COIT12201 - Digital Forensics Investigation of M57 Patents Case
VerifiedAdded on 2023/06/04
|19
|5417
|87
Case Study
AI Summary
This report details a digital forensic investigation into the M57 patents case, involving a patent search organization suspected of internal illegal activities. The investigation begins after a workstation from M57 is recovered, leading to a full examination of the company's digital assets, including computers, handsets, and USB drives. The report outlines the network layout, workstation setup, and a literature review of digital forensic methodologies. Activities performed include examining RAM snapshots, generating file hashes, and comparing memory images to identify potential keyloggers and unauthorized software installations on the CEO's computer. The findings suggest the presence and removal of a keylogger, raising concerns about potential email spying and data exfiltration. The investigation employs various digital forensic tools and techniques to analyze the evidence and reconstruct the events, providing insights into the organization's security vulnerabilities and potential internal threats. The assignment is a practical application of digital forensic principles and tools in a real-world scenario.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Digital forensic investigation 1
Digital forensic investigation on M57 patents case
Student
Course
Tutor
Institutional Affiliations
State
Date
Digital forensic investigation on M57 patents case
Student
Course
Tutor
Institutional Affiliations
State
Date
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Digital forensic investigation 2
Table of Contents
Introduction...............................................................................................................................................2
M57 patents scenario details.................................................................................................................4
M57.bizz Network..................................................................................................................................5
The organization workstation devices..................................................................................................6
Literature analysis.....................................................................................................................................6
Activity 1....................................................................................................................................................8
Activity 2....................................................................................................................................................9
Activity 3..................................................................................................................................................11
Discussion.................................................................................................................................................13
Conclusion................................................................................................................................................14
Reference list............................................................................................................................................15
Introduction
With the progress in time and advancement as well as evolution in technology, the use of
computers has and will increase in our daily lives. This owes to the fact that the digitalized
generation has become more dependent on computers to an extent that computers are used in
nearly all facets of our daily activities including organizations, institutions, and for personal use.
It is safe to calculate the rise of crime that has been facilitated by the advanced technology by
Table of Contents
Introduction...............................................................................................................................................2
M57 patents scenario details.................................................................................................................4
M57.bizz Network..................................................................................................................................5
The organization workstation devices..................................................................................................6
Literature analysis.....................................................................................................................................6
Activity 1....................................................................................................................................................8
Activity 2....................................................................................................................................................9
Activity 3..................................................................................................................................................11
Discussion.................................................................................................................................................13
Conclusion................................................................................................................................................14
Reference list............................................................................................................................................15
Introduction
With the progress in time and advancement as well as evolution in technology, the use of
computers has and will increase in our daily lives. This owes to the fact that the digitalized
generation has become more dependent on computers to an extent that computers are used in
nearly all facets of our daily activities including organizations, institutions, and for personal use.
It is safe to calculate the rise of crime that has been facilitated by the advanced technology by
Digital forensic investigation 3
evaluating the past trends of technology. Findings from various studies cite that criminals have
put a strain in computer forensic examiners today (Taylor, Haggerty, Gresty, and Lamb, 2011,
pp.4-10; Grispos, Storer, and Glisson, 2012, pp.28-48). This is due to the reason that a
significant number of crime, nowadays, are often facilitated by computers as well as other
computing devices of some sort including smartphones among other gadgets. Moreover, the
computer hardware and software, as well as the wireless technology, are getting more
sophisticated and portable thus increasing the level of crime (Damshenas, Dehghantanha,
Mahmoud and bin Shamsuddin, 2013, p.543).
Considering the evolution in technology as well as updates on what is to be considered
evidence, a proper training, and education in computer forensics should be considered (Chung,
Park, Lee, and Kang, 2012, pp.81-95; Rekhis and Boudriga, 2012, pp.635-650). It is important to
find out what a crime entails where computers are involved, it is also important to examine any
potential evidence of a crime on the digital media. There has been a considerable growth in
crime rates, as such, computer forensics is becoming increasingly important (Agarwal, and
Kothari, 2015, pp. 561-571; Liberatore, Erdely, Kerle, Levine, and Shields, 2010, pp.S95-S103).
Computer forensic entails expertise as well as the methods drawn from information and
communication technology domain, psychology, and criminology among other related fields
(Raghavan, 2013, pp.91-114; Seo, Lim, and Lee, 2009, pp.182-190; Valjarevic, and Venter,
2013, pp. 1-9). It is essential not just for mastering the digital forensic tools but also to have and
understanding of the advantages and limitations of the tools in their application in the real world
situation.
One critical issue in digital forensics is that real data is always not stable because of the
presence of confidential information. As such, there is need of disks for memory dumps, images,
evaluating the past trends of technology. Findings from various studies cite that criminals have
put a strain in computer forensic examiners today (Taylor, Haggerty, Gresty, and Lamb, 2011,
pp.4-10; Grispos, Storer, and Glisson, 2012, pp.28-48). This is due to the reason that a
significant number of crime, nowadays, are often facilitated by computers as well as other
computing devices of some sort including smartphones among other gadgets. Moreover, the
computer hardware and software, as well as the wireless technology, are getting more
sophisticated and portable thus increasing the level of crime (Damshenas, Dehghantanha,
Mahmoud and bin Shamsuddin, 2013, p.543).
Considering the evolution in technology as well as updates on what is to be considered
evidence, a proper training, and education in computer forensics should be considered (Chung,
Park, Lee, and Kang, 2012, pp.81-95; Rekhis and Boudriga, 2012, pp.635-650). It is important to
find out what a crime entails where computers are involved, it is also important to examine any
potential evidence of a crime on the digital media. There has been a considerable growth in
crime rates, as such, computer forensics is becoming increasingly important (Agarwal, and
Kothari, 2015, pp. 561-571; Liberatore, Erdely, Kerle, Levine, and Shields, 2010, pp.S95-S103).
Computer forensic entails expertise as well as the methods drawn from information and
communication technology domain, psychology, and criminology among other related fields
(Raghavan, 2013, pp.91-114; Seo, Lim, and Lee, 2009, pp.182-190; Valjarevic, and Venter,
2013, pp. 1-9). It is essential not just for mastering the digital forensic tools but also to have and
understanding of the advantages and limitations of the tools in their application in the real world
situation.
