University Digital Forensics Analysis Project 5: Report
VerifiedAdded on  2022/08/13
|10
|1946
|26
Project
AI Summary
This project provides an introduction to digital forensics analysis, covering methodologies and tools used in cybercrime investigations. The paper discusses different types of digital forensics, including disk, wireless, and network forensics, and highlights their advantages in integrating computer systems, preserving evidence, and tracking cybercriminals. The methodology section emphasizes secure programming fundamentals like input validation and access control. It also outlines the forensic fundamentals, including data collection, examination, analysis, and reporting. The project explores forensic analysis tools such as EnCase and FTK Imager, and delves into anti-forensic detection, cloud forensics, web log and session analysis, and hash analysis. The project concludes by emphasizing the importance of digital forensics in organizations and legal contexts, highlighting its role in investigating crimes and providing crucial evidence.
Running head: Project 5: Digital Forensics Analysis
Project 5: Digital Forensics Analysis
Name of the Student
Name of the University
Author Note
Project 5: Digital Forensics Analysis
Name of the Student
Name of the University
Author Note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Project 5: Digital Forensics Analysis 1
Table of Contents
Introduction:...............................................................................................................................2
Types of digital forensic:...........................................................................................................2
Methodology:.............................................................................................................................3
Secure programming fundamentals:......................................................................................3
Forensic fundamentals:..........................................................................................................3
Forensic analysis tools:..............................................................................................................4
EnCase tool:...........................................................................................................................4
FTK imager tool:....................................................................................................................4
Anti forensic detection:..............................................................................................................5
Cloud forensics:.........................................................................................................................5
Web log and session analysis:....................................................................................................6
Hash analysis:.............................................................................................................................6
Conclusion:................................................................................................................................6
References:.................................................................................................................................7
Table of Contents
Introduction:...............................................................................................................................2
Types of digital forensic:...........................................................................................................2
Methodology:.............................................................................................................................3
Secure programming fundamentals:......................................................................................3
Forensic fundamentals:..........................................................................................................3
Forensic analysis tools:..............................................................................................................4
EnCase tool:...........................................................................................................................4
FTK imager tool:....................................................................................................................4
Anti forensic detection:..............................................................................................................5
Cloud forensics:.........................................................................................................................5
Web log and session analysis:....................................................................................................6
Hash analysis:.............................................................................................................................6
Conclusion:................................................................................................................................6
References:.................................................................................................................................7
2Project 5: Digital Forensics Analysis
Introduction:
The purpose of this paper is to discuss about methodology for digital forensic
analysis. The report will identify the purpose, requirements and objectives of investigation.
Digital forensic is the method of preservation, analysis as well as presentation of computer or
cyber crime related evidence (Holt, Bossler & Seigfried-Spellar, 2017). It is the technique
that is used for finding the evidence of media that is connected with mobile, computer and
network. By the help of this method, the forensic team is able to analyse, recognise, and
preserve the data which is related to the digital media like mobile and computer.
Types of digital forensic:
There are three types of digital forensics that are
i. Disk Forensics
ii. Wireless Forensics
iii. Network Forensics.
Mobile Forensics, memory Forensics, Email Forensics are also different types of Forensics.
The Advantages of digital forensic are as follows:
I. It is used to integrate the computer system.
II. As this method is used for preserving and presenting evidence by which the culprit
can be punished according to the court law.
III. Cyber criminals are tracked down efficiently by this method and it is used to
protect the fund and the time of the organization
Introduction:
The purpose of this paper is to discuss about methodology for digital forensic
analysis. The report will identify the purpose, requirements and objectives of investigation.
Digital forensic is the method of preservation, analysis as well as presentation of computer or
cyber crime related evidence (Holt, Bossler & Seigfried-Spellar, 2017). It is the technique
that is used for finding the evidence of media that is connected with mobile, computer and
network. By the help of this method, the forensic team is able to analyse, recognise, and
preserve the data which is related to the digital media like mobile and computer.
