Upload
sai-nagaragiri
View
219
Download
4
Embed Size (px)
Citation preview
N.Sai Kiran,
IIIT Allahabad.
About Hackers
Business Response
Introduction to Forensic science
Basic Concepts
Basic cyber crime investigation tool
Firewalls
Child pornography
Precautions
“Cyber crime may be said to be those
species, of which, genus is the conventional
crime, and where either the computer is an
object or subject of the conduct constituting
crime”
Old WINE IN NEW BOTTLES.o Hackers
o Crackers
o Cyber terrorists
The challenge... „because it‟s there!‟
Ego
Espionage
Ideology
Mischief
Money (extortion or theft)
Revenge
Predominantly male
Aged from mid-teens to mid-twenties
Lacking in social skills
Fascination or obsession with computers
Underachiever in other areas who sees
computing as a means of being important or
powerful
Discontented
employees
Service %
Adult Content (XXX) 50
Online Services 19
Direct Marketing – Other 11
Direct Marketing – Catalogue 10
Gaming 5
Books 3
Other 2
Total 100
9
“If you have to teach ethics it’s too late”
There is no plan for review logs or scan
for unusual activity.
Physical access is not controlled in a
consistent manner.
If an intrusion detected or ever suspected
there is no procedure designed to deal
with it.
Why should you care?
Administrative precautions
Physical precautions
Information systems
Forensic science is the application of a
broad spectrum of sciences to answer
questions of interest to a legal system.
This may be in relation to a crime or a civil
action.
Computer forensics is a branch of digital
forensic science pertaining to legal evidence
found in computers and digital storage media.
The goal of computer forensics is to examine
digital media in a forensically sound manner with
the aim of identifying, preserving, recovering,
analyzing and presenting facts and opinions
about the information.
Protect
Discover
Recover
Reveal
Access
Analyze
Provide Expert Consultation.
In the mind of a normal computer user, once
data is deleted, it is accepted that it is no
longer in existence.
On the other hand, the CFS should
understand that the data could still exist in
some other form or area on the storage
medium
Disk Imaging
HashingMessage Digest 5 (MD5)
Secure Hash Algorithm (SHA)
PC
Inspector
Encase Forensic
tool kit
FTK imager
File data discovery SE SE SNR SE
File data recovery SNR SNR NS SNR
Reveal file contents SNR SE SNR SNR
File access and
analysis
SNR SE SNR SNR
Imaging NS SE NS SE
MD5 NS SE SE SE
SHA1 NS NS SE SE
Summary print out NS SE SNR SE
PC Inspector File Recovery
Encase
Forensic Tool Kit
FTK Imager
Window GUI Technology base Forensic Software for examination of File systems FAT12, FAT16, FAT32, NTFS, LINUX, UNIX, MACINTOSH, CDROM and DVD-R.
It should able to examine and extracting slack space.
It should be able to create image of the storage media e.g. hard disk, Floppy disk.
It should show emails in developer‟s format. (With headers and attachments)
It should open document in language other English spouted by Unicode e.g. Arabian language.
It should show Internet history.
Forensic Cell phone Seizure kit with write block facility and will all required cables and adapters.
Forensic Hardware: One computer PIV 3.2 GHz with 1 GB DDR RAM and other required peripheral
One hard disk write block device
Robust operating system software
Other application software facilitating word
processing, spread sheet, electronic mails,
multimedia, imaging and for identifying various other
kinds of file formats during the course of examination
Case management software for keeping records of the
cases being examined and for tracking case details at
short notice
Bootable disks to let the forensic specialist boot from
such disks instead of the suspect‟s bootable disk
Bit-stream back up of data The forensic procedure prohibits examination of the original media to prevent any accidental erasure or interference during examination of such media.
Powerful password recovery tool
Recovery of deleted data, image and
multimedia among other kinds of files .
For generating reports based on the
analysis of the information contained on
the suspect storage media
Searching tool for locating folders and
files on the suspect storage media.
Firewall protection as well as intrusion
detection
Use of spyware prevention
Intrusion detection systems
Firewalls help protect the perimeter
of your network (the hard candy
shell).
The “soft chewy centre” needs
protection too.
Firewalls can and are compromised.
Identification
Authentication
The person can be identified and authenticated by
what he knows
by what he owns
by his human characteristics (biometrics).
Biometric technologies are applied in the
following sectors:
Pubic Services,
Law Enforcement,
Banking,
Physical Access Control and
Computer & Networks.
1. Signature Verification
2. Iris Analysis
3. Facial Analysis
4. Fingerprint verification
5. Hand Geometry
6. Voice Verification
Use false identity to trap
contact children/teens in various chat rooms which are used by children/teen
Befriend the child/teen.
Extract personal information
Gets the e-mail address of the child/teen and starts making contacts on the victimâ s e-mail address as well.
Starts sending pornographic images/text
Extract personal information from child/teen
At the end of it, the pedophile set up a meeting with the child/teen out of the house
Watch traffic to your site.
Put & configure your firewall correctly.
Develop your web content off line.
Back up your web site after every update.
Develop your web content off line.
Protect your databases.
Back up your web site after every update.
Ensure physical security of equipment and
storage devices
Don't share identification numbers and passwords
Monitor dial-up facilities
Access to data
virus protection software
STAY UPDATED
Avoid disclosing
Avoid sending any photograph online particularly to strangers
Use latest and up dated anti virus software.
Always keep back up volumes
Never send your credit card number to any site that is not secured
Always keep a watch on the sites that your children are accessing
Use a security programme that gives control over the cookies
It is not possible to eliminate cyber crime from the cyber space.
It is quite possible to check them.
History is the witness that no legislation has succeeded in totally eliminating crime from the globe
The only possible step is to make people aware of their rights and duties
Treat your password like you treat your toothbrush. Never give it to anyone else to use, and change it every few months.
Unsafe to miss use
Quires?