Examine Computer Forensics and Privacy

In: Computers and Technology

Submitted By coopwydddd
Words 823
Pages 4
Week 1: Assignment 2 Examine Computer Forensics and Privacy
Computers and the Internet have become a pervasive element in modern life. This technology is also used by those who engage in crime and other misconduct. Effective investigation of these offenses requires evidence derived from computers, telecommunications and the Internet.
The need for digital evidence has led to a new areas of criminal investigations: Computer Forensics. Forensic investigators identify, extract, preserve and document computer and other digital evidence. This new field is less than fifteen years old, and is rapidly evolving. Education in this field has focused largely on its technical aspects. However, there are significant legal issues and ethical problems that investigators must deal with. Failure to follow proper legal procedure will result in evidence being ruled inadmissible in court. As a result, a guilty criminal might go free. Failure to behave in an ethical manner will erode public confidence in law enforcement, making its job more difficult and less effective.
Investigators must have a working knowledge of legal issues involved in computer forensics. They must know what constitutes a legal search of a stand-alone computer as opposed to a network; what laws govern obtaining evidence and securing it so that the chain of evidence is not compromised; what telecommunications may lawfully be intercepted or examined after they have been received; what legally protected privacy rights employees and other individuals possess. Because computer forensics is such a new field, investigative and legal norms are just now emerging. Little has been written about the legal requirements for admissibility of computer forensic evidence, or about the ethical and regulatory issues related to this new field.
First we will examine the admissibility of evidence in a criminal prosecution,…...

Similar Documents

Computer Forensics

...International Journal of Digital Evidence Fall 2007, Volume 6, Issue 2 Computer Forensic Analysis in a Virtual Environment Derek Bem Ewa Huebner University of Western Sydney, Australia Abstract In this paper we discuss the potential role of virtual environments in the analysis phase of computer forensics investigations. General concepts of virtual environments and software tools are presented and discussed. Further we identify the limitations of virtual environments leading to the conclusion that this method can not be considered to be a replacement for conventional techniques of computer evidence collection and analysis. We propose a new approach where two environments, conventional and virtual, are used independently. Further we demonstrate that this approach can considerably shorten the time of the computer forensics investigation analysis phase and it also allows for better utilisation of less qualified personnel. Keywords: Computer Forensics, Virtual Machine, computer evidence. Introduction In this paper we examine the application of the VMWare (VMWare, 2007) virtual environment in the analysis phase of a computer forensics investigation. We show that the environment created by VMWare differs considerably from the original computer system, and because of that VMWare by itself is very unlikely to produce court admissible evidence. We propose a new approach when two environments, conventional and virtual, are used concurrently and independently. After the......

Words: 3983 - Pages: 16

Computer Forensics Case Analysis

...Project 1 Case Analysis CCJS321 The two cases I have chosen to analyze for Project One is the Max Ray Butler aka “Iceman” cybercrime case and the Albert Gonzalez cybercrime case. I have chosen these two cases because they both had significant impact on the computer forensics field. Both of these cybercrimes are similar in nature because both deal in credit card and identity theft on the grandest scale. Max Ray Butler and Albert Gonzalez were brought to justice after many years of a cyber-forensic investigation that went through a network of multiple U.S. agencies; including the FBI, US Secret Service and US-CERT (United States Computer Emergency Readiness Team) a Department of Homeland Security who were all networked together at the National Computer Forensic Training Academy in Pittsburg, Pennsylvania. Both of these men were given the longest prison sentences ever handed out by a judge for computer crimes of their notoriety and magnitude. Finally, they both set a blue print for digital forensic investigators of the proper procedures to follow in order to capture future want-to-be crime lords. Max Butler aka “Iceman” was a white-hat hacker that went rogue. His story is that, “he was a good hacker hired by the government to test the security of one of their websites, while doing that job he installed a backdoor to their system that would allow him to come in later so he could make some fixes to the system on his own time. Well of course this second part of the...