Types of digital forensic:
There are three types of digital forensics that are
i. Disk Forensics
ii. Wireless Forensics
iii. Network Forensics.
Mobile Forensics, memory Forensics, Email Forensics are also different types of Forensics.
The Advantages of digital forensic are as follows:
I. It is used to integrate the computer system.
II. As this method is used for preserving and presenting evidence by which the culprit
can be punished according to the court law.
III. Cyber criminals are tracked down efficiently by this method and it is used to
protect the fund and the time of the organization
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3Project 5: Digital Forensics Analysis
Methodology:
Secure programming fundamentals:
This is very much important for the programmer that they have to follow the methods
of secure coding as well as they have to adopt some safe practices in the stages of
development. Input validation is one of the fundamental practices of secure programming that
is performed for preventing attacks that come from the external sources. One more
fundamental practice for ensuring the security is the access control (Singhal, Winograd &
Scarfone, 2007). This is very much important that the programmer have to include the
architectures and tools related to security which will detect errors of code and will also
prevent attacks.
Forensic fundamentals:
The digital forensic analysis is performed for investigation and reviewing the data and
information that are collected from the computer networks and digital communities. At the
time of collection of data, the information and data are having relation with a specific
incident or event which is labelled, collected, recorded and identified as well as the integrity
is preserved.
In the next stage, examination with forensic tools and techniques will be applied for
collecting the data types which has been collected as well as executed for identifying and
extracting the information and data that are relevant while protecting the integrity.
The next step in the analysis is involving to analyse the results that have been gained
from the investigation will address the questions which were the impetus to perform the
examination and data collection.
The final step is to report the results that have been gained from the analysis that can
include describe the actions that have been performed by making determination about some
Methodology:
Secure programming fundamentals:
This is very much important for the programmer that they have to follow the methods
of secure coding as well as they have to adopt some safe practices in the stages of
development. Input validation is one of the fundamental practices of secure programming that
is performed for preventing attacks that come from the external sources. One more
fundamental practice for ensuring the security is the access control (Singhal, Winograd &
Scarfone, 2007). This is very much important that the programmer have to include the
architectures and tools related to security which will detect errors of code and will also
prevent attacks.
Forensic fundamentals:
The digital forensic analysis is performed for investigation and reviewing the data and
information that are collected from the computer networks and digital communities. At the
time of collection of data, the information and data are having relation with a specific
incident or event which is labelled, collected, recorded and identified as well as the integrity
is preserved.
In the next stage, examination with forensic tools and techniques will be applied for
collecting the data types which has been collected as well as executed for identifying and
extracting the information and data that are relevant while protecting the integrity.
The next step in the analysis is involving to analyse the results that have been gained
from the investigation will address the questions which were the impetus to perform the
examination and data collection.
The final step is to report the results that have been gained from the analysis that can
include describe the actions that have been performed by making determination about some
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4Project 5: Digital Forensics Analysis
other necessary actions that are required to be performed (Kent, 2006). The forensic analysis
can be utilized by the business organisations for various purposes like internal actions,
management of legal matters, maintenance of security of network and detection and
prevention of cyber threats.
Forensic analysis tools:
The forensic analysis can be performed with the help of tools that has been designed
for different platforms that includes Linux, Windows and Mac (National Institute of
Standards and Technology, 2014). The tools are having several functions that are created for
performing specific tasks like file recovery, disk imaging, image and hash analysis, email
parsing, password recovery, memory capture etc.
EnCase tool:
Encase is the strong software that is used to gather all the data that is related to digital
media. It is also used for analysing, and breaking the complexity of the file it gives the
allowance for automation the report, decryption and it has the supportive features like
scripting facility which is called Enscript (Nance, Nestler & Bishop, 2019). It is designed as
a forensics tool which is performed various court systems. This software is also designed as a
tool for cyber security, e-discovery and security analytics. It gives allowance to the
investigators for conducting the depth analysis of the user files that means gathering of
evidence like documentations, images, network history etc.
