0% found this document useful (0 votes)

102 views35 pages

Digital Forensics: Five Key Branches

Digital forensics has five main branches: network forensics, computer forensics, mobile forensics, database forensics, and forensic data analysis. Each branch analyzes specific types of digital evidence like network traffic, files on computers and mobile devices, and database transaction logs. Key aspects of digital forensics include logging information, preserving evidence, analyzing patterns in the data, creating forensic images of evidence, and "painting the picture" to understand what happened. Large amounts of structured and unstructured data are created every day that require different forensic analysis techniques.

Uploaded by

EDu Jose

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

102 views35 pages

Digital Forensics: Five Key Branches

Uploaded by

EDu Jose

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 35

Digital Forensics: The Branches

Joe Abraham
IT SECURITY PROFESSIONAL

@joeabrah www.joestechinsights.com
Forensic Science

Forensic Science

Other
Forensic Digital Forensics
Subdivisions
Digital Evidence
Overview
The Five Branches
- Network Forensics
- Computer Forensics
- Mobile Forensics
- Database Forensics
- Forensic Data Analysis
Network Forensics
Forensic Science

Forensic Science

Other
Forensic Digital Forensics
Subdivisions

Network
Digital Evidence
Digital evidence includes information on computers,
audio files, video recordings, and digital images.
-Nist.gov
Examples of Digital Evidence in the Network

Captured network Network device logs Email

traffic

Files Web traffic Any other traffic

“transmitted”
What Is Network Forensics Used For?

Analyze attack methods and Discover and understand

their durations attack vectors

SIEM
IDS/IPS

Identity Services
“I think you can have a ridiculously
enormous and complex data set, but if
you have the right tools and
methodology then it’s not a problem.”
Aaron Koblin
Computer Forensics
Forensic Science

Forensic Science

Other
Forensic Digital Forensics
Subdivisions

Network Computer
Examples of Digital Evidence in Computers

Logs, registry, Documents, The operating Hard drive data

application pictures, videos, system or the and RAM data
data, and web and other files entire computer
history
Analyzing attacks
Verifying compliance
Troubleshooting
What Is Computer
Who, what, where,
when, why? Forensics Used For?
Develop remediation
How?
Painting the Picture

Use commercial and open-source

applications
Be thorough and put the facts together
Handle the evidence properly
Prove what happened
- Make it readable
- Make it understandable
- Eliminate doubt
Mobile Forensics
Forensic Science

Forensic Science

Other
Forensic Digital Forensics
Subdivisions

Network Computer Mobile

Examples of Digital Evidence in Mobile Devices

Phonebook and call information

Messaging application data and SMS messages

Location data

Application data
Sample Use Cases for Mobile Forensics

Analyzing attacks via mobile Tracking movement of

devices suspects

Using call and message

Supplementing evidence from
records to prove wrongful
acts other branches
Prevention of data manipulation
Remote wipe
Data/evidence - Only needs power and connectivity

Preservation Helps ensure availability and integrity

Necessary in all branches of digital
forensics
Database Forensics
Forensic Science

Forensic Science

Other
Forensic Digital Forensics
Subdivisions

Network Computer Mobile Database

Examples of Digital Evidence in Databases

Security/access logs Transaction logs

Files System logs

Pattern Analysis

One file or many?

Specific files?
Specific order?
Find the pattern to figure out why
Help paint the picture
Version Control
In computing, the management and maintenance of a
software system running different versions of various
programs.
–Dictionary.com
Forensic Data Analysis
Forensic Science

Forensic Science

Other
Forensic Digital Forensics
Subdivisions

Data
Network Computer Mobile Database Analysis
Structured Data
Structured data is a standardized format for providing
information.
-Google Developers
Unstructured Data
Non-traditional data or data format; data that may not
fit into a structured database.
Pattern Analysis

Structured Data Unstructured Data

Queries, easier to accomplish, Scripts and software, more
can pinpoint key words and difficult to properly analyze,
phrases business intelligence and big
data
Make at least one
forensic image
Investigator works on
this image
Prevents Creating a Forensic Image
compromising of
evidence
Regulatory and legal
considerations
What is digital evidence?
Five branches of digital forensics
Summary
The importance of each branch
Key aspects surrounding digital forensics
- Logging
- Evidence preservation
- Painting the picture
- Data backups
- Forensic imaging
Forensic Science

Forensic Science

Other
Forensic Digital Forensics
Subdivisions

Data
Network Computer Mobile Database Analysis
How Much Data Is Created Every Day?

