Martucci *based on the book:
Part I: Foundations, Introduction to Volume Analysis, The Sleuth Kit and Autopsy Course* Leonardo A. Martucci *based on the book: File System Forensic Analysis by Brian Carrier LAM 2007 1/12h Outline Part
More informationA Study on Linux. Forensics By: Gustavo Amarchand, Keanu. Munn, and Samantha Renicker 11/1/2018
A Study on Linux 11/1/2018 Forensics By: Gustavo Amarchand, Keanu Munn, and Samantha Renicker Abstract In the field of computer forensics investigators must be familiar with many different systems and
More informationFile Organization Sheet
File Organization Sheet 1. What are File Structures? A File Structure is a combination of representations for data in files and of operations for accessing the data. A File Structure allows applications
More informationTesting the Date Maintenance of the File Allocation Table File System
Abstract Testing the Date Maintenance of the File Allocation Table File Tom Waghorn Edith Cowan University e-mail: twaghorn@student.ecu.edu.au The directory entries used in the File Allocation Table filesystems
More informationWhen Recognition Matters WHITEPAPER CLFE CERTIFIED LEAD FORENSIC EXAMINER.
When Recognition Matters WHITEPAPER CLFE www.pecb.com CONTENT 3 4 5 6 6 7 7 8 8 Introduction So, what is Computer Forensics? Key domains of a CLFE How does a CLFE approach the investigation? What are the
More informationDIGITAL FORENSICS FARADAY BAGS MISSION DARKNESS INTRODUCING. Securely disable ALL wireless connections in the field
INTRODUCING DIGITAL FORENSICS FARADAY BAGS Securely disable ALL wireless connections in the field ORDER YOURS TODAY! 800-438-7884 DIGITAL FORENSICS FARADAY BAGS We believe that building our products around
More informationDigital Forensics Lecture 5. DF Analysis Techniques
Digital Forensics Lecture 5 DF Analysis Techniques Current, Relevant Topics Wells Fargo is notifying an unspecified number of employees that their personal data, including names, Social Security numbers
More informationChapter Two File Systems. CIS 4000 Intro. to Forensic Computing David McDonald, Ph.D.
Chapter Two File Systems CIS 4000 Intro. to Forensic Computing David McDonald, Ph.D. 1 Learning Objectives At the end of this section, you will be able to: Explain the purpose and structure of file systems
More informationVideo and Audio Recordings Video and audio recordings of activities continue to
Chapter 3 Video and Audio Recordings Video and audio recordings of activities continue to become prevalent in investigations of criminal activity. Recordings include surveillance tapes recordings of criminal
More informationT.E. (Computer Engineering) Computer Forensic & Cyber Application
SND College of Engineering & Research Center, Yeola Class: Subject Name: Subject Teacher: T.E. (Computer Engineering) s Prof. Pansare R.B. Important Questions & Answers Q.1 Explain Patents, Copyright &
More informationDigital Forensics UiO
Digital Forensics UiO About Me I am: Eivind Utnes, M.Sc. I work for: Watchcom Security Group AS I work as: Information Security Consultant Security Audits Digital Forensics / Incident Response Education
More informationDigital Forensics UiO. Digital Forensics in Incident Management. About Me. Outline. Incident Management. Finding Evidence.