FTK imager tool:
FTK represents Forensic Tool Kit. It is the forensic software which is made by the
access data. It has ability to scan the hardware that's why it is able to search for the various
information. It is a forensic method that is used for retrieved the evidence which is related to
the digital media (Hashim et al., 2017). It is free, simple, user interface and it is capable of
other necessary actions that are required to be performed (Kent, 2006). The forensic analysis
can be utilized by the business organisations for various purposes like internal actions,
management of legal matters, maintenance of security of network and detection and
prevention of cyber threats.
Forensic analysis tools:
The forensic analysis can be performed with the help of tools that has been designed
for different platforms that includes Linux, Windows and Mac (National Institute of
Standards and Technology, 2014). The tools are having several functions that are created for
performing specific tasks like file recovery, disk imaging, image and hash analysis, email
parsing, password recovery, memory capture etc.
EnCase tool:
Encase is the strong software that is used to gather all the data that is related to digital
media. It is also used for analysing, and breaking the complexity of the file it gives the
allowance for automation the report, decryption and it has the supportive features like
scripting facility which is called Enscript (Nance, Nestler & Bishop, 2019). It is designed as
a forensics tool which is performed various court systems. This software is also designed as a
tool for cyber security, e-discovery and security analytics. It gives allowance to the
investigators for conducting the depth analysis of the user files that means gathering of
evidence like documentations, images, network history etc.
FTK imager tool:
FTK represents Forensic Tool Kit. It is the forensic software which is made by the
access data. It has ability to scan the hardware that's why it is able to search for the various
information. It is a forensic method that is used for retrieved the evidence which is related to
the digital media (Hashim et al., 2017). It is free, simple, user interface and it is capable of
5Project 5: Digital Forensics Analysis
advanced searching. A case log file is produced by this imager tool. It has the supportive
features of decrypting. However it doesn't support PSD and AVI. It is not multitasking and
scripting support and it is not a progress bar.
Anti forensic detection:
The main focus of computer forensics is on collection and analysing data and
information from the computer systems for using as evidence in courts. The forensic tools
can be categorised like the persisted data tools and volatile data tools (Conlan, Baggili &
Breitinger, 2016). The anti forensic is basically the utilization of techniques and tools for
avoiding detection of event, collection of disrupt information or cast doubt on the results.
Cloud forensics:
The cloud forensics is basically a cross discipline that is between digital forensics and
cloud computing. The cloud computing is basically an application that remains with in the
digital forensics that can oversee the crime which is committed over the investigations and
cloud on it (Choo, Esposito & Castiglione, 2017). The network forensics can enable
identification and investigation of network attacks by the digital contents that have been
retrieved. The mobile cloud computing (MCC) has been made a congenital target by the
proliferation of smart phones as well as the universal data access that is cost effective. There
are several challenges of cloud forensics that are as follows:
ï‚· Different providers are having various approaches to cloud computing.
ï‚· Limited power for investigation that is given to the consulting organisations and
investigators to obtain data and information under respective jurisdictions.
ï‚· Lack in legislative mechanisms that are facilitating evidence retrieval that involves
confidential data.
ï‚· Lack of forensic expertise.
advanced searching. A case log file is produced by this imager tool. It has the supportive
features of decrypting. However it doesn't support PSD and AVI. It is not multitasking and
scripting support and it is not a progress bar.
Anti forensic detection:
The main focus of computer forensics is on collection and analysing data and
information from the computer systems for using as evidence in courts. The forensic tools
can be categorised like the persisted data tools and volatile data tools (Conlan, Baggili &
Breitinger, 2016). The anti forensic is basically the utilization of techniques and tools for
avoiding detection of event, collection of disrupt information or cast doubt on the results.
