0% found this document useful (0 votes)

65 views

Digital Forensics: The Branches: Joe Abraham

Digital forensics has five main branches: network forensics, computer forensics, mobile forensics, database forensics, and forensic data analysis. Each branch analyzes specific types of digital evidence like network traffic, files on computers and mobile devices, and database transaction logs. Key aspects of digital forensics include logging information, preserving evidence, analyzing patterns in the data, creating forensic images of evidence, and "painting the picture" to understand what happened. Large amounts of structured and unstructured data are created every day that require different forensic analysis techniques.

Uploaded by

EDu Jose

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

65 views

Digital Forensics: The Branches: Joe Abraham

Uploaded by

EDu Jose

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 35

Digital Forensics: The Branches

Joe Abraham
IT SECURITY PROFESSIONAL

@joeabrah www.joestechinsights.com
Forensic Science

Forensic Science

Other
Forensic Digital Forensics
Subdivisions
Digital Evidence
Overview
The Five Branches
- Network Forensics
- Computer Forensics
- Mobile Forensics
- Database Forensics
- Forensic Data Analysis
Network Forensics
Forensic Science

Forensic Science

Other
Forensic Digital Forensics
Subdivisions

Network
Digital Evidence
Digital evidence includes information on computers,
audio files, video recordings, and digital images.
-Nist.gov
Examples of Digital Evidence in the Network

Captured network Network device logs Email

traffic

Files Web traffic Any other traffic

“transmitted”
What Is Network Forensics Used For?

Analyze attack methods and Discover and understand

their durations attack vectors

SIEM
IDS/IPS

Identity Services
“I think you can have a ridiculously
enormous and complex data set, but if
you have the right tools and
methodology then it’s not a problem.”
Aaron Koblin
Computer Forensics
Forensic Science

Forensic Science

Other
Forensic Digital Forensics
Subdivisions

Network Computer
Examples of Digital Evidence in Computers

Logs, registry, Documents, The operating Hard drive data

application pictures, videos, system or the and RAM data
data, and web and other files entire computer
history
Analyzing attacks
Verifying compliance
Troubleshooting
What Is Computer
Who, what, where,
when, why? Forensics Used For?
Develop remediation
How?
Painting the Picture

Use commercial and open-source

applications
Be thorough and put the facts together
Handle the evidence properly
Prove what happened
- Make it readable
- Make it understandable
- Eliminate doubt
Mobile Forensics
Forensic Science

Forensic Science

Other
Forensic Digital Forensics
Subdivisions

Network Computer Mobile

Examples of Digital Evidence in Mobile Devices

Phonebook and call information

Messaging application data and SMS messages

Location data

Application data
Sample Use Cases for Mobile Forensics

Analyzing attacks via mobile Tracking movement of

devices suspects

Using call and message

Supplementing evidence from
records to prove wrongful
acts other branches
Prevention of data manipulation
Remote wipe
Data/evidence - Only needs power and connectivity

Preservation Helps ensure availability and integrity

Necessary in all branches of digital
forensics
Database Forensics
Forensic Science

Forensic Science

Other
Forensic Digital Forensics
Subdivisions

Network Computer Mobile Database

Examples of Digital Evidence in Databases

Security/access logs Transaction logs

Files System logs

Pattern Analysis

One file or many?

Specific files?
Specific order?
Find the pattern to figure out why
Help paint the picture
Version Control
In computing, the management and maintenance of a
software system running different versions of various
programs.
–Dictionary.com
Forensic Data Analysis
Forensic Science

Forensic Science

Other
Forensic Digital Forensics
Subdivisions

Data
Network Computer Mobile Database Analysis
Structured Data
Structured data is a standardized format for providing
information.
-Google Developers
Unstructured Data
Non-traditional data or data format; data that may not
fit into a structured database.
Pattern Analysis

Structured Data Unstructured Data

Queries, easier to accomplish, Scripts and software, more
can pinpoint key words and difficult to properly analyze,
phrases business intelligence and big
data
Make at least one
forensic image
Investigator works on
this image
Prevents Creating a Forensic Image
compromising of
evidence
Regulatory and legal
considerations
What is digital evidence?
Five branches of digital forensics
Summary
The importance of each branch
Key aspects surrounding digital forensics
- Logging
- Evidence preservation
- Painting the picture
- Data backups
- Forensic imaging
Forensic Science

Forensic Science

Other
Forensic Digital Forensics
Subdivisions

Data
Network Computer Mobile Database Analysis
How Much Data Is Created Every Day?