Digital Forensics UiO Outline Incident Management Digital Forensics Finding Evidence 3 About Me I am: Eivind Utnes, M.Sc. I work for: Watchcom Security Group AS I work as: Information Security Consultant
More informationComputer Forensics: Investigating Data and Image Files, 2nd Edition. Chapter 3 Forensic Investigations Using EnCase
Computer Forensics: Investigating Data and Image Files, 2nd Edition Chapter 3 Forensic Investigations Using EnCase Objectives After completing this chapter, you should be able to: Understand evidence files
More informationForensic Analysis Approach Based on Metadata and Hash Values for Digital Objects in the Cloud
Forensic Analysis Approach Based on Metadata and Hash Values for Digital Objects in the Cloud Ezz El-Din Hemdan 1, Manjaiah D.H 2 Research Scholar, Department of Computer Science, Mangalore University,
More informationDigital Forensics UiO
Digital Forensics UiO About Me I am: Eivind Utnes, M.Sc. I work for: Watchcom Security Group AS I work as: Head of Security Senior Information Security Consultant Security Audits Digital Forensics / Incident
More informationINSTITUTO SUPERIOR TÉCNICO
INSTITUTO SUPERIOR TÉCNICO DEPARTAMENTO DE ENGENHARIA INFORMÁTICA FORENSICS CYBER-SECURITY MEIC, METI Lab Guide II Evidence Examination 2015/2016 nuno.m.santos@tecnico.ulisboa.pt 1 Introduction This guide
More informationCourse 832 EC-Council Computer Hacking Forensic Investigator (CHFI)
Course 832 EC-Council Computer Hacking Forensic Investigator (CHFI) Duration: 5 days You Will Learn How To Understand how perimeter defenses work Scan and attack you own networks, without actually harming
More informationDigital Forensics UiO
About Me I am: Eivind Utnes, M.Sc. I work for: Watchcom Security Group AS Digital Forensics UiO I work as: Head of Security Senior Information Security Consultant Security Audits Digital Forensics / Incident
More informationA Road Map for Digital Forensic Research
1 Outline of Today s Lecture! A Road Map for Digital Forensic Research o Report from the 1 st Digital Forensic Research Workshop (DFRWS) 2001! Defining Digital Forensic Examination and Analysis Tools o
More informationCOMPUTER HACKING FORENSIC INVESTIGATOR (CHFI) V9
COMPUTER HACKING FORENSIC INVESTIGATOR (CHFI) V9 Course Code: 3401 Prepare for the CHFI certification while learning advanced forensics investigation techniques. EC-Council released the most advanced computer
More informationUSER MANUAL FOR BODY WORM CAMERA OT-T07
Content Overview... 3 Prompt Sounds:... 3 Status Mini LED... 5 Getting Started... 5 General informaion... 6 Minimum Requirements... 6 CAM MANAGER... 7 Different User Types:... 7 Setup... 8 DEMS Camera/Video
More informationImage Steganography (cont.)
Image Steganography (cont.) 2.2) Image Steganography: Use of Discrete Cosine Transform (DCT) DCT is one of key components of JPEG compression JPEG algorithm: (1) algorithm is split in 8x8 pixel squares
More informationA Detailed look of Audio Steganography Techniques using LSB and Genetic Algorithm Approach
www.ijcsi.org 402 A Detailed look of Audio Steganography Techniques using LSB and Genetic Algorithm Approach Gunjan Nehru 1, Puja Dhar 2 1 Department of Information Technology, IEC-Group of Institutions
More informationCOMPUTER HACKING Forensic Investigator
COMPUTER HACKING Forensic Investigator H.H. Sheik Sultan Tower (0) Floor Corniche Street Abu Dhabi U.A.E www.ictd.ae ictd@ictd.ae Course Introduction: CHFIv8 presents a detailed methodological approach
More informationCHALLENGES IN MOBILE FORENSICS TECHNOLOGY, METHODOLOGY, TRAINING, AND EXPENSE
UDC 343.3/.7:340.6 Pregledni rad CHALLENGES IN MOBILE FORENSICS TECHNOLOGY, METHODOLOGY, TRAINING, AND EXPENSE American University in Bosnia & Herzegovina, BOSNIA & HERZEGOVINA, e-mail: edita.bajramovic@gmail.com
More informationRunning head: FTK IMAGER 1
Running head: FTK IMAGER 1 FTK Imager Jean-Raymond Ducasse CSOL-590 June 26, 2017 Thomas Plunkett FTK IMAGER 2 FTK Imager Outline Process for Adding Individual Files & Folders as Evidence Items Although
More informationDigital Forensics Practicum CAINE 8.0. Review and User s Guide
Digital Forensics Practicum CAINE 8.0 Review and User s Guide Ana L. Hernandez Master of Science in Cybersecurity Digital Forensics Concentration University of South Florida 12-8-2017 Table of Contents