Cloud forensics:
The cloud forensics is basically a cross discipline that is between digital forensics and
cloud computing. The cloud computing is basically an application that remains with in the
digital forensics that can oversee the crime which is committed over the investigations and
cloud on it (Choo, Esposito & Castiglione, 2017). The network forensics can enable
identification and investigation of network attacks by the digital contents that have been
retrieved. The mobile cloud computing (MCC) has been made a congenital target by the
proliferation of smart phones as well as the universal data access that is cost effective. There
are several challenges of cloud forensics that are as follows:
ï‚· Different providers are having various approaches to cloud computing.
ï‚· Limited power for investigation that is given to the consulting organisations and
investigators to obtain data and information under respective jurisdictions.
ï‚· Lack in legislative mechanisms that are facilitating evidence retrieval that involves
confidential data.
ï‚· Lack of forensic expertise.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6Project 5: Digital Forensics Analysis
Web log and session analysis:
The session and log analysis is utilized for collecting data and information that is
about the accessibility of internet servers or utilization of web sites. The analysis can be done
on the basis of the values that are contained in the log file (Quirk eMarketing, 2010). The log
file analysis tools can read the record from the web servers that record all of the clicks which
are having the ability to take place on the internet server. The internet servers have stored all
of the clicks always that have taken place in the log-file. Both the sessions and log files are
very much useful for to derive analytics about the patterns and behaviours of the users.
Hash analysis:
The hash analysis is basically a methodology which is utilized for altering the
characters of data in to keys so that the keys can be quickly accessed. The methodology can
be also utilized for encryption of data as well as for the decryption of information and data
through authenticating the digital signatures. The tools related to forensic taxonomy that is
from NIST (National Institute of Standards and Technology) can provide the detailing of
hash related algorithms and hash analysis for various systems including Windows, Mac and
Linux.
Conclusion:
Thus, it can be concluded from the report that the digital forensics filed is simple in
theory by in practice it is very much complex. The digital forensics can be useful for the
organisations as well as in the law firms. The digital evidence is very much important to the
prosecution and investigation of many types of crimes as the evidences can reveal
information about movements of suspects, crimes committed and criminal associates.
Web log and session analysis:
The session and log analysis is utilized for collecting data and information that is
about the accessibility of internet servers or utilization of web sites. The analysis can be done
on the basis of the values that are contained in the log file (Quirk eMarketing, 2010). The log
file analysis tools can read the record from the web servers that record all of the clicks which
are having the ability to take place on the internet server. The internet servers have stored all
of the clicks always that have taken place in the log-file. Both the sessions and log files are
very much useful for to derive analytics about the patterns and behaviours of the users.
Hash analysis:
The hash analysis is basically a methodology which is utilized for altering the
characters of data in to keys so that the keys can be quickly accessed. The methodology can
be also utilized for encryption of data as well as for the decryption of information and data
through authenticating the digital signatures. The tools related to forensic taxonomy that is
from NIST (National Institute of Standards and Technology) can provide the detailing of
hash related algorithms and hash analysis for various systems including Windows, Mac and
Linux.
Conclusion:
Thus, it can be concluded from the report that the digital forensics filed is simple in
theory by in practice it is very much complex. The digital forensics can be useful for the
organisations as well as in the law firms. The digital evidence is very much important to the
prosecution and investigation of many types of crimes as the evidences can reveal
information about movements of suspects, crimes committed and criminal associates.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7Project 5: Digital Forensics Analysis
8Project 5: Digital Forensics Analysis
References:
Choo, K. K. R., Esposito, C., & Castiglione, A. (2017). Evidence and forensics in the cloud:
Challenges and future research directions. IEEE Cloud Computing, 4(3), 14-19.
Conlan, K., Baggili, I., & Breitinger, F. (2016). Anti-forensics: Furthering digital forensic
science through a new extended, granular taxonomy. Digital investigation, 18, S66-
S75.
Hashim, M. A., Halim, I. H. A., Ismail, M. H., Noor, N. M., Fuzi, M. F. M., Mohammed, A.