Words: 1323 - Pages: 6

Computer Forensics Analysis Project

...Computer Forensics I (FOR 240-81A) Project #3 Case Background The Suni Munshani v. Signal Lake Venture Fund II, LP, et al suit is about email tampering, perjury, and fraud. On December 18, 2000, Suni Munshani (Plaintiff) filed a suit against Signal Lake Venture Fund. Mr. Munshani claimed that he was entitled to warrants in excess of $25 million dollars from Signal Lake. In February 2001, Signal Lake Venture Fund II, LP, et al. (Defendant) became privy to the court filings in this case. Within the filings there was an email provided by Mr. Munshani from Hemant Trivedi, CEO of one of the portfolio companies, stating he was indeed entitled to the warrants. Mr. Trivedi denied any knowledge of the email, or any such communication with Mr. Munshani. In an effort to prove their innocence, Signal Lake hired a computer forensic group to conduct a private investigation. The investigation did not show any evidence of the supposed email provided to the court by Mr. Munshani. Mr. Trivedi filed an affidavit stating that the email was forged, while Mr. Munshani filed an affidavit stating the email was real. In March 2001, a computer forensics expert, Kenneth R. Shear, was appointed by the court to perform a forensic examination on the questioned message (the message provided by Mr. Munshani) and the comparative message (a second message from Mr. Trivedi found on Mr. Munshani’s computer). Mr. Shear worked for a company called Electronic Evidence Discovery, Inc. (EED). Mr. Shear’s......

Words: 799 - Pages: 4

Computer Forensic Analysis and Repor

... Computer Forensic Analysis and Report Nathaniel B. Rollins Jr Kaplan University Computer Forensics I/CF101 Prof: Tatyana Zidarov November 19, 2012 Computer Forensic Analysis and Report A. INTODUCTION I Nathaniel B. Rollins a Computer Forensic Specialist (CFS) with the Metro Police Department (MPD) received a file image from Officer X to conduct a search for electronic evidence. Which he stated was copied from the SNEEKIE BADINUF (COMPLAINANT) computer, with consent. This was verified through COMPLAINANT statement, repot, consent to search form, and chain of custody, provided by Officer X, along with the request for analyzing the evidence. Upon reviewing of her statement filed on May 14 2006, the COMPLAINANT stated she had received an email from a correspondent named NFarious that demanded $5000 in ransom, or the animals would be harmed. The COMPLAINANT also stated her pets had been gone for an entire week, and she was worried that the abductor may already have injured the animals. During a subsequent interview the COMPLAINANT stated that she took out a $20,000 insurance policy on her pets in September 2005 that would not be active for 6 month. The purpose of this investigation is to confer or negate the COMPLAINTANTS involvement with the kidnaping of the animals. B. MATERIALS AVAILABLE FOR REVIEW a. 1 Chain of Custody b. Evidence Log c. Complainants Statement d. Officers Report e. Forensic Disk Image of Computer f. Photos...

Words: 1176 - Pages: 5

Computer Forensics

...Computer Forensics The world of crime has expanded right along with the explosion of the internet. The modern cyber criminal has veritable global playground in which to steal money and information from unsuspecting victims. Computer forensics is a quickly emerging science against the increasingly difficult battle to bring criminals to justice who perpetrates crimes on others. The computer forensics field is a relatively new investigative tool but enjoys continual advances in procedures, standards, and methodology which is making the identification, preservation, and analyzing of digital evidence a powerful law enforcement apparatus. The job of the cyber forensic professional is to look for clues the attacker left behind on web sites, servers, and even the e-mail message itself that will unravel their sometimes carefully woven veil of secrecy. Attackers come in all forms and from a variety of different circumstances. For instance, an attacker can begin a phishing scam with only a web server they control with very little programming experience and a way to send a lot of e-mail messages. (Jones 4) In order to combat the waves of cyber-attackers, we must utilize Open Source Community applications to combat the continual onslaught of infections, exploitations, and trickery employed everyday against our systems and networks. Today's attacker uses a variety of technologies to employ their methods and understanding those abilities is integral to preparing for an......

