Insights into Information Terrorism from IT Forensics Perspective
Delve into the world of terrorism and information technology through the lens of IT forensics. Explore topics such as the uncertainties surrounding cybersecurity and digital crimes, the role of security players, Locard's Exchange Principle, computer investigations, evidence analysis, investigator questions and answers, and the data flux issue in Windows 7. Unravel the complexities of IT forensic investigations in dealing with modern-day threats.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
E N D
Presentation Transcript
Information Terrorism from IT Forensics Perspective Zsolt Ill si illesi.zsolt@mail.duf.hu
Topics terrorism & information technology forensic investigation issues to-do-list
Terrorism & Information Technology definition uncertainties: information| cyber| computer crime| terrorism| war[fare] hacking, cracking, hacktivism
Security Players defender attacker user pathfinder
Locards Exchange Principle everywhere you go, you take something with you, and you leave something behind provide link between crime scene(s) victim(s) perpetrator(s)
Computers, Crime, and Criminal Investigations all IT resources can be: target implementation/commitment tool/environment symbol witness of a (computer) crime
Computer Investigation Target DEO digital evidence object files data structures data elements (metadata) configuration elements (control data, settings etc.) DEO serves as evidence element.
Evidence in general data relates to relevant points of a case all together suitable establishing the facts (supporting the claims), ex-post reconstructions
Problems questions & answers needle in a haystack constant development in IT
Investigator Questions & Answers individual(s) involved nature of events that occurred who? what? where? crime scene when? timeline of events why? motivation of the offense how? used tools or exploits
Data Flux Issue Windows 7 size on a hdd: number of files: number of folders: 16GB+ 80,000+ 18,000+ And that s only the operating on one computer
Analysis Care Issue thoroughness time consuming time money inaccuracy missing important data cannot prove guilt cannot prove innocence
Recent Methodology Evolution dead systems well defined analysis steps copy of memory or storage trusted (forensic) environment trusted tools live systems evolving analysis steps original memory or storage content unclean (live) environment undecided tools
Future Methodology Evolution cloud encryption artificial ignorance artificial intelligence data mining
To-Do List IT forensics support & research initiation hash factory set up methodologies tools organisational cooperation improvement national EU international funding forensic experts complex toolset full-time professional (forensics) engagement
