Admissibility of Forensic Cell Phone Evidence
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Part 1 Digital Forensics Module Jaap Van Ginkel Silvio Oertli
Part 1 Digital Forensics Module Jaap van Ginkel Silvio Oertli July 2016 Agenda • Part 1: Introduction – Definitions / Processes • Part 2: Theory in Practice – From planning to presentation • Part 3: Live Forensics – How to acquire a memory image – Investigate the image • Part 4: Advanced Topics – Tools – Where to go from here – And more 2 Disclaimer§ • A one or two-day course on forensics will not make you a forensics expert. – Professionals spend most of their working time performing forensic analysis and thus become an expert. • All we can offer is to shed some light on a quickly developing and broad field and a chance to look at some tools. • We will mostly cover Open Source Forensic Tools. 3 Introduction Forensics in History 4 Forensics – History 2000 BC 1200 BC 5 Introduction Definitions / Processes 6 Forensics – The Field digital forensics Computer Forensics Disk Forensics Mobil Forensics Memory Forensics Datenbase Forensics Live Forensics Network Forensics 7 Forensics - Definition • Digital Forensics [1]: – Digital forensics (sometimes known as digital forensic science) is a branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime. • Computer Forensics [2]: – Computer forensics (sometimes known as computer forensic science) is a branch of digital forensic science pertaining to legal evidence found in computers and digital storage media. The goal of computer forensics is to examine digital media in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing and presenting facts and opinions about the information. 8 Forensics - Definitions • Network Forensics [3]: – Network forensics is a sub-branch of digital forensics relating to the monitoring and analysis of computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection.[1] Unlike other areas of digital forensics, network investigations deal with volatile and dynamic information. -
Guidelines on Mobile Device Forensics
NIST Special Publication 800-101 Revision 1 Guidelines on Mobile Device Forensics Rick Ayers Sam Brothers Wayne Jansen http://dx.doi.org/10.6028/NIST.SP.800-101r1 NIST Special Publication 800-101 Revision 1 Guidelines on Mobile Device Forensics Rick Ayers Software and Systems Division Information Technology Laboratory Sam Brothers U.S. Customs and Border Protection Department of Homeland Security Springfield, VA Wayne Jansen Booz-Allen-Hamilton McLean, VA http://dx.doi.org/10.6028/NIST.SP. 800-101r1 May 2014 U.S. Department of Commerce Penny Pritzker, Secretary National Institute of Standards and Technology Patrick D. Gallagher, Under Secretary of Commerce for Standards and Technology and Director Authority This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Management Act of 2002 (FISMA), 44 U.S.C. § 3541 et seq., Public Law (P.L.) 107-347. NIST is responsible for developing information security standards and guidelines, including minimum requirements for Federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate Federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130, Section 8b(3), Securing Agency Information Systems, as analyzed in Circular A- 130, Appendix IV: Analysis of Key Sections. Supplemental information is provided in Circular A- 130, Appendix III, Security of Federal Automated Information Resources. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on Federal agencies by the Secretary of Commerce under statutory authority. -
Evidence History, the New Trace Evidence, and Rumblings in the Future of Proof Robert P
University of North Carolina School of Law Carolina Law Scholarship Repository Faculty Publications Faculty Scholarship 2006 Evidence History, the New Trace Evidence, and Rumblings in the Future of Proof Robert P. Mosteller University of North Carolina School of Law, [email protected] Follow this and additional works at: http://scholarship.law.unc.edu/faculty_publications Part of the Law Commons Publication: Ohio State Journal of Criminal Law This Article is brought to you for free and open access by the Faculty Scholarship at Carolina Law Scholarship Repository. It has been accepted for inclusion in Faculty Publications by an authorized administrator of Carolina Law Scholarship Repository. For more information, please contact [email protected]. Evidence History, the New Trace Evidence, and Rumblings in the Future of Proof Robert P. Mosteller* I. INTRODUCTION This paper is in two parts. The first part is about developments in the rules of evidence and particularly about developments in the Federal Rules of Evidence, which have had a major impact on evidence rules in many states. This part turns out to be largely about the past because my sense is that the impact of changes in the formal rules of evidence, which were substantial, are largely historic. In one area, however, significant future changes in the formal rules seem possible: those that may be made as a result of the Supreme Court’s decision in Crawford v. Washington,1 which dramatically changed confrontation and may unleash hearsay reformulation. The second part deals with my sense that technological and scientific advances may have a dramatic impact in altering the way cases, particularly criminal cases, are proved and evaluated in the future. -
