University Digital Forensic Investigation with Autopsy Tool Projects

Verified

Added on 2022/10/03

AI Summary

This assignment is a practical digital forensics project using the Autopsy tool. The student's task involves investigating a potential data breach by examining a USB drive belonging to a former employee. The project includes hands-on exercises such as using Autopsy to analyze the USB drive's bit-stream image, searching for specific keywords like "confidential", recovering deleted files, and extracting data from virtual machines. The student demonstrates understanding of Autopsy's features, including timeline analysis, hash filtering, keyword searches, web artifact extraction, data carving, and the use of indicators of compromise. The assignment also includes the creation of a new case icon and the addition of virtual machine files to the case. The student's work showcases the application of digital forensic techniques to identify potential data theft and secure sensitive information. References to relevant research papers are also included.

Running head: DIGITAL FORENSIC
DIGITAL FORENSIC
Name of the Student
Name of the University
Author Note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

DIGITAL FORENSIC 1
Table of Contents
Hands on project 1-2:.................................................................................................................2
Hands on project 1-4:.................................................................................................................3
Hands on project:.......................................................................................................................3

2DIGITAL FORENSIC
Hands on project 1-2:
The problem for this project was an employee of my organisation left the organisation
earlier, and it was a doubt that she might access the confidential files of organisation. The
task was to find the proof with the help digital forensic by the Autopsy tool. From this task I
have learnt a lot of things. At present it is very well known to me that how to do digital
forensic by Autopsy. Autopsy is actually a platform for the digital forensic as well as a
graphical interface for the Sleuth Kit as well as other tools for the digital forensic. The tool is
used by the law enforcement, corporate examiners and by the militaries for investigating what
is happening within a computer. It can be used for recovering photos, deleted files, encrypted
documents from flash drives or USB disk images. Autopsy is a tool that can be used very
easily. The installation process is also very easy. Autopsy was designed for being an end to
end platform with some of the modules. The modules are described as per following:
 Timeline Analysis - Graphical event viewing interface that are advanced (video
tutorial is also included).
 Hash Filtering - Flag known the files that are bad as well as ignore the goods that are
known.
 Keyword Search - Indexed keyword search for finding the files which mention the
terms that are relevant.
 Web Artefacts - Extract history, bookmarks, as well as cookies from Firefox, Chrome,
and Internet Explorer.
 Data Carving - Recover deleted files from unallocated space using Photoetch.
 Multimedia - Extract EXIF from pictures as well as for watching videos.
 Indicators of Compromise - Scan a computer by utilizing STIX.

3DIGITAL FORENSIC
Hands on project 1-4:
In this project I have learnt how to create a new case icon. After selecting the data
source window, I have learnt how the VM file or Disk image can be run within the autopsy
tool. From this task I have also learnt that the virtual machine extractor module can add any
of the virtual machines that will be found by it in the data source for the case as the data
sources that are new. It is also including the vmdk files that are also known as virtual
machine disk as well as the .vhd files that are also known as virtual hard drive. I have noted
that each of the virtual files are extracted to the case folder.
Hands on project:
From this project I have learnt that how to examine an image as well as how to search
for all of the occurrences for the keywords, such as, ANRONIO, HORATIO and HUGH
EVANS. After searching for this keyword in the autopsy tool I have found the files, images,
mail ids and lastly the deleted files that contains these keywords. I have also known that there
are keyword lists within the autopsy tool. By the help of the autopsy tool how to manage the
lists of the files that contains the keywords.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4DIGITAL FORENSIC
References:
Imran, A., Aljawarneh, S., & Sakib, K. (2016). Web Data Amalgamation for Security
Engineering: Digital Forensic Investigation of Open Source Cloud. J. UCS, 22(4),
494-520.
Kouwen, A., Scanlon, M., Choo, K. K. R., & Le-Khac, N. A. (2018). Digital forensic
investigation of two-way radio communication equipment and services. Digital
Investigation, 26, S77-S86.
Lillis, D., Becker, B., O'Sullivan, T., & Scanlon, M. (2016). Current challenges and future
research areas for digital forensic investigation. arXiv preprint arXiv:1604.03850.
Mink, D., Yasinsac, A., Choo, K. K. R., & Glisson, W. (2016). Next generation aircraft
architecture and digital forensic.