More informationLarge Data Analysis. Vincent Urias November 20, 2006 CS 489- Digital Forensics
Large Data Analysis Vincent Urias November 20, 2006 CS 489- Digital Forensics Topic: Large Data Analysis Executive Summary: As digital media becomes readably accessible and cheaper, the average system
More informationTopic 1: Analyzing Mobile Devices
Topic 1: Analyzing Mobile Devices One aspect of forensics procedure is to secure and analyze mobile devices. What types of tools can be selected for use in mobile device investigations and how are they
More informationDATA RECOVERY FROM PROPRIETARY- FORMATTED CCTV HARD DISKS
Chapter 15 DATA RECOVERY FROM PROPRIETARY- FORMATTED CCTV HARD DISKS Aswami Ariffin, Jill Slay and Kim-Kwang Choo Abstract Digital video recorders (DVRs) for closed-circuit television (CCTV) commonly have
More informationInstructions Usb Flash Drive Recovery Ware >>>CLICK HERE<<<
Instructions Usb Flash Drive Recovery Ware Software Mac Paragon Rescue Kit for Mac OS X 14 Free allows to create bootable recovery USB-flash drive or external hard drive for a few clicks, that will help
More informationMFP: The Mobile Forensic Platform
MFP: The Mobile Forensic Platform Abstract Digital forensics experts perform investigations of machines for triage to see if there is a problem, as well as to gather evidence and run analyses. When the
More informationCOWLEY COLLEGE & Area Vocational Technical School
COWLEY COLLEGE & Area Vocational Technical School COURSE PROCEDURE FOR Student Level: This course is open to students on the college level in either the freshman or sophomore year. Catalog Description:
More informationFlash Media A Forensics View. Barry Gavrich CS 589 Digital Forensics David Duggan, Bob Hutchinson, Dr. Lorie Liebrock 17 October 2006
Flash Media A Forensics View Barry Gavrich CS 589 Digital Forensics David Duggan, Bob Hutchinson, Dr. Lorie Liebrock 17 October 2006 Executive Summary Flash media consists of non-volatile memory, which
More informationWhat is Data Storage?
What is Data Storage? When we talk about storing data, we mean putting the data in a known place. We can later come back to that place and get our data back again. Writing data or saving data are other
More informationApplications for Preservation and Production in our Digital World
Applications for Preservation and Production in our Digital World Gavin W. Manes, Ph.D. President, Digital Forensics Professionals, Inc. Research Assistant Professor, The University of Tulsa Background
More informationForensic Analysis. The Treachery of Images. Alexandre Dulaunoy. February 5, Forensic Analysis Bibliography Use case Q and A
Bibliography Use case Q and A The Treachery of Images February 5, 2016 Bibliography Use case Q and A Introduction Disclaimer Images ( The Treachery of Images ) (1928) Rene Magritte La Trahison des Bibliography
More informationNew Model for Cyber Crime Investigation Procedure
New Model for Cyber Crime Investigation Procedure * *Dept. of IT & Cyber Police, Youngdong University, Rep. of Korea ydshin@youngdong.ac.kr doi:10.4156/jnit.vol2.issue2.1 Abstract In this paper, we presented
More informationIntroduction to Digital Photography (a MacSTAC four part Mini-series)
Introduction to Digital Photography (a MacSTAC four part Mini-series) Part 1: Choosing your digital camera. Part 2: Now What? Bringing the images into the computer; basic image enhancement using iphoto.
More informationDigital Forensics. Also known as. General definition: Computer forensics or network forensics
TEL2813/IS2621 Security Management James Joshi Associate Professor Lecture 3 Jan 29, 2014 Introduction ti to Digital Forensics Digital Forensics Also known as Computer forensics or network forensics General
More informationFRAME BASED RECOVERY OF CORRUPTED VIDEO FILES
FRAME BASED RECOVERY OF CORRUPTED VIDEO FILES D.Suresh 1, D.V.Ramana 2, D.Arun Kumar 3 * 1 Assistant Professor, Department of ECE, GMRIT, RAJAM, AP, INDIA 2 Assistant Professor, Department of ECE, GMRIT,
More informationCertified Digital Forensics Examiner
Certified Digital Forensics Examiner ACCREDITATIONS EXAM INFORMATION The Certified Digital Forensics Examiner exam is taken online through Mile2 s Assessment and Certification System ( MACS ), which is
More informationCyber Chain of Custody. Acquisition. Cyber Chain of Custody. Evidence Dynamics and the Introduction of Error. Must Be Proven!