Guidelines on Mobile Device Forensics
NIST Special Publication 800-101 Revision 1 Guidelines on Mobile Device Forensics Rick Ayers Sam Brothers Wayne Jansen http://dx.doi.org/10.6028/NIST.SP.800-101r1 NIST Special Publication 800-101 Revision 1 Guidelines on Mobile Device Forensics Rick Ayers Software and Systems Division Information Technology Laboratory Sam Brothers U.S. Customs and Border Protection Department of Homeland Security Springfield, VA Wayne Jansen Booz Allen Hamilton McLean, VA http://dx.doi.org/10.6028/NIST.SP. 800-101r1 May 2014 U.S. Department of Commerce Penny Pritzker, Secretary National Institute of Standards and Technology Patrick D. Gallagher, Under Secretary of Commerce for Standards and Technology and Director Authority This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Management Act of 2002 (FISMA), 44 U.S.C. § 3541 et seq., Public Law (P.L.) 107-347. NIST is responsible for developing information security standards and guidelines, including minimum requirements for Federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate Federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130, Section 8b(3), Securing Agency Information Systems, as analyzed in Circular A- 130, Appendix IV: Analysis of Key Sections. Supplemental information is provided in Circular A- 130, Appendix III, Security of Federal Automated Information Resources. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on Federal agencies by the Secretary of Commerce under statutory authority. -
Digital Forensics Based Analysis of Mobile Phones
Journal of Android and IOS Applications and Testing Volume 4 Issue 3 Digital Forensics Based Analysis of Mobile Phones Pooja V Chavan PG Student, Department of Computer Engineering, K. J. Somaiya College of Engineering, Mumbai, Maharashtra, India Email: [email protected] DOI: Abstract Now-a-day’s ratio of mobile phone is increasing day by day. Digital forensics methodology is use to recover and investigate data that found in a digital devices. Mobile phone usage is more that’s why not only judicial events occurred but also mobile forensics and subdivision of digital forensics are emerged. Some hardware and software are used for mobile phone investigations. Keywords: Digital forensics, digital devices, mobile phone INTRODUCTION because electronic device have a variety of Forensic science’s subdivision is a digital different operating system, technology, forensic, is a one type of process. The storage structure, Features. First identify main objective of this process to find the crime after that digital forensic work evidence in digital devices [1]. Digital on four important steps (Figure 1): forensics are used for the analysis of data, such as audio, video, pictures, etc. After • Collection: The collected of evidence the analysis of electronic devices data that like fingerprints, broken fingernails help for legal process. The usage of blood and body fluids. advanced technology is increasing rapidly. • Examination: The examination of Electronic device have a variety of product process is depending on evidence. like tablet, flash memory, memory card, • Analysis: The crime scenes obtain SD card, etc. When forensic analysis is different digital evidence, analysis is performed at that time data should be done on storage evidence this secure. -
Mobile Smart Fundamentals Mma Members Edition June 2014
MOBILE SMART FUNDAMENTALS MMA MEMBERS EDITION JUNE 2014 messaging . advertising . apps . mcommerce www.mmaglobal.com NEW YORK • LONDON • SINGAPORE • SÃO PAULO MOBILE MARKETING ASSOCIATION JUNE 2014 REPORT The Global Board Given our continuous march toward providing marketers the tools they need to successfully leverage mobile, it’s tempting to give you another week-by-week update on our DRUMBEAT. But, as busy as that’s been, I’d like to focus my introduction for this month’s Mobile Smart Fundamentals on the recent announcement we made regarding our Global Board. Our May 6th announcement that we would be welcoming the first CMO in the MMA’s history to take up the position of Global Chairperson was significant for many reasons, not least of which is the incredible insight and leadership that John Costello brings to the role. This was also one of our first steps to truly aligning the MMA to a new marketer-first mission. Subsequently, on June 25th, we were pleased to announce the introduction, re-election and continuation of committed leaders to the MMA’s Global Board (read full press release here). But perhaps most significantly of all, we welcomed a number of new Brand marketers and that list of Brands on the Global Board now includes The Coca-Cola Company, Colgate-Palmolive, Dunkin’ Brands, General Motors, Mondelez International, Procter & Gamble, Unilever, Visa and Walmart. http://www.mmaglobal.com/about/board-of-directors/global To put this into context, the board now comprises 80% CEOs and Top 100 Marketers vs. three years ago where only 19% of the board comprised CEOs and a single marketer, with the majority being mid-level managers. -
Proving the Integrity of Digital Evidence with Time Chet Hosmer, President & CEO Wetstone Technologies, Inc