*April 5, 2017, Ben Walker, vouchercloud

2,500,000,000 GB

Average Number of Connected Devices

*Per U.S. Household, Pew Research Center, 2016

5
“We keep moving forward, opening
new doors, and doing new things,
because we’re curious and curiosity
keeps leading us down new paths.”
Walt Disney

Ahalia Hospital Appointmnet Letter PDF
0% (1)
Ahalia Hospital Appointmnet Letter PDF
5 pages
DIGITALFORENSICS DigitalEvidenceinjudicialSystem PDF
No ratings yet
DIGITALFORENSICS DigitalEvidenceinjudicialSystem PDF
19 pages
GitHub Mikeroyal Digital Forensics Guide Digital Forensics Guide
No ratings yet
GitHub Mikeroyal Digital Forensics Guide Digital Forensics Guide
30 pages
Final-Digital-Forensics-Unlocking-the-Secrets-of-the-Digital-World (5)
No ratings yet
Final-Digital-Forensics-Unlocking-the-Secrets-of-the-Digital-World (5)
14 pages
Forensic Computer Analysis by Performing An Autopsy On Flash Disk
No ratings yet
Forensic Computer Analysis by Performing An Autopsy On Flash Disk
7 pages
Skip To Content
No ratings yet
Skip To Content
12 pages
Qualitative Assessment of Digital Forens
No ratings yet
Qualitative Assessment of Digital Forens
8 pages
Where can buy Digital Forensics Investigation and Response 4th Edition Easttom Chuck ebook with cheap price
100% (6)
Where can buy Digital Forensics Investigation and Response 4th Edition Easttom Chuck ebook with cheap price
37 pages
A Comparative Analysis of OS Forensics Tools
No ratings yet
A Comparative Analysis of OS Forensics Tools
11 pages
Cyber U-4 One Shot Notes
No ratings yet
Cyber U-4 One Shot Notes
32 pages
QUIZ_OUTPUT_FINAL_chap_3
No ratings yet
QUIZ_OUTPUT_FINAL_chap_3
16 pages
CH 01
No ratings yet
CH 01
54 pages
KitPetrie DigitalForensics
No ratings yet
KitPetrie DigitalForensics
25 pages
Digital Forensics Lecture_1 part_1 (1)
No ratings yet
Digital Forensics Lecture_1 part_1 (1)
4 pages
Unit-4
No ratings yet
Unit-4
59 pages
Digital Forensics Basics - Esec Forte DFIR Internship 2022 - Arijit Bhowmick (Sys41x4)
No ratings yet
Digital Forensics Basics - Esec Forte DFIR Internship 2022 - Arijit Bhowmick (Sys41x4)
28 pages
What Is Digital Forensics - History, Process, Types, Challenges
100% (2)
What Is Digital Forensics - History, Process, Types, Challenges
6 pages
CA Anand Vilas Pansare Paper On A Comparative Study of Digital Forensics Tools
No ratings yet
CA Anand Vilas Pansare Paper On A Comparative Study of Digital Forensics Tools
9 pages
Digiital Forensic Part 1
No ratings yet
Digiital Forensic Part 1
41 pages
Prde Noes Part - 1
No ratings yet
Prde Noes Part - 1
16 pages
New Delhi 31072015 CMA Amit Kumar 1
No ratings yet
New Delhi 31072015 CMA Amit Kumar 1
52 pages
Ioana Vasiu Computer Forensics
No ratings yet
Ioana Vasiu Computer Forensics
71 pages
Introduction to Digital Forensics and Future Scopes (1)
No ratings yet
Introduction to Digital Forensics and Future Scopes (1)
10 pages
Cyber Forensic
No ratings yet
Cyber Forensic
123 pages
A Multidisciplinary Digital Forensic Investigation Process Model
No ratings yet
A Multidisciplinary Digital Forensic Investigation Process Model
12 pages
Understand Computer Forensics
No ratings yet
Understand Computer Forensics
35 pages
Cyber Forensics Tools A Review On Mechanism and Emerging Challenges
No ratings yet
Cyber Forensics Tools A Review On Mechanism and Emerging Challenges
8 pages
Interviewing in Forensic Investigation
No ratings yet
Interviewing in Forensic Investigation
5 pages
Design and Implementation of A Live-Analysis Digital Forensic System
No ratings yet
Design and Implementation of A Live-Analysis Digital Forensic System