Acquisition Cyber Chain of Custody Week 2 Protect the data from the Investigator Cyber Chain of Custody Cyber Chain of Custody Just like regular evidence, e- evidence must adhere to a Chain of Custody
More informationTable Of Contents. Investigators 3 Android Phone Recovery Stick 4 Backpack Camera 5 Bag Camera (CCD Colour Camera) 6 Porn Detection Stick 7
Table Of Contents Investigators 3 Android Phone Recovery Stick 4 Backpack Camera 5 Bag Camera (CCD Colour Camera) 6 Porn Detection Stick 7 2 Investigators Although Spy Equipment UK has a varied range of
More informationSHAW ACADEMY NOTES. Diploma in Lightroom
SHAW ACADEMY NOTES Diploma in Lightroom Diploma in Lightroom Lesson 7 Watermark, Exporting and Print Module Edit Watermarks In this section you can edit the text for the watermark. In any module, choose
More informationGuide to Computer Forensics and Investigations Fourth Edition. Chapter 6 Working with Windows and DOS Systems
Guide to Computer Forensics and Investigations Fourth Edition Chapter 6 Working with Windows and DOS Systems Understanding Disk Drives Disk drives are made up of one or more platters coated with magnetic
More informationThe UNIX file system! A gentle introduction"
ISA 785 Research in Digital Forensics The UNIX file system! A gentle introduction" ISA 785! Angelos Stavrou, George Mason University! File System Basics 2! Readings from the Textbook! Unix / EXT3! FAT/NTFS!
More informationThe. Macro 5. Attachments NEW! 5X Non-Contact Close-up NEW! .67X Close-up. 5X (Contact) Close-up. Fluorescein Filter.
The Macro 5 Attachments 5X Non-Contact Close-up.67X Close-up 5X (Contact) Close-up Fluorescein Filter Polarizing Filter NEW! NEW! Macro 5 SLR Camera Table of contents Product overview Product description/positioning.......................................................
More informationProStalk PC2000. Nature Camera User Manual
ProStalk PC2000 Nature Camera User Manual Index 1. Introduction... 3 2. Camera Specifications... 4 3. Parts Identification... 5 4. Packing Contents... 6 5. Battery and SD Card Installation... 6 6. Setup
More informationTopic Data carving, as defined by Digital Forensic Research Workshop is the process of
Chad Cravens 8/25/2006 DF Research Project 1 Data Carving Topic Data carving, as defined by Digital Forensic Research Workshop is the process of extracting a collection of data from a larger data set.
More informationThe Computer Revolution. Chapter 1. The Processor Market. Classes of Computers. Morgan Kaufmann Publishers August 28, 2013
Chapter 1 Computer Abstractions and Technology The Computer Revolution Progress in computer technology Underpinned by Moore s Law Makes novel applications feasible Computers in automobiles Cell phones
More informationForensic Image Capture. Digital Forensics NETS1032 Winter 2018
Forensic Image Capture Digital Forensics NETS1032 Winter 2018 Storage Devices Storage devices are implemented using one or more of several technologies The oldest method of modern information storage is
More informationCertified Digital Forensics Examiner
Certified Digital Forensics Examiner Course Title: Certified Digital Forensics Examiner Duration: 5 days Class Format Options: Instructor-led classroom Live Online Training Prerequisites: A minimum of
More informationMOBILedit Forensic Express
MOBILedit Forensic Express All-in-one phone forensic tool from pioneers in the field MOBILedit Forensic Express is a phone and cloud extractor, data analyzer and report generator all in one solution. A
More informationTomTom GPS Device Forensics
TomTom GPS Device Forensics Written by Ben LeMere & Andy Sayers For more information visit GPSForensics.org blemere@gpsforensics.org asayers@gpsforensics.org Introduction: The sales of portable navigation
More informationIncident Response Data Acquisition Guidelines for Investigation Purposes 1
Incident Response Data Acquisition Guidelines for Investigation Purposes 1 1 Target Audience This document is aimed at general IT staff that may be in the position of being required to take action in response
More informationMODULE No. 33: Digital Crime Scene Investigation