*April 5, 2017, Ben Walker, vouchercloud

2,500,000,000 GB

Average Number of Connected Devices

*Per U.S. Household, Pew Research Center, 2016

5
“We keep moving forward, opening
new doors, and doing new things,
because we’re curious and curiosity
keeps leading us down new paths.”
Walt Disney

Introduction To SAP CPI 1708473586
No ratings yet
Introduction To SAP CPI 1708473586
16 pages
4th Module
No ratings yet
4th Module
80 pages
SCC800-S1-Site Controller Datasheet
100% (4)
SCC800-S1-Site Controller Datasheet
2 pages
Rotor-Cuda v1.07: Enhanced KeyHunt for Crypto Search
No ratings yet
Rotor-Cuda v1.07: Enhanced KeyHunt for Crypto Search
17 pages
CFLab
No ratings yet
CFLab
6 pages
Digital Forensics
No ratings yet
Digital Forensics
13 pages
Digital Forensics
No ratings yet
Digital Forensics
5 pages
Unit 8 - Digital Forensics
No ratings yet
Unit 8 - Digital Forensics
11 pages
Digital Forensics
No ratings yet
Digital Forensics
9 pages
Module 2 - Digital Forensics Fundamentals
No ratings yet
Module 2 - Digital Forensics Fundamentals
30 pages
Digital Forensics Basics - Esec Forte DFIR Internship 2022 - Arijit Bhowmick (Sys41x4)
No ratings yet
Digital Forensics Basics - Esec Forte DFIR Internship 2022 - Arijit Bhowmick (Sys41x4)
28 pages
Digital Forensics Notes
No ratings yet
Digital Forensics Notes
21 pages
Cyber Forensic
No ratings yet
Cyber Forensic
116 pages
Digital Forensics
No ratings yet
Digital Forensics
6 pages
Skill 4 Cyber Security
No ratings yet
Skill 4 Cyber Security
7 pages
Cyber Security
No ratings yet
Cyber Security
24 pages
Skip To Content
No ratings yet
Skip To Content
12 pages
Digital Forensics Overview
No ratings yet
Digital Forensics Overview
29 pages
Introduction To Digital Forensics
No ratings yet
Introduction To Digital Forensics
17 pages
Unit 4 Cyber Security - Kamna
No ratings yet
Unit 4 Cyber Security - Kamna
55 pages
Unit Iv
No ratings yet
Unit Iv
17 pages
What Is Digital Forensics - History, Process, Types, Challenges
100% (2)
What Is Digital Forensics - History, Process, Types, Challenges
6 pages
Digital Forensic Fundamentals
No ratings yet
Digital Forensic Fundamentals
43 pages
Unit 1 Revised
No ratings yet
Unit 1 Revised
35 pages
CSDF PPT - USB Forensics Finds
No ratings yet
CSDF PPT - USB Forensics Finds
15 pages
CF Unit 3
No ratings yet
CF Unit 3
8 pages
Module 5
No ratings yet
Module 5
14 pages
Unit 5 Cyber Forensics
No ratings yet
Unit 5 Cyber Forensics
23 pages
Chapter 2 Intro To Digital Forensics
No ratings yet
Chapter 2 Intro To Digital Forensics
25 pages
Unit-4 CS
No ratings yet
Unit-4 CS
13 pages
Lecture 1 CSNC4583
No ratings yet
Lecture 1 CSNC4583
46 pages
System Forensic
No ratings yet
System Forensic
18 pages
CF - Notes Self (AutoRecovered)
No ratings yet
CF - Notes Self (AutoRecovered)
6 pages
Lec 1
No ratings yet
Lec 1
31 pages
Certification, Accreditation and Digital Forensic
No ratings yet
Certification, Accreditation and Digital Forensic
14 pages
Cyber Forensic Investigation
No ratings yet
Cyber Forensic Investigation
102 pages
DF Syllabus
No ratings yet
DF Syllabus
3 pages
Class Notes2
No ratings yet
Class Notes2
2 pages
Unit-4 5
No ratings yet
Unit-4 5
16 pages
Shivam Yadav CF File Full
No ratings yet
Shivam Yadav CF File Full
60 pages
Role of Cyber Forensics
No ratings yet
Role of Cyber Forensics
6 pages
Module 5 EHDF
No ratings yet
Module 5 EHDF
92 pages
Unit 5 Cyber Security Hons.
No ratings yet
Unit 5 Cyber Security Hons.
21 pages
Module 5
No ratings yet
Module 5
41 pages
Chapter Four
No ratings yet
Chapter Four
27 pages
UNIT 4 Cyber Security-1
No ratings yet
UNIT 4 Cyber Security-1
23 pages
Computer Forensics: Ghousia Begum
No ratings yet
Computer Forensics: Ghousia Begum
13 pages
Sec B Ccif
No ratings yet
Sec B Ccif
18 pages
Unit 5 Cyber
No ratings yet
Unit 5 Cyber
13 pages
Module 5 - Final
No ratings yet
Module 5 - Final
76 pages
Unit 01