Words: 2742 - Pages: 11

Computer Forensics Tools

...Computer Forensics Tools Strayer University E-Support Undelete Plus is powerful software that can quickly scan a computer or storage medium for deleted files and restore them on command. It works with computers, flash drives, cameras, and other forms of data storage. Deleting a file from your computer, flash disk, camera, or the like does not mean it is lost forever. Software doesn’t destroy files when it deletes, it simply marks the space the file was using as being available for re-use. If nothing has needed that space since the deletion, the data is still there and the file can be recovered. Simply scan the device, select the files you want to recover, and click a button to restore the information (Softpedia, 2013). The interface Undelete PLUS is geared up with is very nice and easy to handle. In the right panel, there is the Drives tree. The user can change the view to file types (MP3, PDF, RTF, RAR, ZIP, XML, PNG, etc.) or to folders. In the left, there will be displayed all the files Undelete PLUS was able to detect. The software will inform you of the state of the files it has detected. This way, you will know that if the status reads "very good" then there still is a chance of recovering that file. "Overwritten" status means that the respective file is either corrupted or cannot be recovered. Additional information tell you about the size of the file, format, path, date of its creation and modification. The software is capable of recovering......

Words: 1755 - Pages: 8

Is471 Computer Forensics Course

...IS471 Computer Forensics Course http://homeworklance.com/downloads/is471-computer-forensics-course/ IS471 Written Assignment Computer Forensics Evidence Rules Written Assignment: Computer Forensics Evidence Rules • Describe how to make a self-evaluation of your work by answering the following questions: a. How could you improve your performance in the case? b. Did you expect the results you found? Did the case develop in ways you did not expect? c. Was the documentation as thorough as it could have been? d. What feedback has been received from the requesting source? e. Did you discover any new problems? If so, what are they? f. Did you use new techniques during the case or during research? Your report should include: Abstract. Table of contents
. Body of report
. Conclusion. IS471 Written Assignment Definition of Computer Forensics Part A 1. Why should your evidence media be write protected? 2. Why does the ASCLD mandate that there should be procedures established for a computer forensics lab? 3. List 2 popular certification systems for computer forensics. IS471 Written Assignment Definition of Computer Forensics Part B IS471 Written Assignment Definition of Computer Forensics Part Describe how to conduct an investigation IS471 Written Assignment E-mail 1. What is the main piece of information you look for in an email message you are investigating? 2. Please list 2 formatting standards for email. 3. When you access your......

Words: 638 - Pages: 3

Is471 Computer Forensics Course

...IS471 Computer Forensics Course http://homeworklance.com/downloads/is471-computer-forensics-course/ IS471 Written Assignment Computer Forensics Evidence Rules Written Assignment: Computer Forensics Evidence Rules • Describe how to make a self-evaluation of your work by answering the following questions: a. How could you improve your performance in the case? b. Did you expect the results you found? Did the case develop in ways you did not expect? c. Was the documentation as thorough as it could have been? d. What feedback has been received from the requesting source? e. Did you discover any new problems? If so, what are they? f. Did you use new techniques during the case or during research? Your report should include: Abstract. Table of contents
. Body of report
. Conclusion. IS471 Written Assignment Definition of Computer Forensics Part A 1. Why should your evidence media be write protected? 2. Why does the ASCLD mandate that there should be procedures established for a computer forensics lab? 3. List 2 popular certification systems for computer forensics. IS471 Written Assignment Definition of Computer Forensics Part B IS471 Written Assignment Definition of Computer Forensics Part Describe how to conduct an investigation IS471 Written Assignment E-mail 1. What is the main piece of information you look for in an email message you are investigating? 2. Please list 2 formatting standards for email. 3. When you access your......

Words: 638 - Pages: 3

Computer Privacy

...| Computer Privacy | For Managing Information Systems | C Potts10-26-2015 | COMPUTER PRIVACY Privacy can be a key aspect of the user experience with computers, online systems, and new technologies. Knowing what to consider about users and their views of computer systems can only improve privacy mechanisms. Privacy is emerging as a critical design element for interactive systems in areas as diverse as e-commerce, health care, office work, and personal communications. These systems face the same fundamental tension. On the one hand, personal information can be used to streamline interactions, facilitate communication, and improve services. On the other hand, this same information introduces risks, ranging from mere distractions to extreme threats. Government reports, essays, books, and media coverage testify on peoples’ concerns regarding the potential for abuse and general unease over the lack of control over a variety of computer systems. Similarly, application developers worry that privacy concerns can impair the acceptance and adoption of their systems. No end-to-end solutions exist to design privacy-respecting systems that cater to user concerns. This paper will show that researchers in Human–Computer Interaction (HCI) and Computer Supported Cooperative Work (CSCW) can greatly improve the protection of individual’s personal information, because many of the threats and vulnerabilities associated with privacy originate from the interactions between the people......