One critical issue in digital forensics is that real data is always not stable because of the
presence of confidential information. As such, there is need of disks for memory dumps, images,
Digital forensic investigation 4
and packet dumps for use, however, the resulting data is rarely realistic (Chung et al. 2012,
pp.81-95; Beebe, 2009, pp. 17-36; Grispos, Storer, and Glisson, 2012, pp.28-48). The primary
objective of this report is to demonstrate the practical use of the digital forensic tools through
analysis of M57 organization cyber-crime scenario.
As this article attempts to meet the stated objective, it seeks to respond to the questions
stated below:
i. What are the appropriate digital forensic tools for addressing the M57 scenario?
ii. What is the process involved in addressing the scenario?
M57 patents scenario details
As stated in the scenario, the M57 is a patent search organization that do investigations
for its clients’ patent information. The scenario starts when the company has four employees
including the founder and the CEO of the organization named Pat McGoo, the company’s
administrator Terry Johnston and two patent researchers called Jo Smith and Charlie Brown. The
organization has a plan for employing more employees as it books new clients. Since the
organization needs to employ more personnel, they must be having more technology at hand that
is not utilized.
The roles of the organization’s employees are checking and writing emails, staging and
conducting various illegal or malicious activities surfing the internet, using document creation
software including office among other responsibilities. The illegal activities associated with the
organization’s employees are not limited to theft of the organization’s property, using spyware
including loggers, proprietary information exfiltration and viewing illegal content using the
and packet dumps for use, however, the resulting data is rarely realistic (Chung et al. 2012,
pp.81-95; Beebe, 2009, pp. 17-36; Grispos, Storer, and Glisson, 2012, pp.28-48). The primary
objective of this report is to demonstrate the practical use of the digital forensic tools through
analysis of M57 organization cyber-crime scenario.
As this article attempts to meet the stated objective, it seeks to respond to the questions
stated below:
i. What are the appropriate digital forensic tools for addressing the M57 scenario?
ii. What is the process involved in addressing the scenario?
M57 patents scenario details
As stated in the scenario, the M57 is a patent search organization that do investigations
for its clients’ patent information. The scenario starts when the company has four employees
including the founder and the CEO of the organization named Pat McGoo, the company’s
administrator Terry Johnston and two patent researchers called Jo Smith and Charlie Brown. The
organization has a plan for employing more employees as it books new clients. Since the
organization needs to employ more personnel, they must be having more technology at hand that
is not utilized.
The roles of the organization’s employees are checking and writing emails, staging and
conducting various illegal or malicious activities surfing the internet, using document creation
software including office among other responsibilities. The illegal activities associated with the
organization’s employees are not limited to theft of the organization’s property, using spyware
including loggers, proprietary information exfiltration and viewing illegal content using the
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Digital forensic investigation 5
organization’s computer. The illegal content consists of the pictures of common house cats that
have no copyrights.
This episode, however, ends when an individual outside the M57 Company reports an
information to a police station. The person had bought a desktop workstation from an
advertisement on Craigslist. This individual found the cat's photographs mentioned earlier in the
device and investigators trace the machine then find that it belongs to the M57 organization.
Upon calling the organization’s CEO, Pat confirm that the device was stolen and further provide
more organization’s properties that have been stolen along with the computer. The CEO tells the
investigators to search the organization and image all M57 Company’s properties including the
organization’s handsets, computers, and the machine’s removable USB drives. McGoo, however,
has no idea that several of the organization’s employees are involved in this illegal act including
extortion, theft of the organization’s property, and data exfiltration.
M57.bizz Network
The organization’s network layout includes four computers which are connected to one
switch configured with a gateway which enabled internet connection as shown in figure 1. Jo
Smith needed two machines according to the scenario, by then, he had one machine connected to
the network. The organization made a replacement because of his hardware fail which was one
week before the scenario commenced.
organization’s computer. The illegal content consists of the pictures of common house cats that
have no copyrights.
This episode, however, ends when an individual outside the M57 Company reports an
information to a police station. The person had bought a desktop workstation from an
advertisement on Craigslist. This individual found the cat's photographs mentioned earlier in the
device and investigators trace the machine then find that it belongs to the M57 organization.
Upon calling the organization’s CEO, Pat confirm that the device was stolen and further provide
more organization’s properties that have been stolen along with the computer. The CEO tells the
investigators to search the organization and image all M57 Company’s properties including the
organization’s handsets, computers, and the machine’s removable USB drives. McGoo, however,
has no idea that several of the organization’s employees are involved in this illegal act including
extortion, theft of the organization’s property, and data exfiltration.
M57.bizz Network
The organization’s network layout includes four computers which are connected to one
switch configured with a gateway which enabled internet connection as shown in figure 1. Jo
Smith needed two machines according to the scenario, by then, he had one machine connected to
the network. The organization made a replacement because of his hardware fail which was one
week before the scenario commenced.
Digital forensic investigation 6
Figure 1: M57 Company network setup
The organization workstation devices
The company’s workstations were prepared as the clean environment. A hard drive with a
pass of NULL characters got purged over each machine’s hard drive. We created one partition
from this clean state and installed an operating system from an original media. We then
formatted all of the images in the hard drive using NTFS. After the installation process, we
updated the system.
Literature analysis
Besides the fact that advanced criminology is generally new in the research area, it has
officially gained critical ground. The advancement isn't just from an innovation point of view,
for example, instruments to gather and investigation computerized prove, yet in addition with the
change of philosophy (Seo, Lim, and Lee, 2009, pp.182-190). In advanced crime scene
investigation, a procedure display is an approach used to lead an examination; a system with
various stages to direct an examination. For the most part, we proposed the process models on
the experience past work’s experience. Because of the assortment of cases, such as digital
assaults directed by information technology professionals, common cases in an organization, or
Figure 1: M57 Company network setup
The organization workstation devices
The company’s workstations were prepared as the clean environment. A hard drive with a
pass of NULL characters got purged over each machine’s hard drive. We created one partition
from this clean state and installed an operating system from an original media. We then
formatted all of the images in the hard drive using NTFS. After the installation process, we
updated the system.