International Journal of Digital Evidence Spring 2002 Volume 1, Issue 1 Proving the Integrity of Digital Evidence with Time Chet Hosmer, President & CEO WetStone Technologies, Inc. Background During the latter half of the 20th century, a dramatic move from paper to bits occurred. Our use of digital communication methods such as the world-wide-web and e-mail have dramatically increased the amount of information that is routinely stored in only a digital form. On October 1, 2000 the Electronic Signatures in National and Global Commerce Act was enacted, allowing transactions signed electronically to be enforceable in a court of law. (Longley) The dramatic move from paper to bits combined with the ability and necessity to bring digital data to court, however, creates a critical question. How do we prove the integrity of this new form of information known as “digital evidence”? Digital evidence originates from a multitude of sources including seized computer hard-drives and backup media, real-time e-mail messages, chat-room logs, ISP records, web-pages, digital network traffic, local and virtual databases, digital directories, wireless devices, memory cards, and digital cameras. The trust worthiness of this digital data is a critical question that digital forensic examiners must consider. Many vendors provide technology solutions to extract this digital data from these devices and networks. Once the extraction of the digital evidence has been accomplished, protecting the digital integrity becomes of paramount concern for investigators, prosecutors and those accused. The ease with which digital evidence can be altered, destroyed, or manufactured in a convincing way – by even novice computer users – is alarming. -
LNCS 8653, Pp
Is the Public Motivated to Engage in Open Data Innovation? Gustaf Juell-Skielse1, Anders Hjalmarsson2, Paul Johannesson1, and Daniel Rudmark2 1 Department of Computer and Systems Sciences, Stockholm University Stockholm, Sweden {gjs,pajo}@dsv.su.se 2 Viktoria Swedish ICT / University of Borås, Gothenburg, Sweden {anders,daniel}@viktoria.se Abstract. Governments aim to increase democracy by engaging the public in using open data to develop mobile apps and citizen services. They make infor- mation available (open data) and organize innovation contests to stimulate in- novation with the goal to make new services available for the public to use. But will the public take on the challenge to both develop and provide services to each other? In this paper we use a case study from public transportation to in- vestigate the motivation for individuals and teams to participate in innovation contests. The results show that the motivation for participating is primarily re- lated to fun and enjoyment. We argue that in order to better meet the goals of open data innovation, governments need to follow through the full service in- novation cycle and also care for making citizen coproduction in the execution and monitoring phases fun and enjoyable. Currently there is little chance for participants to make profit on a competitive market so governments need to provide other mechanisms to ensure service provisioning. For future research it is suggested to investigate how the later stages of open data innovation can be supported in order to meet the overall goals of open data innovation. Keywords: Open data, citizen coproduction, innovation contest, motivation, e-service, mobile application. -
Hacking Exposed Computer Forensics, Second Edition, Delivers the Most Valuable Insight on the Market
HACKING EXPOSED™ COMPUTER FORENSICS SECOND EDITION REVIEWS “This book provides the right mix of practical how-to knowledge in a straightforward, informative fashion that ties all the complex pieces together with real-world case studies. With so many books on the topic of computer forensics, Hacking Exposed Computer Forensics, Second Edition, delivers the most valuable insight on the market. The authors cut to the chase of what people must understand to effectively perform computer forensic investigations.” —Brian H. Karney, COO, AccessData Corporation “Hacking Exposed Computer Forensics is a ‘must-read’ for information security professionals who want to develop their knowledge of computer forensics.” —Jason Fruge, Director of Consulting Services, Fishnet Security 00-FM.indd i 8/23/2009 3:54:42 AM “Computer forensics has become increasingly important to modern incident responders attempting to defend our digital castles. Hacking Exposed Computer Forensics, Second Edition, picks up where the first edition left off and provides a valuable reference, useful to both beginning and seasoned forensic professionals. I picked up several new tricks from this book, which I am already putting to use.” —Monty McDougal, Raytheon Information Security Solutions, and author of the Windows Forensic Toolchest (WFT) (www.foolmoon.net) “Hacking Exposed Computer Forensics, Second Edition, is an essential reference for both new and seasoned investigators. The second edition continues to provide valuable information in a format that is easy to understand and reference.” —Sean Conover, CISSP, CCE, EnCE “This book is an outstanding point of reference for computer forensics and certainly a must-have addition to your forensic arsenal.” —Brandon Foley, Manager of Enterprise IT Security, Harrah’s Operating Co. -