SUBJECT Paper No. and Title Module No. and Title Module Tag FSC_P16_M33 TABLE OF CONTENTS 1. Learning Outcomes 2. Introduction 3. Digital Crime Scene Investigation. 3.1 What Is Digital Evidence? 3.2 Working
More informationForensic Analysis of ios Device Backups
Forensic Analysis of ios Device Backups ios Apple s mobile operating system Originally known as iphone OS Unveiled in 2007 Current version is 8.3, released April 8, 2015 ios Runs on: iphone ipod Touch
More information8. Hidden Surface Elimination
8. Hidden Surface Elimination Identification and Removal of parts of picture that are not visible from a chosen viewing position. 1 8. Hidden Surface Elimination Basic idea: Overwriting Paint things in
More informationVISUAL CORRELATION IN THE CONTEXT OF POST-MORTEM ANALYSIS
VISUAL CORRELATION IN THE CONTEXT OF POST-MORTEM ANALYSIS Michael Hayoz and Ulrich Ultes-Nitsche Research group on telecommunications, networks & security Department of Informatics, University of Fribourg,
More informationAUDIT: AUTOMATED DISK INVESTIGATION TOOLKIT
AUDIT: AUTOMATED DISK INVESTIGATION TOOLKIT Umit Karabiyik, Sudhir Aggarwal Department of Computer Science, Florida State University Tallahassee, Florida, USA {karabiyi, sudhir}@cs.fsu.edu ABSTRACT Software
More informationMobile Forensics. Luis Rivera, Michael Zanchelli, Julio Poblete. Capstone: System Security IASP-470. Dr. John Yoon. Due 30 April, 2018
1 Mobile Forensics Luis Rivera, Michael Zanchelli, Julio Poblete Capstone: System Security IASP-470 Dr. John Yoon Due 30 April, 2018 2 Abstract Cell Phones have become an essential part of any person s
More informationFile Systems and Volumes
File Systems and Volumes Section II. Basic Forensic Techniques and Tools CSF: Forensics Cyber-Security MSIDC, Spring 2015 Nuno Santos Summary! Data organization in storage systems! File deletion and recovery!
More informationHashing Techniques for Mobile Device Forensics
SMALL SCALE DIGITAL DEVICE FORENSICS JOURNAL, VOL. 3, NO. 1, JUNE 2009 ISSN# 1941-6164 1 Hashing Techniques for Mobile Device Forensics Shira Danker Rick Ayers Richard P. Mislan Abstract- Previous research
More informationSMOKE DETECTOR SD HIDDEN CAMERA WITH NIGHTVISION
SMOKE DETECTOR SD HIDDEN CAMERA WITH NIGHTVISION SKU: HCSmokeConeSD THANK YOU FOR PURCHASING THE SMOKE DETECTOR SD Please read this manual before operating the Smoke Detector SD and keep it handy. Fewer
More informationSSDD and SSDF Handset seizure Paraben * Seizure test SE K850, SE Xperia
SSDD and SSDF Handset seizure Paraben * Seizure test SE K850, SE Xperia Small Scale Digital Device (SSDD) SSDD definition A Small Scale Digital Device is any of a variety of small form factor devices utilizing
More informationForensic Analysis of Windows 10 Volume Shadow Copy Service
Forensic Analysis of Windows 10 Volume Shadow Copy Service Ahmad Ghafarian, Ph.D. Dept. of Computer Science & Information Systems Mike Cottrell College of Business University of North Georgia Dahlonega,
More informationForensics for Cybersecurity. Pete Dedes, CCE, GCFA, GCIH
Forensics for Cybersecurity Pete Dedes, CCE, GCFA, GCIH WHO AM I? Pete Dedes, Forensics Analyst, Sword & Shield Enterprise Security Education Bachelor s of Science Computer Science, University of Tennessee
More informationInterested in learning more? Global Information Assurance Certification Paper. Copyright SANS Institute Author Retains Full Rights
Global Information Assurance Certification Paper Copyright SANS Institute Author Retains Full Rights This paper is taken from the GIAC directory of certified professionals. Reposting is not permited without
More informationFORENSICS CYBER-SECURITY
FORENSICS CYBER-SECURITY MEIC, METI 2016/2017 1 st Semester 1 st Exam January 10, 2017 Duration: 2h00 - Use a pen only; no extra material is allowed, such as calculator, scratch paper, etc. - Write your
More informationOperating Systems. Designed and Presented by Dr. Ayman Elshenawy Elsefy
Operating Systems Designed and Presented by Dr. Ayman Elshenawy Elsefy Dept. of Systems & Computer Eng.. AL-AZHAR University Website : eaymanelshenawy.wordpress.com Email : eaymanelshenawy@yahoo.com Reference
More information1. All of the following are examples of real security and privacy risks EXCEPT: A. hackers. B. spam. C. viruses. D. identity theft. 2.