No ratings yet
Unit 01
34 pages
Digital Forensics
No ratings yet
Digital Forensics
11 pages
Digital Forensics Overview
No ratings yet
Digital Forensics Overview
50 pages
Bits and Bytes in Digital Forensics
No ratings yet
Bits and Bytes in Digital Forensics
14 pages
Introduction To Digital Forensicstitle of Your
No ratings yet
Introduction To Digital Forensicstitle of Your
49 pages
DF 1
No ratings yet
DF 1
6 pages
Digital Forensics Overview & Tools
No ratings yet
Digital Forensics Overview & Tools
5 pages
Topic 10
No ratings yet
Topic 10
31 pages
EHDF
No ratings yet
EHDF
21 pages
Digital Forensics: Kausar Sorathiya Malay Punjani
100% (1)
Digital Forensics: Kausar Sorathiya Malay Punjani
34 pages
Sepm Notes (Vtucode)
No ratings yet
Sepm Notes (Vtucode)
178 pages
Overview of Computer Architecture & Organization
0% (1)
Overview of Computer Architecture & Organization
24 pages
Techlog Fundamentals Course Exercises
100% (1)
Techlog Fundamentals Course Exercises
10 pages
Manuj Grover Resume PDF
No ratings yet
Manuj Grover Resume PDF
1 page
Ieee Transactions On Microwave Theory and Techniques
No ratings yet
Ieee Transactions On Microwave Theory and Techniques
2 pages
Smart Mirror Engineering Guide
No ratings yet
Smart Mirror Engineering Guide
126 pages
AWS Mock Test-9
No ratings yet
AWS Mock Test-9
34 pages
Scanner Set User Manual
No ratings yet
Scanner Set User Manual
40 pages
Hoapn CV
No ratings yet
Hoapn CV
3 pages
IoT Introduction
No ratings yet
IoT Introduction
81 pages
Tanu Blackbuscks
No ratings yet
Tanu Blackbuscks
51 pages
Deployment Diagram
No ratings yet
Deployment Diagram
8 pages
Teju Transport Report C++
100% (1)
Teju Transport Report C++
24 pages
Opreating System
No ratings yet
Opreating System
10 pages
1.2 - Guardium Architecture - Presentation
100% (2)
1.2 - Guardium Architecture - Presentation
24 pages
Manual KMG One - EN v2
No ratings yet
Manual KMG One - EN v2
97 pages
Student Management System
No ratings yet
Student Management System
6 pages
How To Repair Function Group
No ratings yet
How To Repair Function Group
2 pages
FON Unit IV - IoT
No ratings yet
FON Unit IV - IoT
29 pages
Dos and Donts of C Program
No ratings yet
Dos and Donts of C Program
6 pages
Beige Gradient Minimalist Modern Digital Marketer Resume
No ratings yet
Beige Gradient Minimalist Modern Digital Marketer Resume
1 page
Practical Object-Oriented Design With UML
100% (2)
Practical Object-Oriented Design With UML
389 pages
Infosys Spring Board Primer Certifications
No ratings yet
Infosys Spring Board Primer Certifications
1 page
What Is The CIA Triad
No ratings yet
What Is The CIA Triad
5 pages
Compute!s Second Book of Commodore 64
No ratings yet
Compute!s Second Book of Commodore 64
300 pages
NSUK LMS PPT CMP 122-2 - The Client - Server Model
No ratings yet
NSUK LMS PPT CMP 122-2 - The Client - Server Model
10 pages
EXNO10-Writes Data To The SD Card
No ratings yet
EXNO10-Writes Data To The SD Card
7 pages

Digital Forensics: Five Key Branches

Uploaded by

Digital Forensics: Five Key Branches

Uploaded by

Digital Forensics: The Branches

Captured network Network device logs Email

Files Web traffic Any other traffic

Analyze attack methods and Discover and understand

Verify regulatory and Troubleshoot network

Logs, registry, Documents, The operating Hard drive data

Use commercial and open-source

Network Computer Mobile

Phonebook and call information

Messaging application data and SMS messages

Analyzing attacks via mobile Tracking movement of

Using call and message

Preservation Helps ensure availability and integrity

Network Computer Mobile Database

Security/access logs Transaction logs

Files System logs

One file or many?

Structured Data Unstructured Data

*April 5, 2017, Ben Walker, vouchercloud

Average Number of Connected Devices

*Per U.S. Household, Pew Research Center, 2016

You might also like