Literature analysis
Besides the fact that advanced criminology is generally new in the research area, it has
officially gained critical ground. The advancement isn't just from an innovation point of view,
for example, instruments to gather and investigation computerized prove, yet in addition with the
change of philosophy (Seo, Lim, and Lee, 2009, pp.182-190). In advanced crime scene
investigation, a procedure display is an approach used to lead an examination; a system with
various stages to direct an examination. For the most part, we proposed the process models on
the experience past work’s experience. Because of the assortment of cases, such as digital
assaults directed by information technology professionals, common cases in an organization, or
Digital forensic investigation 7
illegal cases, diverse specialists have a tendency to take after various strategies in their
investigative procedure, there is no standard work process in a computerized scientific
examination.
A standard system in advanced crime scene investigation examination comprises of a
meaning of the succession of activities vital in the examination (Valjarevic, and Venter, 2013,
pp. 1-9). A structure, in the event that it is excessively shortsighted or has fewer stages, probably
won't give much direction to the examination procedure. A system with more stages and each
stage with sub-ventures, with more impediment of its use situation, may demonstrate more
helpful. Despite the fact that it is relatively difficult to plan an impeccable procedure demonstrate
that can manage any examination, a perfect system ought to be general, which implies that it
could be connected to whatever number cases as would be prudent.
Moreover, considering that methods develop so quickly, a very much characterized
structure ought to likewise with the ability to embrace new strategies during the time spent
examination (Rekhis and Boudriga, 2012, pp.635-650). The authors have proposed various
process models. For the most part, every system endeavors to refine the standard strategy for a
given case and each of the procedure models adopts an extensively comparable strategy. The
most punctual research focused on characterizing the procedure of advanced measurable
examination. All the more as of late, process display inquires about revolves around fathoming
more particular issues - particular utilize cases or spotlight on specific advances (confirm
gathering, safeguarding or examination, investigation). The triage show is successful for cases
that are time touchy. Through the help of computerized criminology triage, specialists could find
appropriate proof, what's more, the police could get the whereabouts the criminal sooner rather
sitting tight for the entire report which could take a while or even years.
illegal cases, diverse specialists have a tendency to take after various strategies in their
investigative procedure, there is no standard work process in a computerized scientific
examination.
A standard system in advanced crime scene investigation examination comprises of a
meaning of the succession of activities vital in the examination (Valjarevic, and Venter, 2013,
pp. 1-9). A structure, in the event that it is excessively shortsighted or has fewer stages, probably
won't give much direction to the examination procedure. A system with more stages and each
stage with sub-ventures, with more impediment of its use situation, may demonstrate more
helpful. Despite the fact that it is relatively difficult to plan an impeccable procedure demonstrate
that can manage any examination, a perfect system ought to be general, which implies that it
could be connected to whatever number cases as would be prudent.
Moreover, considering that methods develop so quickly, a very much characterized
structure ought to likewise with the ability to embrace new strategies during the time spent
examination (Rekhis and Boudriga, 2012, pp.635-650). The authors have proposed various
process models. For the most part, every system endeavors to refine the standard strategy for a
given case and each of the procedure models adopts an extensively comparable strategy. The
most punctual research focused on characterizing the procedure of advanced measurable
examination. All the more as of late, process display inquires about revolves around fathoming
more particular issues - particular utilize cases or spotlight on specific advances (confirm
gathering, safeguarding or examination, investigation). The triage show is successful for cases
that are time touchy. Through the help of computerized criminology triage, specialists could find
appropriate proof, what's more, the police could get the whereabouts the criminal sooner rather
sitting tight for the entire report which could take a while or even years.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Digital forensic investigation 8
Cloud computing has turned out to be typical in this day and age. As one precedent, cloud
storage, for example, Google Drive, Dropbox, Apple's iCloud, and so on, are broadly utilized by
buyers worldwide. Advancement this innovation is a twofold edged sword from a computerized
criminological point of view; the wide utilization of cloud framework and applications conveys
unpredictability to directing computerized measurable examinations while utilizing this on-
request, the rapid innovation could likewise make a big deal about the investigative procedure
fundamentally more proficient.
Nonetheless, in view of the present writing in the territory, digital forensic is
considerably more famous, for example recuperating proof from cloud administrations and
applications (Beebe, 2009, pp. 17-36). Survey on DFaaS very constrained up to now in the
digital scientific network. The DFaaS is particularly still considered in its outset. In the most
recent decade, numerous partnerships have completed their preparing as well as information
relocation from their own servers to the cloud benefit sellers, for example, Amazon or
Rackspace. In like manner, during the time spent advanced scientific examination, the DFaaS
could bring a few enhancements over the current procedure. There are various advantages of
making utilization of cloud computing for scientific examination. Right off the bat, remotely
interfacing with ground-breaking servers rather than every single gadget not just offer the agents
more grounded processing power for confirming examination yet, in addition, dispose of the area
impediment that the investigation could just be led in the research center.
Activity 1
According to the scenario script, there is suspicion that a certain employee spy on the
M57 organization CEO by e-mail. In this case, the hypothesis is that the illegal act was done on
the individual’s computer.
Cloud computing has turned out to be typical in this day and age. As one precedent, cloud
storage, for example, Google Drive, Dropbox, Apple's iCloud, and so on, are broadly utilized by
buyers worldwide. Advancement this innovation is a twofold edged sword from a computerized
criminological point of view; the wide utilization of cloud framework and applications conveys
unpredictability to directing computerized measurable examinations while utilizing this on-
request, the rapid innovation could likewise make a big deal about the investigative procedure
fundamentally more proficient.
Nonetheless, in view of the present writing in the territory, digital forensic is
considerably more famous, for example recuperating proof from cloud administrations and
applications (Beebe, 2009, pp. 17-36). Survey on DFaaS very constrained up to now in the
digital scientific network. The DFaaS is particularly still considered in its outset. In the most
recent decade, numerous partnerships have completed their preparing as well as information
relocation from their own servers to the cloud benefit sellers, for example, Amazon or
Rackspace. In like manner, during the time spent advanced scientific examination, the DFaaS
could bring a few enhancements over the current procedure. There are various advantages of
making utilization of cloud computing for scientific examination. Right off the bat, remotely
interfacing with ground-breaking servers rather than every single gadget not just offer the agents
more grounded processing power for confirming examination yet, in addition, dispose of the area
impediment that the investigation could just be led in the research center.
Activity 1
According to the scenario script, there is suspicion that a certain employee spy on the
M57 organization CEO by e-mail. In this case, the hypothesis is that the illegal act was done on
the individual’s computer.