COMPUTER-BASED-OBJECTIVE-QUESTIONS www.mission2win.in 1. All of the following are examples of real security and privacy risks EXCEPT: A. hackers. B. spam. C. viruses. D. identity theft. 2. A process known
More informationCHAPTER 6 EFFICIENT TECHNIQUE TOWARDS THE AVOIDANCE OF REPLAY ATTACK USING LOW DISTORTION TRANSFORM
109 CHAPTER 6 EFFICIENT TECHNIQUE TOWARDS THE AVOIDANCE OF REPLAY ATTACK USING LOW DISTORTION TRANSFORM Security is considered to be the most critical factor in many applications. The main issues of such
More informationCamera. Mobile Camera Mobile Camera Precautions Camera Using Display as Viewfinder
Mobile....................................... -2 Mobile Precautions................................ -2............................................. -3 Using Display as Viewfinder................................
More informationAndroid Spybot. ECE Capstone Project
Android Spybot ECE Capstone Project Erik Bruckner - bajisci@eden.rutgers.edu Jason Kelch - jkelch@eden.rutgers.edu Sam Chang - schang2@eden.rutgers.edu 5/6/2014 1 Table of Contents Introduction...3 Objective...3
More informationS23: You Have Been Hacked, But Where s the Evidence? A Quick Intro to Digital Forensics Bill Pankey, Tunitas Group
S23: You Have Been Hacked, But Where s the Evidence? A Quick Intro to Digital Forensics Bill Pankey, Tunitas Group You Have Been Hacked, But Where s the Evidence? A Quick Intro to Digital Forensics Bill
More informationGeneral Computing Concepts. Coding and Representation. General Computing Concepts. Computing Concepts: Review
Computing Concepts: Review Coding and Representation Computers represent all information in terms of numbers ASCII code: Decimal number 65 represents A RGB: (255,0,0) represents the intense red Computers
More informationVIDEO MONITORING SYSTEMS
VIDEO MONITORING SYSTEMS CONFIDENCE, CONTROL, CONVENIENCE 2005 Security Systems Nanny-Cam Nursery room Security and Peace of Mind Whether you need to keep an eye on your home, your property, or your small
More informationForensic and Log Analysis GUI
Forensic and Log Analysis GUI David Collett I am not representing my Employer April 2005 1 Introduction motivations and goals For sysadmins Agenda log analysis basic investigations, data recovery For forensics
More informationInstitute for Advanced Studies 16 th June 2010 Digital Triage
Institute for Advanced Studies 16 th June 2010 Digital Triage Mike Dickson Forensic Analyst SCDEA e-crime What Is Triage? Three Casualty States Those who are likely to live, regardless of what care they
More informationComptia RC CompTIA Security+ Recertification Exam. For More Information Visit link below: Version = Product
CERTSGRADE High Grade and Valuable Preparation Stuff Comptia RC0-501 CompTIA Security+ Recertification Exam For More Information Visit link below: http://www.certsgrade.com/ Version = Product Question:
More informationJeff Hinson CS525, Spring 2010
DIGITAL WATERMARKING Jeff Hinson CS525, Spring 2010 Outline Introduction Challenges Algorithms / Methods Detection Existing Programs Lessons Learned / Conclusion Questions Jeff Hinson CS525 Slide #1 Introduction
More informationPharmacy college.. Assist.Prof. Dr. Abdullah A. Abdullah
The kinds of memory:- 1. RAM(Random Access Memory):- The main memory in the computer, it s the location where data and programs are stored (temporally). RAM is volatile means that the data is only there
More informationTape pictures. CSE 30341: Operating Systems Principles
Tape pictures 4/11/07 CSE 30341: Operating Systems Principles page 1 Tape Drives The basic operations for a tape drive differ from those of a disk drive. locate positions the tape to a specific logical
More information