5 pages
Cyber Security Unit 4
No ratings yet
Cyber Security Unit 4
15 pages
Interesting Top 10 Digital Forensics Thesis Topics (Innovative Ideas)
No ratings yet
Interesting Top 10 Digital Forensics Thesis Topics (Innovative Ideas)
10 pages
Rupalicyberreport
No ratings yet
Rupalicyberreport
16 pages
Unit II
No ratings yet
Unit II
13 pages
Jaipur Engineering College and Research Center
No ratings yet
Jaipur Engineering College and Research Center
24 pages
ACC 4613 L8 - Digital Forensic - Lecture Notes
No ratings yet
ACC 4613 L8 - Digital Forensic - Lecture Notes
44 pages
Criminalitate Informatica
No ratings yet
Criminalitate Informatica
56 pages
Digital Forensics and Artificial Intelligence A Study
No ratings yet
Digital Forensics and Artificial Intelligence A Study
4 pages
Unit-1-1. Foundations of Digital Forensics
No ratings yet
Unit-1-1. Foundations of Digital Forensics
31 pages
unit 4 cyber security _Kamna.pptx
No ratings yet
unit 4 cyber security _Kamna.pptx
55 pages
"Network Forensics Is A Science That Centers On The Discovery and Retrieval of Information Surrounding A Cybercrime Within A Networked Environment
No ratings yet
"Network Forensics Is A Science That Centers On The Discovery and Retrieval of Information Surrounding A Cybercrime Within A Networked Environment
10 pages
University of Jub1
No ratings yet
University of Jub1
22 pages
Class Notes2
No ratings yet
Class Notes2
2 pages
Digital Forensics
No ratings yet
Digital Forensics
14 pages
Module 5
No ratings yet
Module 5
14 pages
Csf-Unit 3
No ratings yet
Csf-Unit 3
19 pages
Cyber Forensic Analysis - A Machine Learning Prediction: Group Members
No ratings yet
Cyber Forensic Analysis - A Machine Learning Prediction: Group Members
11 pages
Cyber Forensic
100% (1)
Cyber Forensic
6 pages
Cyber Forensics and Its Applications
No ratings yet
Cyber Forensics and Its Applications
10 pages
Understanding Data Deletion and Data Recovery in Windows
No ratings yet
Understanding Data Deletion and Data Recovery in Windows
29 pages
Chapter 1
No ratings yet
Chapter 1
30 pages
Unit 4 Cyber Security_20240804_100751_0000
No ratings yet
Unit 4 Cyber Security_20240804_100751_0000
15 pages
Cse Computer Forensics
100% (1)
Cse Computer Forensics
21 pages
The Basics of Digital Forensics v5
No ratings yet
The Basics of Digital Forensics v5
7 pages
Performance Evaluation of Open-Source Disk Imaging Tools For Collecting Digital Evidence
No ratings yet
Performance Evaluation of Open-Source Disk Imaging Tools For Collecting Digital Evidence
9 pages
Analysis of Cloud Forensics Review and I
No ratings yet
Analysis of Cloud Forensics Review and I
8 pages
Cyber Forensics
From Everand
Cyber Forensics
Ophelia Marlowe
No ratings yet
CITS1003 9 Forensics
No ratings yet
CITS1003 9 Forensics
36 pages
lecture 1 (2)
No ratings yet
lecture 1 (2)
28 pages
Co6i-Eti-Unit 4 Notes
No ratings yet
Co6i-Eti-Unit 4 Notes
23 pages
Topic 10
No ratings yet
Topic 10
31 pages
Practical Digital Forensics
From Everand
Practical Digital Forensics
Richard Boddington
No ratings yet
Index
No ratings yet
Index
18 pages
Intro To Programming
No ratings yet
Intro To Programming
113 pages
Instant ebooks textbook Formulas and Calculations for Drilling Production and Workover 5th Edition William C. Lyons download all chapters
100% (1)
Instant ebooks textbook Formulas and Calculations for Drilling Production and Workover 5th Edition William C. Lyons download all chapters
55 pages
Readme GibbsCAM 2012 Plus
No ratings yet
Readme GibbsCAM 2012 Plus
8 pages
All-State Softball Team 2022
No ratings yet