Digital forensic investigation 9
Because there was limited information with respect to timing to support the process of
investigation, all of the Pat’s RAM snap short were examined as well as the attempts to establish
all of the executables which are in the memory. During the process, we generated various file
hashes, every one of Pat's disks was mounted and hashed the majority of the individual
documents which took around one and a half an hour for eighteen images of 260 GB. The
memory pictures from Pat's PC were contrasted and the hashes of the .dll and the .exe records
which are on the circle pictures in his PC's disk in order to find out the code that were run on the
computer (Perumal, Norwawi, and Raman, 2015, pp. 19-23; Dykstra, and Sherman, 2013,
pp.S87-S95.).
Sampling size for four filters was used to compare images (Valjarevic, and Venter, 2015,
pp.1467-1483; Shields, Frieder, and Maloof, 2011, pp.3-13). It took approximately eight minutes
to relate the base image executables to the 21 RAM previews and roughly ten minutes to look at
the executables from that day picture circle to the accommodating RAM depictions. As indicated
by the distinction and a couple of lines of light scripting a timeline of the entire process was
established along with certain routine activities which can be discerned easily (Shields, Frieder,
and Maloof, 2011, pp.S3-S13). The size of the difference which actually grew over time was also
given for the same day, the days, as well as weekends that had no interesting results, were
skipped.
Based on the investigation, it is apparent that keylogger was installed on Pat’s computer
and later removed. If the RealVNC was not installed by Pat on the same date the keylogger was
installed, it could have also been used to look over his shoulder (Alazab, Venkatraman, and
Watters, 2009, pp.551-558; Garfinkel, 2010, pp.S64-S73). The total triage time for queries was
30 minutes plus an additional one and a half an hour for file hashing.
Because there was limited information with respect to timing to support the process of
investigation, all of the Pat’s RAM snap short were examined as well as the attempts to establish
all of the executables which are in the memory. During the process, we generated various file
hashes, every one of Pat's disks was mounted and hashed the majority of the individual
documents which took around one and a half an hour for eighteen images of 260 GB. The
memory pictures from Pat's PC were contrasted and the hashes of the .dll and the .exe records
which are on the circle pictures in his PC's disk in order to find out the code that were run on the
computer (Perumal, Norwawi, and Raman, 2015, pp. 19-23; Dykstra, and Sherman, 2013,
pp.S87-S95.).
Sampling size for four filters was used to compare images (Valjarevic, and Venter, 2015,
pp.1467-1483; Shields, Frieder, and Maloof, 2011, pp.3-13). It took approximately eight minutes
to relate the base image executables to the 21 RAM previews and roughly ten minutes to look at
the executables from that day picture circle to the accommodating RAM depictions. As indicated
by the distinction and a couple of lines of light scripting a timeline of the entire process was
established along with certain routine activities which can be discerned easily (Shields, Frieder,
and Maloof, 2011, pp.S3-S13). The size of the difference which actually grew over time was also
given for the same day, the days, as well as weekends that had no interesting results, were
skipped.
Based on the investigation, it is apparent that keylogger was installed on Pat’s computer
and later removed. If the RealVNC was not installed by Pat on the same date the keylogger was
installed, it could have also been used to look over his shoulder (Alazab, Venkatraman, and
Watters, 2009, pp.551-558; Garfinkel, 2010, pp.S64-S73). The total triage time for queries was
30 minutes plus an additional one and a half an hour for file hashing.
Digital forensic investigation 10
Activity 2
For the purpose of this activity, Paraben email was downloaded and used as a tool for
investigation (Lillis, Becker, O'Sullivan, and Scanlon, 2016, pp. 75-134). Before diving into the
investigation, it is important to look at the importance of the email headers in the cases like the
scenario. Due to the fact that exfiltration occurs through email, it is essential to know what is
meant by the headers. The email headers keep a plentiful of data which are related to the specific
message in the email (Sindhu, and Meshram, 2012, p.39; Quick, and Choo, 2014, pp.273-294).
They are normally hidden, as such, only the text of the email is shown to the recipient of the
email. The email headers can be easily forgotten, they are also not veracious. Following this
rationale, the only part of the email which can be trusted is the part which is generated by the
user’s service i.e. the received part.
The investigation commenced by replicating the M57 organization employees’ emails
stated in the scenario script and then replica was mounted for analysis. The format of the image
was in the proprietary EnCase format (Mumba, and Venter, 2014, pp. 1-10; Zainudin, Merabti,
and Llewellyn-Jones, 2010, pp. 21-22). Various forensic software was used in mounting the
images including GUI front-end for the Sleuth kit tools as shown in figure 2.
Activity 2
For the purpose of this activity, Paraben email was downloaded and used as a tool for
investigation (Lillis, Becker, O'Sullivan, and Scanlon, 2016, pp. 75-134). Before diving into the
investigation, it is important to look at the importance of the email headers in the cases like the
scenario. Due to the fact that exfiltration occurs through email, it is essential to know what is
meant by the headers. The email headers keep a plentiful of data which are related to the specific
message in the email (Sindhu, and Meshram, 2012, p.39; Quick, and Choo, 2014, pp.273-294).
They are normally hidden, as such, only the text of the email is shown to the recipient of the
email. The email headers can be easily forgotten, they are also not veracious. Following this
rationale, the only part of the email which can be trusted is the part which is generated by the
user’s service i.e. the received part.
The investigation commenced by replicating the M57 organization employees’ emails
stated in the scenario script and then replica was mounted for analysis. The format of the image
was in the proprietary EnCase format (Mumba, and Venter, 2014, pp. 1-10; Zainudin, Merabti,
and Llewellyn-Jones, 2010, pp. 21-22). Various forensic software was used in mounting the
images including GUI front-end for the Sleuth kit tools as shown in figure 2.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Digital forensic investigation 11
Figure 2: the GUI front end for the Sleuth kit tools
According to the scenario, this case involves the emails that were sent using M57
organization machines. It is suspected that someone has spilled data concerning M57
organization's insider facts. We inspected the manner in which Charlie got to his messages. With
the end goal of this paper, we direct our concentration toward Charlie's machine and contrast the
executable from circle pictures and the comparing RAM depiction of the day. This examination
is encouraged by an example size of four where a correlation between each of the 18 RAM
pictures was done in 31 minutes (Perumal, 2009, pp.38-44; Casey, 2011, pp. 39-47; Seo, Lim,
and Lee, 2009, pp.182-190). During the study, we recognized the occurrence of a “Cygnus free
edition” hex editor as well as a program called “invisible secretes 2.1”. The program had a doll
called “bmpcarrier,” “blowfish,” and “jpgcarrier” supporting the suspicion that it is a
steganography tool (Rekhis, and Boudriga, 2011, pp.376-396; Taylor, Fritsch, and Liederbach,
2014). Another program named “insecr2.exe” which can be found on the network trace for date
19th November was found on Charlie’s USB drive, this is an evident that the file was
downloaded around the same time. The following stage was to recognize the information that
may have been exfiltrated in the USB drive.