H., & Gining, R. A. J. (2017). Digital Forensic Investigation of Trojan Attacks in
Network using Wireshark, FTK Imager and Volatility. Computing Research &
Innovation (CRINN) Vol 2, October 2017, 205..
Holt, T. J., Bossler, A. M., & Seigfried-Spellar, K. C. (2017). Cybercrime and digital
forensics: An introduction. Routledge.
Kent, K., Chevalier, S., Grance, T., & Dang, H. (2006). Computer security: Guide to
integrating forensic techniques into incident response: Recommendations of the
National Institute of Standards and Technology (Special Publication 800-86).
http://csrc.nist.gov/publications/nistpubs/800-86/SP800-86.pdf
Nance, K., Nestler, V., & Bishop, M. (2019). Use My Digital Forensics Tool... It’s
Shiny!. Journal of International Technology and Information Management, 28(3), 91-
100.
National Institute of Standards and Technology. (2014). Forensic tool taxonomy.
In Computer forensics tool catalog. http://toolcatalog.nist.gov/taxonomy/index.php?
ff_id=11
References:
Choo, K. K. R., Esposito, C., & Castiglione, A. (2017). Evidence and forensics in the cloud:
Challenges and future research directions. IEEE Cloud Computing, 4(3), 14-19.
Conlan, K., Baggili, I., & Breitinger, F. (2016). Anti-forensics: Furthering digital forensic
science through a new extended, granular taxonomy. Digital investigation, 18, S66-
S75.
Hashim, M. A., Halim, I. H. A., Ismail, M. H., Noor, N. M., Fuzi, M. F. M., Mohammed, A.
H., & Gining, R. A. J. (2017). Digital Forensic Investigation of Trojan Attacks in
Network using Wireshark, FTK Imager and Volatility. Computing Research &
Innovation (CRINN) Vol 2, October 2017, 205..
Holt, T. J., Bossler, A. M., & Seigfried-Spellar, K. C. (2017). Cybercrime and digital
forensics: An introduction. Routledge.
Kent, K., Chevalier, S., Grance, T., & Dang, H. (2006). Computer security: Guide to
integrating forensic techniques into incident response: Recommendations of the
National Institute of Standards and Technology (Special Publication 800-86).
http://csrc.nist.gov/publications/nistpubs/800-86/SP800-86.pdf
Nance, K., Nestler, V., & Bishop, M. (2019). Use My Digital Forensics Tool... It’s
Shiny!. Journal of International Technology and Information Management, 28(3), 91-
100.
National Institute of Standards and Technology. (2014). Forensic tool taxonomy.
In Computer forensics tool catalog. http://toolcatalog.nist.gov/taxonomy/index.php?
ff_id=11
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9Project 5: Digital Forensics Analysis
National Institute of Standards and Technology. (2014). Computer forensics tool catalog.
http://toolcatalog.nist.gov/index.php
Quirk eMarketing. (2010). Online marketing essentials.
http://2012books.lardbucket.org/books/online-marketing-essentials/s18-web-
analytics-and-conversion-o.html
Singhal, A., Winograd, T., & Scarfone, K. (2007). Computer security: Guide to secure web
services: Recommendations of the National Institute of Standards and
Technology (Special Publication 800-95).
http://csrc.nist.gov/publications/nistpubs/800-95/SP800-95.pdf
National Institute of Standards and Technology. (2014). Computer forensics tool catalog.
http://toolcatalog.nist.gov/index.php
Quirk eMarketing. (2010). Online marketing essentials.
http://2012books.lardbucket.org/books/online-marketing-essentials/s18-web-
analytics-and-conversion-o.html
Singhal, A., Winograd, T., & Scarfone, K. (2007). Computer security: Guide to secure web
services: Recommendations of the National Institute of Standards and
Technology (Special Publication 800-95).
http://csrc.nist.gov/publications/nistpubs/800-95/SP800-95.pdf
1 out of 10
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.