Words: 799 - Pages: 4

Assignment 1: Computer Forensics Overview

...Assignment 1: Computer Forensics Overview CIS 417 Computer Forensics Computer forensics is the process of investigating and analyzing techniques to gather and preserve information and evidence from a particular computing device in a way it can be presented in a court of law. The main role of computer analyst is to recover data including photos, files/documents, and e-mails from computer storage devices that were deleted, damaged and otherwise manipulated. The forensics expert’s work on cases involving crimes associated with internet based concerns and the investigations of other potential possibilities on other computer systems that may have been related or involved in the crime to find enough evidence of illegal activities. Computer experts can also use their professional knowledge to protect corporate computers/servers from infiltration, determine how the computer was broken into, and recover lost files in the company. Processes are used to obtain this information and some of the processes are as follows; * Investigation process: Computer forensics investigations will typically be done as part of a crime that allegedly occurred. The first step of the investigation should be to verify that a crime took place. Understand what occurred of the incident, assess the case, and see if the crime leads back to the individual. * System Description: Next step, once you verified the crime did occur, you then begin gathering as much information and data about the specific...

Words: 1397 - Pages: 6

Computer Forensics and Cyber Crime

...Computer Forensics and Cyber Crime Author Institution Computer Forensics and Cyber Crime A security survey or audit can also be referred to as a vulnerability analysis. A security survey is an exhaustive physical examination whereby all operational systems and procedures are inspected thoroughly (Fischer & Green, 2004). A security survey involves a critical on-site examination and analysis of a facility, plant, institution, business or home to determine its current security status, its current practices deficiencies or excesses, determine level of protection needed, and ways of improving overall security levels are recommended. A security survey can either be done by in-house personnel or by external security consultants. However, outside security experts are preferred their approach to the job would be more objective and would not take some parts of the job for granted therefore resulting to a more complete appraisal of current conditions. A security survey/audit should be carried out regularly so as keep improving to and up to date especially with the growing rate of technology. Overall objectives of a security survey are: determination of current states of security, location various weaknesses in the security defenses, determination of level of protection required and finally give recommendations for the establishment of a total security program (Fischer & Green, 2004). Some weaknesses identified in the process of a security survey may be:......

Words: 686 - Pages: 3

Computer Forensics Operational Manual

...COMPUTER FORENSICS OPERATIONAL MANUAL 1. Policy Name: Imaging Removable Hard Drives 2. Policy Number/Version: 1.0 3. Subject: Imaging and analysis of removable evidence hard drives. 4. Purpose: Document the procedure for imaging and analyzing different types of evidence hard drives removed from desktop or laptop computers. 5. Document Control:Approved By/Date: Revised Date/Revision Number: 6. Responsible Authority: The Quality Manager (or designee). 7. Related Standards/Statutes/References: A) ASCLD/LAB Legacy standards 1.4.2.5, 1.4.2.6, 1.4.2.7, 1.4.2.8, 1.4.2.11, and 1.4.2.12. B) ASCLD/LAB International Supplemental requirements: 3 (Terms and Definitions), 4.13.2.4, 5.4.1.1, 5.4.1.2, 5.4.2.1. C) ISO/IEC 17025:2005 clauses: 4.1.5 (a, f, g, h, and i), 4.2.1, 4.2.2 (d), 4.2.5, 4.3.1, 4.15.1, 5.3.2, 5.4.1, 5.4.4, 5.4.5.2, 5.4.7.2 (a - c), all of 5.5, all of 5.8, and 5.9.1 (a). 8. Scope: Imaging and examining different types of hard drives (SATA, SCSI, and IDE) removed from desktops and laptops. 9. Policy Statement: A) No analysis will be performed without legal authority (search warrant or consent form). If not submitted, the examiner must contact the investigator to obtain the necessary legal authority. B) Forensic computers are not connected to the Inter-net. C) All forensic archives created and data recovered during examinations are considered evidence. D) Changes to this procedure can be made if approved by the Quality Manager, who will document the changes...