After examination of the USB drive, the “astronaut” and “microscope” pairs of images
appeared to look the same, however, their hashes are not identical, and this supports the
suspicion that they must have been used for stego as carriers. The investigation of the
accompanying emails also supports the hypothesis. Investigating other possible exfiltration
carriers, it is found that seven zip files are present and the files were installed on date 24th
November. A password protected archive was also found in the USB drive which contains two
files apparently (Casey, Back, and Barnum, 2015, 12, pp.102-110). Examination of other files
Figure 2: the GUI front end for the Sleuth kit tools
According to the scenario, this case involves the emails that were sent using M57
organization machines. It is suspected that someone has spilled data concerning M57
organization's insider facts. We inspected the manner in which Charlie got to his messages. With
the end goal of this paper, we direct our concentration toward Charlie's machine and contrast the
executable from circle pictures and the comparing RAM depiction of the day. This examination
is encouraged by an example size of four where a correlation between each of the 18 RAM
pictures was done in 31 minutes (Perumal, 2009, pp.38-44; Casey, 2011, pp. 39-47; Seo, Lim,
and Lee, 2009, pp.182-190). During the study, we recognized the occurrence of a “Cygnus free
edition” hex editor as well as a program called “invisible secretes 2.1”. The program had a doll
called “bmpcarrier,” “blowfish,” and “jpgcarrier” supporting the suspicion that it is a
steganography tool (Rekhis, and Boudriga, 2011, pp.376-396; Taylor, Fritsch, and Liederbach,
2014). Another program named “insecr2.exe” which can be found on the network trace for date
19th November was found on Charlie’s USB drive, this is an evident that the file was
downloaded around the same time. The following stage was to recognize the information that
may have been exfiltrated in the USB drive.
After examination of the USB drive, the “astronaut” and “microscope” pairs of images
appeared to look the same, however, their hashes are not identical, and this supports the
suspicion that they must have been used for stego as carriers. The investigation of the
accompanying emails also supports the hypothesis. Investigating other possible exfiltration
carriers, it is found that seven zip files are present and the files were installed on date 24th
November. A password protected archive was also found in the USB drive which contains two
files apparently (Casey, Back, and Barnum, 2015, 12, pp.102-110). Examination of other files
Digital forensic investigation 12
from the USB drive in all RAM images of Charlie, the two files were found in memory. When
the zip files were correlated with the mail traffic, it was revealed that the file was part of
extortion scheme rather than exfiltration.
Activity 3
From the investigation in the activity 1, there is a satisfactory reason to suspect that one
of the organization’s computers was used in for illegal practices. The suspicion arose when one
of the computers the computers used by Jo got replaced and then sold online. As much as the
employee might have attempted to cover his tracks when the computer was investigated by the
police at the end of the scenario, however, it was already clear that one of the organization’s
computers was used for the illegal practices and the computer was initially used by Jo.
To additionally demonstrate that Jo was engaged with the act, the majority of Jo's
pictures were first questioned with the kitty sets. Since a full correlation thinks about the
majority of the process segments to the question records to the process parts of the objective
documents which would take a lot of time as 55 minutes at least will be taken to go through the
21 circle pictures, an option quicker technique was utilized (Imran, Aljawarneh, and Sakib, 2016,
pp.494-520; Omeleze, and Venter, 2013, pp. 1-8). The technique includes a significantly quicker
output by viably examining as just four bits of the first records were searched for. We turned out
to be more forceful and further utilized an inspecting size of two, which yield a similar outcome
for this situation at the expense of 96 seconds just for the majority of the pictures in the hard
plate of Jo's PC.
The results showing the number of record matches for every one of the dates of the
scenario were obtained and this provided the basics of initial hypothesis. From the results, it was
from the USB drive in all RAM images of Charlie, the two files were found in memory. When
the zip files were correlated with the mail traffic, it was revealed that the file was part of
extortion scheme rather than exfiltration.
Activity 3
From the investigation in the activity 1, there is a satisfactory reason to suspect that one
of the organization’s computers was used in for illegal practices. The suspicion arose when one
of the computers the computers used by Jo got replaced and then sold online. As much as the
employee might have attempted to cover his tracks when the computer was investigated by the
police at the end of the scenario, however, it was already clear that one of the organization’s
computers was used for the illegal practices and the computer was initially used by Jo.
To additionally demonstrate that Jo was engaged with the act, the majority of Jo's
pictures were first questioned with the kitty sets. Since a full correlation thinks about the
majority of the process segments to the question records to the process parts of the objective
documents which would take a lot of time as 55 minutes at least will be taken to go through the
21 circle pictures, an option quicker technique was utilized (Imran, Aljawarneh, and Sakib, 2016,
pp.494-520; Omeleze, and Venter, 2013, pp. 1-8). The technique includes a significantly quicker
output by viably examining as just four bits of the first records were searched for. We turned out
to be more forceful and further utilized an inspecting size of two, which yield a similar outcome
for this situation at the expense of 96 seconds just for the majority of the pictures in the hard
plate of Jo's PC.
The results showing the number of record matches for every one of the dates of the
scenario were obtained and this provided the basics of initial hypothesis. From the results, it was
Digital forensic investigation 13
apparent that 124 kitty set files were copied into the computer on date 18th of the month and
another five files were added on date 24th when 130 files also got copied onto the new computer.
Questioning the majority of the 78 disk pictures contraband traces (comprehensive of Jo's)
utilizing an example measure, it accepts seven minutes as a similar inquiry with an example of
four takes eleven minutes, the complete query would take around five hours, and this is the most
appropriate for this analysis (Kebande, and Ray, 2016, pp. 356-362; Damshenas, Dehghantanha,
Mahmoud, and bin Shamsuddin, 2012, pp. 190-194).