All-State Softball Team 2022
1 page
Gateway and Apple: Two Different Journey Into Retailing: Aiub/Fba/Mba/Scm
No ratings yet
Gateway and Apple: Two Different Journey Into Retailing: Aiub/Fba/Mba/Scm
1 page
TRM256 Welded Reinforcement Grids
No ratings yet
TRM256 Welded Reinforcement Grids
2 pages
Phast Release Notes
No ratings yet
Phast Release Notes
9 pages
Present Perfect Continuous
No ratings yet
Present Perfect Continuous
21 pages
Site Safety Audit Checklist Sample PDF Report
No ratings yet
Site Safety Audit Checklist Sample PDF Report
6 pages
Financial Statement 1
No ratings yet
Financial Statement 1
2 pages
B.voc Operation Theatre Technology
No ratings yet
B.voc Operation Theatre Technology
51 pages
AllHome Corporation
No ratings yet
AllHome Corporation
3 pages
Managerial ACCT Quiz 81 PDF
No ratings yet
Managerial ACCT Quiz 81 PDF
4 pages
Sports and Games Student PDF
No ratings yet
Sports and Games Student PDF
3 pages
Cigre, 13 Years Test Experience With Short Circuit Withstand Capability of Large Power Transformers
No ratings yet
Cigre, 13 Years Test Experience With Short Circuit Withstand Capability of Large Power Transformers
7 pages
Bhavesh Resume
No ratings yet
Bhavesh Resume
2 pages
SCELP Enforcement Project Moves Forward
No ratings yet
SCELP Enforcement Project Moves Forward
6 pages
Archetype-Abasi-v1 1 0
No ratings yet
Archetype-Abasi-v1 1 0
19 pages
Glass and Building Regulations Impact Safety
No ratings yet
Glass and Building Regulations Impact Safety
11 pages
Revisedloadandresistancefactorsforthe AASHTOLRFDBridge Design Specifications
No ratings yet
Revisedloadandresistancefactorsforthe AASHTOLRFDBridge Design Specifications
14 pages
Support & Learning: Autodesk Knowledge Network (/)
No ratings yet
Support & Learning: Autodesk Knowledge Network (/)
5 pages
Merlin Gerin Powerpact 4 Panelboards Technical
No ratings yet
Merlin Gerin Powerpact 4 Panelboards Technical
20 pages
Evaluation and Management of Hypertensive Emergency
No ratings yet
Evaluation and Management of Hypertensive Emergency
14 pages
Publication 2
No ratings yet
Publication 2
3 pages
srx300 Datasheet
No ratings yet
srx300 Datasheet
4 pages
Treatment of Pediatric Overweight and Obesity Position of the Academy of Nutrition and Dietetics Based on an Umbrella Review of Systematic Reviews
No ratings yet
Treatment of Pediatric Overweight and Obesity Position of the Academy of Nutrition and Dietetics Based on an Umbrella Review of Systematic Reviews
14 pages
Blood Report - 2
No ratings yet
Blood Report - 2
13 pages
22 December THDC Rishikesh Telephone Dir PDF
No ratings yet
22 December THDC Rishikesh Telephone Dir PDF
31 pages

Digital Forensics: The Branches: Joe Abraham

Uploaded by

Digital Forensics: The Branches: Joe Abraham

Uploaded by

Digital Forensics: The Branches

Captured network Network device logs Email

Files Web traffic Any other traffic

Analyze attack methods and Discover and understand

Verify regulatory and Troubleshoot network

Logs, registry, Documents, The operating Hard drive data

Use commercial and open-source

Network Computer Mobile

Phonebook and call information

Messaging application data and SMS messages

Analyzing attacks via mobile Tracking movement of

Using call and message

Preservation Helps ensure availability and integrity

Network Computer Mobile Database

Security/access logs Transaction logs

Files System logs

One file or many?

Structured Data Unstructured Data

*April 5, 2017, Ben Walker, vouchercloud

Average Number of Connected Devices

*Per U.S. Household, Pew Research Center, 2016

You might also like