About the AAFS
American Academy of Forensic Sciences 410 North 21st Street Colorado Springs, Colorado 80904 Phone: (719) 636-1100 Email: [email protected] Website: www.aafs.org @ AAFS Publication 20-2 Copyright © 2020 American Academy of Forensic Sciences Printed in the United States of America Publication Printers, Inc., Denver, CO Typography by Kathy Howard Cover Art by My Creative Condition, Colorado Springs, CO WELCOME LETTER Dear Attendees, It is my high honor and distinct privilege to welcome you to the 72nd AAFS Annual Scientific Meeting in Anaheim, California. I would like to thank the AAFS staff, the many volunteers, and everyone else who have worked together to create an excellent program for this meeting with the theme Crossing Borders. You will have many opportunities to meet your colleagues and discuss new challenges in the field. There are many workshops and special sessions that will be presented. The Interdisciplinary and Plenary Sessions will provide different views in forensic science—past, present, and future. The Young Forensic Scientists Forum will celebrate its 25th Anniversary and is conducting a workshop related to the meeting theme. More than 1,000 presentations are scheduled that will provide you with more insight into the developments in forensic science. The exhibit hall, always interesting to explore, is where you will see the latest forensic science equipment, technology, and literature. The theme Crossing Borders was chosen by me and my colleagues at the Netherlands Forensic Institute (NFI). We see many definitions of crossing borders in forensic science today. For the 2020 meeting, six words starting with the letters “IN” are included in the theme. -
Purpose of Computer and Network Forensics
Purpose of Computer and Network Forensics Table of Contents Purpose of Computer and Network Forensics ................................................................................ 2 What Is Digital Forensics? ............................................................................................................... 3 Need for Digital Forensics -1 ........................................................................................................... 4 Need for Digital Forensics -2 ........................................................................................................... 6 Purpose of Digital Forensics ............................................................................................................ 8 Notices .......................................................................................................................................... 12 Page 1 of 12 Purpose of Computer and Network Forensics Purpose of Computer and Network Forensics 4 **004 Okay. So we'll start out with the purpose of computer and network forensics. Page 2 of 12 What Is Digital Forensics? What Is Digital Forensics? As defined in NIST Guide to Integrating Forensic Techniques into Incident Response: “Application of science to the identification, collection, examination, and analysis of data while preserving the integrity of the information and maintaining a strict chain of custody for the data” Also known as or called computer forensics and network forensics, and includes mobile device forensics All better called one term: Digital -
Job Title – Department Senior Consultant Forensics and Technology
Job title here Job title – Department Senior Consultant Forensics and Technology Control Risks is a specialist risk consultancy that helps to create secure, compliant and resilient organisations in an age of ever-changing risk. Working across disciplines, technologies and geographies, everything we do is based on our belief that taking risks is essential to our clients’ success. We provide our clients with the insight to focus resources and ensure they are prepared to resolve the issues and crises that occur in any ambitious global organisation. We go beyond problem-solving and give our clients the insight and intelligence they need to realise opportunities and grow. From the boardroom to the remotest location, we have developed an unparalleled ability to bring order to chaos and reassurance to anxiety. Our people Working with our clients our people are given direct responsibility, career development and the opportunity to work collaboratively on fascinating projects in a rewarding and inclusive global environment. Location Shanghai Engagement Full-time Department Regional Technology (F&T) Manager Principal, Regional Technology To drive & manage the continued development of our digital forensic technology Job purpose capabilities in China Tasks Project Work and responsibilities Lead in the development and management of the team’s forensic technologies service offerings and capabilities. Play a supporting role in the management of complex fraud and corruption investigations, particularly those involving the use of forensic technologies. Consult and understand the requirements of clients in relation to computer forensics. Perform computer forensics activities including digital evidence preservation, analysis, data recovery, tape recovery, electronic mail extraction, and database examination.