The outcome does not, however, show any new matches on the remaining machine.
Moreover, a query of the system follows does not demonstrate any hits. It is obvious from the
situation that the kitty records were not set on some other PCs and they were never exchanged
through the system. At the point when Jo's USB picture is looked into, the source kitty pictures
are found in a second.
On basis of this investigation, various preliminary conclusions that address the following
questions can be deduced as follows: It is evident that Jo is the owner of the files since the
queries of all the disk images of contraband traces in all machines in the organization finds that
no machine showed any match, the query network traces from the investigation did not also
show any matches except for Jo’s machine.
Discussion
Based on the findings from the investigation above, defaulters in the M57 company can
be now put to light. In the activity one, it is proven that employees spy on Pat as the evidence
suggests. Case two, on the other hand, bring to the fore the exfiltration activities that take place
in the organization and Charlie is found to be responsible for this as investigations on his USB
apparent that 124 kitty set files were copied into the computer on date 18th of the month and
another five files were added on date 24th when 130 files also got copied onto the new computer.
Questioning the majority of the 78 disk pictures contraband traces (comprehensive of Jo's)
utilizing an example measure, it accepts seven minutes as a similar inquiry with an example of
four takes eleven minutes, the complete query would take around five hours, and this is the most
appropriate for this analysis (Kebande, and Ray, 2016, pp. 356-362; Damshenas, Dehghantanha,
Mahmoud, and bin Shamsuddin, 2012, pp. 190-194).
The outcome does not, however, show any new matches on the remaining machine.
Moreover, a query of the system follows does not demonstrate any hits. It is obvious from the
situation that the kitty records were not set on some other PCs and they were never exchanged
through the system. At the point when Jo's USB picture is looked into, the source kitty pictures
are found in a second.
On basis of this investigation, various preliminary conclusions that address the following
questions can be deduced as follows: It is evident that Jo is the owner of the files since the
queries of all the disk images of contraband traces in all machines in the organization finds that
no machine showed any match, the query network traces from the investigation did not also
show any matches except for Jo’s machine.
Discussion
Based on the findings from the investigation above, defaulters in the M57 company can
be now put to light. In the activity one, it is proven that employees spy on Pat as the evidence
suggests. Case two, on the other hand, bring to the fore the exfiltration activities that take place
in the organization and Charlie is found to be responsible for this as investigations on his USB
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Digital forensic investigation 14
drive suggest. Investigations in case two, however, put to light the illegal files in the M57
organization’s machines which are proven to belong to Jo, the organization’s employee. Despite
the fact that, distributed computing has turned out to be predominant crosswise over numerous
enterprises, there is restricted writing on its utilization and focal points from a Digital forensic
analysis service DFaaS viewpoint.
In this area, the ebb and flow inquire about on DFaaS will be examined. The primary
usage is the registering power given by conveyed figuring, which can all the more likely handle
the expanding greatness of information. Examination of writing demonstrates the effectiveness
of the cloud framework taking a shot at recorded pursuit. Different research layout an execution
of cloud-based framework to battle the greatness of information experienced by computerized
legal sciences by utilizing parallel registering. This work features the materialness of distributed
computing in computerized crime scene investigation and the change that DFaaS could make.
One utilizes an instance of DFaaS is to offer recorded pursuit as an administration. Concerning
the substantial volume of information, waiting be broke down, circulated registering frameworks
could do a similar work in parallel. Such cloud server can offer the profoundly serious
registering procedure and a substantial amount of capacity to manage the moderate handling on
huge information volume.
Conclusion
In conclusion, this study has presented an investigation report concerning the M57
patents. From the analysis, it can be concluded that human beings are often the weakest link
when it comes to the security chain. A thorough strategy and an institutionalized methodology of
the examination process are indispensable for leading forensic analysis like in the case of
M57.biz. The quest for an ideal model for advanced measurable science will presumably never
drive suggest. Investigations in case two, however, put to light the illegal files in the M57
organization’s machines which are proven to belong to Jo, the organization’s employee. Despite
the fact that, distributed computing has turned out to be predominant crosswise over numerous
enterprises, there is restricted writing on its utilization and focal points from a Digital forensic
analysis service DFaaS viewpoint.
In this area, the ebb and flow inquire about on DFaaS will be examined. The primary
usage is the registering power given by conveyed figuring, which can all the more likely handle
the expanding greatness of information. Examination of writing demonstrates the effectiveness
of the cloud framework taking a shot at recorded pursuit. Different research layout an execution
of cloud-based framework to battle the greatness of information experienced by computerized
legal sciences by utilizing parallel registering. This work features the materialness of distributed
computing in computerized crime scene investigation and the change that DFaaS could make.
One utilizes an instance of DFaaS is to offer recorded pursuit as an administration. Concerning
the substantial volume of information, waiting be broke down, circulated registering frameworks
could do a similar work in parallel. Such cloud server can offer the profoundly serious
registering procedure and a substantial amount of capacity to manage the moderate handling on
huge information volume.
Conclusion
In conclusion, this study has presented an investigation report concerning the M57
patents. From the analysis, it can be concluded that human beings are often the weakest link
when it comes to the security chain. A thorough strategy and an institutionalized methodology of
the examination process are indispensable for leading forensic analysis like in the case of
M57.biz. The quest for an ideal model for advanced measurable science will presumably never
Digital forensic investigation 15
stop. In this paper, the advancement of the computerized measurable examination was discussed
and these the investigation were gathered into three exercises. The principal kind describes a
general methodology for the entire examination process. The second kind refines and overhauls
the past models by improving comparability with more conditions. The third kind makes use of
new techniques, frameworks and additionally instruments in the investigative system to oversee
new issues experienced in present-day examinations. Generally speaking, future refinements of
the progressed measurable process will most likely focus on usage circumstances, upgrading the
capability of the investigative strategy, and melding new advances and frameworks into the
models for the motivations behind guaranteeing a constantly versatile strategy.
Reference list
Agarwal, R. and Kothari, S., 2015, Review of digital forensic investigation frameworks.
In Information Science and Applications pp. 561-571, Springer, Berlin, Heidelberg.
