Digital Forensic Investigation Tools - PDF

Added on - 15 Jun 2021

  • 10

    Pages

  • 2304

    Words

  • 114

    Views

  • 0

    Downloads

Trusted by +2 million users,
1000+ happy students everyday
Showing pages 1 to 3 of 10 pages
Contents1.Introduction...........................................................................................................................22.Digital Forensic Investigation Tools....................................................................................23.Image file Investigation........................................................................................................54.Result analysis......................................................................................................................65.Conclusion............................................................................................................................8References..................................................................................................................................101
1.IntroductionUCLAN High Tech Crime Unit was a company that serves in digital forensic area. I am theemployer of that company. I am working as a digital forensic investigator. One day I will get acall from MD (Managing Director) of a famous company named as Vamos Solutions.In this company every day a crew they check each and every employee of the companyVamos Solutions to prevent any data theft. As usual one day they checked one of his employee.During the checking he have a USB flash stick in his hand. So security officials’ suspect that theemployee steal something from the office computer. So they informed that to his MD (ManagingDirector). So he called me to investigate that case. And he gives a USB memory stick image filefor the investigation. And he said me to find if any data theft was traced, if any submit theevidence to him.IntentionThe main intention of this investigation is to investigate image file (USB image file)given to the investigation. That is belongs to the employee of the company.PurposeMain objectives,Examine the USB flash diskCollect data relevant to the caseFind motivation of the data theftIdentify further details required from the company regards to this case2.Digital Forensic Investigation ToolsDigital forensics was a process of investing the cybercrimes.(InfoSec Resources, 2018)Forthat kind of investigation there are lots and lots of methods and tools are available.(Casey, 2007)As a digital forensic investigator we have to choose any one of the method.(Dudley-Gough,2006) Available digital forensic tools are,RegripperAccess data FTKAutopsy ToolRegripperRegripper was a widely used digital forensic application to carry out a digital forensicinvestigation. Carlon carvey was the creator of the software.(InfoSec Resources, 2018)The mainpurpose of the software is to extract a data from register of the PC (Personnel Computer). That iscreated to reduce the complication and timing of the extraction of computer register. That softwarereduce the time to extract the register details from 10 hrs. To some minutes. The software wascreated for the less skilled investigator. So it was in very simple form. This software allows to add aplugin Auditpol (Audit Policy). That is used to find if user changes his audit policies. This softwarealso has a potential to convert raw image data extracted from the computer register to readableformat. Due this features this product was widely used by the digital forensic investigators.2
Autopsy ToolIn market there is another software tools was used for the same purpose. But it has moreadvantage than the above tool. (Sleuthkit.org, 2018)It has a fantastic graphical user interface. Thissoftware has a high level performance also. So it is also widely used.(Altheide and Harlan Carvey,2011)That software was created by the company named Basic Technology Corporation. They madetutorials for this software and it was accessed from their (Basic Technology Corporation) companywebsite. The software has the following advantages,Extensible – This software gives the permission to add a new plugins for adding the newfunctions required by the user.Frameworks – Standard procedures or set of instructions that governed by the softwarecreator was known as frame work. If we want to investigate the forensic case by thissoftware we have to obey the frame work.Ease of Use – Its graphical user inter face (GUI) makes that this easy to use.Standard Procedure to Examine the Forensic Data by Autopsy ToolHere we have to obey to the set of ten instructions to investigate the digital Forensic caseby this method.(Jahankhani, 2010)Step 1: StartIt is an online based digital Forensic investigation tool. At first we need to start thisdigital Forensic investigation software works on windows OS and Linus OS.Step 2: Open NewcaseIn this digital Forensic software application we simply press the newcase icon whichstarts the new investigation dialogue box.Step 3: Data enteringThis digital Forensic investigation tool we must enter the information required by createdialogue box named as newcase.Step 4: Selecting an image fileAfter completing the data entering, the evidence directory selection dialogue box willopen. In this dialogue box we are advised to select the address of the evidence (USB data inimage format).Step 5: Adding name to the hostAfter that add host dialogue box will be opened. In this dialogue box you must need totype the host name and its details.Step 6: Identification location of hostAfter that you click the add image button to insert a forensic data (disk file in imageformat).Step 7: New disk image additionNow we can able to see the dialogue box on the screen in this dialogue box you areadvised to press the add image icon to open a new image file in the Autopsy digital Forensicsoftware tool.3
desklib-logo
You’re reading a preview
Preview Documents

To View Complete Document

Click the button to download
Subscribe to our plans

Download This Document