Scribd
Upload
2K views11 pages

Seminar Topic On Compuetr Forensics

Computer forensics involves the scientific investigation and analysis of digital devices and networks to gather evidence for legal cases. The process includes identifying devices, preserving evidence, analyzing data, documenting findings, and presenting results. Some key types are disk, network, database, and memory forensics. Tools used include COFEE, The Coroner's Toolkit, and The Sleuth Kit. Computer forensics has applications in intellectual property theft cases, fraud investigations, and employment disputes by efficiently tracking cyber criminals and producing evidence for court. Challenges include proving digital evidence was not tampered with and keeping records secure.

Uploaded by

S17IT1207Hindu Madhavi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
2K views11 pages

Seminar Topic On Compuetr Forensics

Computer forensics involves the scientific investigation and analysis of digital devices and networks to gather evidence for legal cases. The process includes identifying devices, preserving evidence, analyzing data, documenting findings, and presenting results. Some key types are disk, network, database, and memory forensics. Tools used include COFEE, The Coroner's Toolkit, and The Sleuth Kit. Computer forensics has applications in intellectual property theft cases, fraud investigations, and employment disputes by efficiently tracking cyber criminals and producing evidence for court. Challenges include proving digital evidence was not tampered with and keeping records secure.

Uploaded by

S17IT1207Hindu Madhavi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 11

SEMINAR TOPIC ON

COMPUETR
FORENSICS

Presented by:
B Hindu Madhavi
List of contents
• Introduction
• Types
• Characteristics
• Procedure
• Tools
• Applications
• Advantages
• Disadvantages
INTRODUCTION
Computer Forensics is a scientific method of investigation and analysis in order
to gather evidence from the digital devices or computer networks and components
which is suitable for presentation in a court of law or legal body.

It involves performing a structured investigation while maintaining a


documented chain of evidence to find out exactly what happened on a computer
and who was responsible for it.
TYPES
• Disk Forensics: It deals with extracting raw data from primary or secondary storage of the device
by searching active, modified, or deleted files.
• Network Forensics: It is a sub-branch of Computer Forensics which involves monitoring and
analysing the computer network traffic.
• Database Forensics: It deals with the study and examination of databases and their related
metadata.
• Malware Forensics: It deals with the identification of suspicious code and studying viruses,
worms, etc.
• Email Forensics: It deals with emails and its recovery and analysis, including deleted emails,
calendars, and contacts.
• Memory Forensics: Deals with collecting data from system memory (system registers, cache,
RAM) in raw form and then analysing it for further investigation.
• Mobile Phone Forensics: It mainly deals with the examination and analysis of phones and
smartphones and helps to retrieve contacts, call logs, incoming, and outgoing SMS, etc. and other
data present in it.
CHARACTERISTICS
• Identification
• Preservation
• Analysis
• Documentation
• Presentation
PROCEDURE
• The procedure starts with identifying the devices used and collecting the
preliminary evidence on the crime scene. Then the court warrant is obtained
for the seizures of the evidences which leads to the seizure of the evidences.
The evidences are then transported to the forensics lab for further
investigations and the procedure of transportation of the evidence from the
crime scene to labs are called chain of custody. The evidences are then copied
for analysis and the original evidence is kept safe because analysis are always
done on the copied evidence and not the original evidences.
• The analysis is then done on the copied evidence for suspicious activities and
accordingly the findings are documented in a non technical tone. The
documented findings are then presented in the court of law for further
investigations.
TOOLS
• Tools used for Investigation :
COFEE – A suite of tools for Windows developed by Microsoft.
The Coroner’s Toolkit – A suite of programs for Unix analysis.
The Sleuth Kit – A library of tools for both Unix and Windows.
APPLICATIONS
• Intellectual Property theft
• Industrial espionage
• Employment disputes
• Fraud investigations
• Misuse of the Internet and email in the workplace
• Forgeries related matters
ADVANTAGES
• To produce evidence in the court, which can lead to the punishment of the
culprit.
• It helps the companies gather important information on their computer systems
or networks potentially being compromised.
• Efficiently tracks down cyber criminals from anywhere in the world
DISADVANTAGES
• Before the digital evidence is accepted into court it must be proved that it is not
tampered with.
• Producing and keeping the electronic records safe are expensive.
• Legal practitioners must have extensive computer knowledge.
• Need to produce authentic and convincing evidence.
CONCLUSION
This field will enable crucial electronic evidence to be found , whether it
was lost, deleted, damaged, or hidden, and used to prosecute individuals that
believe they have successfully beaten the system.

You might also like