Alazab, M., Venkatraman, S., and Watters, P., 2009, Effective digital forensic analysis of the
NTFS disk image. Ubiquitous Computing and Communication Journal, 4(3), pp.551-558.
Beebe, N., 2009, January, Digital forensic research: The good, the bad and the unaddressed.
In IFIP International Conference on Digital Forensics pp. 17-36. Springer, Berlin, Heidelberg.
Casey, E., 2011, Digital evidence and computer crime: Forensic science, computers, and the
internet. Academic press, pp. 39-47.
Casey, E., Back, G. and Barnum, S., 2015, Leveraging CybOX™ to standardize representation
and exchange of digital forensic information. Digital Investigation, 12, pp.S102-S110.
stop. In this paper, the advancement of the computerized measurable examination was discussed
and these the investigation were gathered into three exercises. The principal kind describes a
general methodology for the entire examination process. The second kind refines and overhauls
the past models by improving comparability with more conditions. The third kind makes use of
new techniques, frameworks and additionally instruments in the investigative system to oversee
new issues experienced in present-day examinations. Generally speaking, future refinements of
the progressed measurable process will most likely focus on usage circumstances, upgrading the
capability of the investigative strategy, and melding new advances and frameworks into the
models for the motivations behind guaranteeing a constantly versatile strategy.
Reference list
Agarwal, R. and Kothari, S., 2015, Review of digital forensic investigation frameworks.
In Information Science and Applications pp. 561-571, Springer, Berlin, Heidelberg.
Alazab, M., Venkatraman, S., and Watters, P., 2009, Effective digital forensic analysis of the
NTFS disk image. Ubiquitous Computing and Communication Journal, 4(3), pp.551-558.
Beebe, N., 2009, January, Digital forensic research: The good, the bad and the unaddressed.
In IFIP International Conference on Digital Forensics pp. 17-36. Springer, Berlin, Heidelberg.
Casey, E., 2011, Digital evidence and computer crime: Forensic science, computers, and the
internet. Academic press, pp. 39-47.
Casey, E., Back, G. and Barnum, S., 2015, Leveraging CybOX™ to standardize representation
and exchange of digital forensic information. Digital Investigation, 12, pp.S102-S110.
Digital forensic investigation 16
Chung, H., Park, J., Lee, S., and Kang, C., 2012, Digital forensic investigation of cloud storage
services, Digital investigation, 9(2), pp.81-95.
Damshenas, M., Dehghantanha, A., Mahmoud, R., and bin Shamsuddin, S., 2012, June,
Forensics investigation challenges in cloud computing environments. In Cyber Security, Cyber
Warfare and Digital Forensic (CyberSec), 2012 International Conference on (pp. 190-194).
IEEE.
Damshenas, M., Dehghantanha, A., Mahmoud, R. and bin Shamsuddin, S., 2013. Cloud
computing and conflicts with digital forensic investigation, International Journal of Digital
Content Technology and its Applications, 7(9), p.543.
Dykstra, J. and Sherman, A.T., 2013, Design and implementation of FROST: Digital forensic
tools for the OpenStack cloud computing platform. Digital Investigation, 10, pp.S87-S95.
Garfinkel, S.L., 2010, Digital forensics research: The next 10 years. digital investigation, 7,
pp.S64-S73.
Grispos, G., Storer, T., and Glisson, W.B., 2012, Calm before the storm: The challenges of cloud
computing in digital forensics. International Journal of Digital Crime and Forensics
(IJDCF), 4(2), pp.28-48.
Imran, A., Aljawarneh, S. and Sakib, K., 2016. Web Data Amalgamation for Security
Engineering: Digital Forensic Investigation of Open Source Cloud. J. UCS, 22(4), pp.494-520.
Chung, H., Park, J., Lee, S., and Kang, C., 2012, Digital forensic investigation of cloud storage
services, Digital investigation, 9(2), pp.81-95.
Damshenas, M., Dehghantanha, A., Mahmoud, R., and bin Shamsuddin, S., 2012, June,
Forensics investigation challenges in cloud computing environments. In Cyber Security, Cyber
Warfare and Digital Forensic (CyberSec), 2012 International Conference on (pp. 190-194).
IEEE.
Damshenas, M., Dehghantanha, A., Mahmoud, R. and bin Shamsuddin, S., 2013. Cloud
computing and conflicts with digital forensic investigation, International Journal of Digital
Content Technology and its Applications, 7(9), p.543.
Dykstra, J. and Sherman, A.T., 2013, Design and implementation of FROST: Digital forensic
tools for the OpenStack cloud computing platform. Digital Investigation, 10, pp.S87-S95.
Garfinkel, S.L., 2010, Digital forensics research: The next 10 years. digital investigation, 7,
pp.S64-S73.
Grispos, G., Storer, T., and Glisson, W.B., 2012, Calm before the storm: The challenges of cloud
computing in digital forensics. International Journal of Digital Crime and Forensics
(IJDCF), 4(2), pp.28-48.
Imran, A., Aljawarneh, S. and Sakib, K., 2016. Web Data Amalgamation for Security
Engineering: Digital Forensic Investigation of Open Source Cloud. J. UCS, 22(4), pp.494-520.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Digital forensic investigation 17
Kebande, V.R. and Ray, I., 2016, August, A generic digital forensic investigation framework for
internet of things (iot). In Future Internet of Things and Cloud (FiCloud), 2016 IEEE 4th
International Conference on (pp. 356-362). IEEE.
Liberatore, M., Erdely, R., Kerle, T., Levine, B.N. and Shields, C., 2010. Forensic investigation
of peer-to-peer file sharing networks. digital investigation, 7, pp.S95-S103.
Lillis, D., Becker, B., O'Sullivan, T. and Scanlon, M., 2016. Current challenges and future
research areas for digital forensic investigation. arXiv preprint arXiv:1604.03850, pp. 75-134.
Mumba, E.R. and Venter, H.S., 2014, August. Mobile forensics using the harmonised digital
forensic investigation process. In Information Security for South Africa (ISSA), 2014 (pp. 1-10).
IEEE.
Omeleze, S. and Venter, H.S., 2013, August. Testing the harmonised digital forensic
investigation process model-using an Android mobile phone. In Information Security for South
Africa, 2013 (pp. 1-8). IEEE.
