NIST CFReDS Project: Data Leakage Case Study and Forensic Analysis

This report presents an analysis of a data leakage case based on the NIST CFReDS project. The scenario involves an employee, 'Mr. Informant,' attempting to leak sensitive company data to a rival company. The report details the target systems, including a virtual Windows 7 environment, USB drives, and a CD-R. It meticulously outlines the suspect's behavior, including email communications, web browsing, file transfers, and attempts at anti-forensic techniques. The analysis covers key forensic aspects such as identifying the suspect's actions, the data transferred, and the tools used. The report identifies artifacts like search keywords, file renaming activities, cloud storage usage, and CD burning processes. Furthermore, it provides a detailed timeline of events, system configurations, and network activities, highlighting the suspect's efforts to conceal the data leakage. The report aims to provide insights into digital forensic practices, specifically focusing on identifying and analyzing evidence of data breaches in a controlled environment.