Words: 731 - Pages: 3

Computer Forensics

...Computer Forensics Through the Years Prof. Pepin Galarga Computer Forensics Sep 11, 2010 Table of Content Introduction …………………………………………………………………………………Page 2 The Early Years……………………………………………………………….......................Page 3 Early Training Programs …………………………………………………………………....Page 4 Typical Aspects of Computer Forensic Investigations ……………………………………..Page 5 Legal Aspects of Computer Forensics …………………………………………..……...…..Page 6 Conclusion ………………………………………………………………………………….Page 7 References………………………………………………………………………………..…Page 8 Introduction If you manage or administer information systems and networks, you should understand computer forensics. Forensics is the process of using scientific knowledge for collecting, analyzing, and presenting evidence to the courts. (The word forensics means “to bring to the court.”) Forensics deals primarily with the recovery and analysis of latent evidence. Latent evidence can take many forms, from fingerprints left on a window to DNA evidence recovered from blood stains to the files on a hard drive. Because computer forensics is a new discipline, there is little standardization and consistency across the courts and industry. As a result, it is not yet recognized as a formal “scientific” discipline. Image by Flickr.com, courtesy of Steve Jurvetson Computer forensics is the study of extracting, analyzing and documenting evidence from a computer system or network. It is often used by law enforcement officials to seek...

Words: 1382 - Pages: 6

Computer Forensics

...computer forensics Background of Computer forensics: What is most worth to remember is that computer forensic is only one more from many forensic subdivisions. It’s not new, it’s not revolution.. Computer forensics use the same scientific methods like others forensics subdivisions. So computer forensics is not revolution in forensic science! It’s simple evolution of crime techniques and ideas. Forensic origins: Forensic roots from a Latin word, “forensic” which generally means forum or discussion. In the reign of the Romans, any criminal who has been charged with a crime is presented before an assembly of public folks. Both of the complainant and the defendant are to present their sides through their own speeches. The one who was able to explain his side with fervent delivery and argumentation typically won the case. It is important to realize that computer forensics is only one subdivision of forensic science. It is digital, it includes most advanced computer science but still it is only branch of forensic science, an its main goal is  submission of the proven claims of scientific methods and strategies to recover any significant digital traces. Computer Forensic Timeline: 1970s • First crimes cases involving computers, mainly financial fraud 1980’s • Financial investigators and courts realize that in some cases all the records and evidences were only on computers. • Norton Utilities, “Un-erase” tool created • Association of Certified......

Words: 4790 - Pages: 20

Computer Intrusion Forensics

...Computer Intrusion Forensics Research Paper Nathan Balon Ronald Stovall Thomas Scaria CIS 544 Abstract The need for computer intrusion forensics arises from the alarming increase in the number of computer crimes that are committed annually. After a computer system has been breached and an intrusion has been detected, there is a need for a computer forensics investigation to follow. Computer forensics is used to bring to justice, those responsible for conducting attacks on computer systems throughout the world. Because of this the law must be follow precisely when conducting a forensics investigation. It is not enough to simple know an attacker is responsible for the crime, the forensics investigation must be carried out in a precise manner that will produce evidence that is amicable in a court room. For computer intrusion forensics many methodologies have been designed to be used when conducting an investigation. A computer forensics investigator also needs certain skills to conduct the investigation. Along with this, the computer forensics investigator must be equipped with an array of software tools. With the birth of the Internet and networks, the computer intrusion has never been as significant as it is now. There are different preventive measures available, such as access control and authentication, to attempt to prevent intruders. Intrusion detection systems (IDS) are developed to detect an intrusion as it occurs, and to execute countermeasures when......

Words: 9608 - Pages: 39