Perumal, S., 2009. Digital forensic model based on Malaysian investigation
process. International Journal of Computer Science and Network Security, 9(8), pp.38-44.
Perumal, S., Norwawi, N.M. and Raman, V., 2015, October. Internet of Things (IoT) digital
forensic investigation model: Top-down forensic approach methodology. In Digital Information
Processing and Communications (ICDIPC), 2015 Fifth International Conference on (pp. 19-23).
IEEE.
Kebande, V.R. and Ray, I., 2016, August, A generic digital forensic investigation framework for
internet of things (iot). In Future Internet of Things and Cloud (FiCloud), 2016 IEEE 4th
International Conference on (pp. 356-362). IEEE.
Liberatore, M., Erdely, R., Kerle, T., Levine, B.N. and Shields, C., 2010. Forensic investigation
of peer-to-peer file sharing networks. digital investigation, 7, pp.S95-S103.
Lillis, D., Becker, B., O'Sullivan, T. and Scanlon, M., 2016. Current challenges and future
research areas for digital forensic investigation. arXiv preprint arXiv:1604.03850, pp. 75-134.
Mumba, E.R. and Venter, H.S., 2014, August. Mobile forensics using the harmonised digital
forensic investigation process. In Information Security for South Africa (ISSA), 2014 (pp. 1-10).
IEEE.
Omeleze, S. and Venter, H.S., 2013, August. Testing the harmonised digital forensic
investigation process model-using an Android mobile phone. In Information Security for South
Africa, 2013 (pp. 1-8). IEEE.
Perumal, S., 2009. Digital forensic model based on Malaysian investigation
process. International Journal of Computer Science and Network Security, 9(8), pp.38-44.
Perumal, S., Norwawi, N.M. and Raman, V., 2015, October. Internet of Things (IoT) digital
forensic investigation model: Top-down forensic approach methodology. In Digital Information
Processing and Communications (ICDIPC), 2015 Fifth International Conference on (pp. 19-23).
IEEE.
Digital forensic investigation 18
Quick, D. and Choo, K.K.R., 2014. Impacts of increasing volume of digital forensic data: A
survey and future research challenges. Digital Investigation, 11(4), pp.273-294.
Raghavan, S., 2013. Digital forensic research: current state of the art. CSI Transactions on
ICT, 1(1), pp.91-114.
Rekhis, S. and Boudriga, N., 2011. Logic-based approach for digital forensic investigation in
communication networks. Computers & Security, 30(6-7), pp.376-396.
Rekhis, S. and Boudriga, N., 2012. A system for formal digital forensic investigation aware of
anti-forensic attacks. IEEE transactions on information forensics and security, 7(2), pp.635-650.
Seo, K., Lim, K. and Lee, S., 2009. Detecting similar files for digital forensic investigation. The
Journal of Korean Institute of Information Technology, 7(2), pp.182-190.
Shields, C., Frieder, O. and Maloof, M., 2011. A system for the proactive, continuous, and
efficient collection of digital forensic evidence. Digital investigation, 8, pp.S3-S13.
Sindhu, K.K. and Meshram, B.B., 2012. Digital Forensic Investigation Tools and
Procedures. International Journal of Computer Network and Information Security, 4(4), p.39.
Taylor, M., Haggerty, J., Gresty, D. and Lamb, D., 2011. Forensic investigation of cloud
computing systems. Network Security, 2011(3), pp.4-10.
Taylor, R.W., Fritsch, E.J. and Liederbach, J., 2014. Digital crime and digital terrorism. Prentice
Hall Press.
Quick, D. and Choo, K.K.R., 2014. Impacts of increasing volume of digital forensic data: A
survey and future research challenges. Digital Investigation, 11(4), pp.273-294.
Raghavan, S., 2013. Digital forensic research: current state of the art. CSI Transactions on
ICT, 1(1), pp.91-114.
Rekhis, S. and Boudriga, N., 2011. Logic-based approach for digital forensic investigation in
communication networks. Computers & Security, 30(6-7), pp.376-396.
Rekhis, S. and Boudriga, N., 2012. A system for formal digital forensic investigation aware of
anti-forensic attacks. IEEE transactions on information forensics and security, 7(2), pp.635-650.
Seo, K., Lim, K. and Lee, S., 2009. Detecting similar files for digital forensic investigation. The
Journal of Korean Institute of Information Technology, 7(2), pp.182-190.
Shields, C., Frieder, O. and Maloof, M., 2011. A system for the proactive, continuous, and
efficient collection of digital forensic evidence. Digital investigation, 8, pp.S3-S13.
Sindhu, K.K. and Meshram, B.B., 2012. Digital Forensic Investigation Tools and
Procedures. International Journal of Computer Network and Information Security, 4(4), p.39.
Taylor, M., Haggerty, J., Gresty, D. and Lamb, D., 2011. Forensic investigation of cloud
computing systems. Network Security, 2011(3), pp.4-10.
Taylor, R.W., Fritsch, E.J. and Liederbach, J., 2014. Digital crime and digital terrorism. Prentice
Hall Press.
Digital forensic investigation 19
Valjarevic, A. and Venter, H.S., 2013, August. Implementation guidelines for a harmonised
digital forensic investigation readiness process model. In Information Security for South Africa,
2013 (pp. 1-9). IEEE.
Valjarevic, A. and Venter, H.S., 2015. A comprehensive and harmonized digital forensic
investigation process model. Journal of forensic sciences, 60(6), pp.1467-1483.
Zainudin, N.M., Merabti, M. and Llewellyn-Jones, D., 2010. A digital forensic investigation
model for online social networking. In Proceedings of the 11th annual conference on the
convergence of telecommunications, Networking & Broadcasting, Liverpool (pp. 21-22).
Valjarevic, A. and Venter, H.S., 2013, August. Implementation guidelines for a harmonised
digital forensic investigation readiness process model. In Information Security for South Africa,
2013 (pp. 1-9). IEEE.
Valjarevic, A. and Venter, H.S., 2015. A comprehensive and harmonized digital forensic
investigation process model. Journal of forensic sciences, 60(6), pp.1467-1483.
Zainudin, N.M., Merabti, M. and Llewellyn-Jones, D., 2010. A digital forensic investigation
model for online social networking. In Proceedings of the 11th annual conference on the
convergence of telecommunications, Networking & Broadcasting, Liverpool (pp. 21-22).
1 out of 19
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.