Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
SlideShare a Scribd company logo

Module 7.pdf

Sitamarhi Institute of Technology
Sitamarhi Institute of Technology

The document discusses cybersecurity laws, regulations, and forensics. It provides an overview of cyber laws, which govern internet usage and cybercrimes. Cyber forensics is the process of collecting and analyzing digital evidence for cybercrime investigations. The document also discusses India's National Cyber Security Policy 2013, which aims to create a secure cyber environment in India through public-private partnerships and developing cybersecurity skills. Cybersecurity standards and the roles of governments and the private sector in ensuring cybersecurity are also summarized.

Engineering
1 of 12
Download to read offline
Cyber Security [105713] – Notes Module 7 Cyber Laws and Forensics: Introduction, Cyber Security Regulations, Roles of International Law, the state and Private Sector in Cyber space, Cyber Security Standards. The INDIAN Cyberspace, National Cyber Security Policy 2013. Introduction to Cyber Forensics, Need of Cyber Forensics, Cyber Evidence, Documentation and Management of Crime Sense, Image Capturing and its importance, Partial Volume Image, Web Attack Investigations, Denial of Service Investigations, Internet Crime Investigations, Internet Forensics, Steps for Investigating Internet Crime, Email Crime Investigations. Open Source/ Free/ Trial Tools: Case Studies related to Cyber Law, Common Forensic Tools like dd, md5sum, sha1sum, Ram dump analysis, USB device. Cyber Laws and Forensics Cyber laws and forensics are two important areas in the field of cybersecurity that are critical for protecting individuals, organizations, and nations against cyber threats. Cyber laws refer to a set of legal guidelines and regulations designed to protect against cybercrimes, and to govern the use of the internet and other digital technologies. These laws cover a wide range of issues, including data protection, privacy, intellectual property rights, cyberbullying, online harassment, and cyber terrorism. Cyber laws are enforced by law enforcement agencies, and those who violate these laws can face severe penalties and fines. Cyber forensics, on the other hand, is the process of collecting, analyzing, and preserving digital evidence in order to investigate and prevent cybercrimes. Cyber forensics experts use a variety of techniques to identify and track down cybercriminals, including computer and network analysis, data recovery, and reverse engineering. They also work closely with law enforcement agencies to gather evidence that can be used in legal proceedings. Together, cyber laws and forensics play a critical role in protecting against cyber threats and ensuring the safety and security of digital systems and networks. They help to deter cybercriminals, prosecute those who engage in cybercrimes, and provide a framework for regulating the use of the internet and other digital technologies. In addition, they help to build trust in the digital economy, enabling individuals and organizations to conduct business online with confidence. Introduction, Cyber Security Regulations- Cybersecurity regulations are a set of rules, guidelines, and standards that are designed to protect information systems, networks, and digital assets from cyber threats. Cybersecurity regulations are typically established by governments, industry associations, and other regulatory bodies to ensure that organizations are taking appropriate measures to protect their digital assets from cyber attacks. The importance of cybersecurity regulations has increased in recent years due to the growing number and complexity of cyber threats. Cyber attacks can result in the theft of sensitive data, financial losses, reputational damage, and even physical harm in some cases. As a result, many countries have implemented cybersecurity regulations to protect their citizens and businesses from these threats. Cybersecurity regulations typically cover a range of areas, including data protection, incident response, network security, access controls, and risk management. These regulations may require organizations to implement specific security controls, such as firewalls, encryption, and multi-factor authentication, and to follow established security frameworks, such as the NIST Cybersecurity Framework or ISO 27001.
Organizations that are subject to cybersecurity regulations may face significant penalties and fines if they fail to comply with these regulations. In addition, organizations that suffer a data breach or other cyber incident may be required to report the incident to regulatory authorities and to take specific steps to remediate the incident. Overall, cybersecurity regulations play a critical role in protecting digital systems and networks from cyber threats and ensuring the safety and security of individuals and organizations in the digital age. Roles of International Law- International law is a body of legal rules and principles that govern the conduct of states and other international actors in their relations with one another. international law plays an important role in regulating and addressing issues related to cybersecurity and cybercrime at the international level. The roles of international law in cybersecurity include: Establishing norms: International law helps to establish norms and standards of behavior for states and other international actors in cyberspace. For example, the Tallinn Manual, a set of guidelines developed by experts in international law, provides guidance on the application of international law to cyber operations. Addressing cybercrime: International law plays a critical role in addressing cybercrime by providing a legal framework for cooperation and collaboration among countries. This includes the Budapest Convention on Cybercrime, which provides a framework for international cooperation on cybercrime investigations and prosecutions. Regulating state behavior: International law helps to regulate state behavior in cyberspace, including state-sponsored cyber activities and cyber espionage. This includes the United Nations Charter, which prohibits the use of force in international relations, and the International Court of Justice, which provides a forum for resolving disputes between states. Protecting human rights: International law also plays a role in protecting human rights in cyberspace. This includes the International Covenant on Civil and Political Rights, which protects the right to freedom of expression, and the Universal Declaration of Human Rights, which protects the right to privacy. Ensuring accountability: International law helps to ensure accountability for cyber attacks and other cyber activities. This includes the establishment of international criminal tribunals, such as the International Criminal Court, which can prosecute individuals responsible for cyber crimes. The state and Private sector in Cyberspace, Cyber Security Standards - The state and private sector play critical roles in cybersecurity and are both responsible for ensuring the safety and security of digital systems and networks. The state's role in cybersecurity involves developing and enforcing laws and regulations related to cybersecurity. Governments establish cybersecurity standards and guidelines that organizations must follow to protect their systems and networks. They also invest in cybersecurity research and development to improve the overall security posture of the country. Governments may also provide support for organizations to help them enhance their cybersecurity capabilities. The private sector's role in cybersecurity involves implementing cybersecurity measures to protect their
systems and networks. Private sector organizations may implement cybersecurity standards and guidelines, such as ISO 27001 or NIST Cybersecurity Framework, to ensure they are following best practices for cybersecurity. They may also hire cybersecurity experts to assess their security posture and recommend improvements. Private sector organizations also play a critical role in sharing threat intelligence with other organizations to help prevent cyber attacks. Cybersecurity standards are important in establishing best practices for cybersecurity across different industries and organizations. They help to ensure a consistent level of cybersecurity across different organizations and can be used as a benchmark for measuring an organization's cybersecurity posture. Cybersecurity standards may be established by governments or industry associations, and they typically provide guidelines for implementing specific security controls and best practices. There are many cybersecurity standards that organizations may choose to follow, such as ISO 27001, NIST Cybersecurity Framework, or the Payment Card Industry Data Security Standard (PCI DSS). These standards provide guidance on various aspects of cybersecurity, including risk management, access controls, data protection, incident response, and security awareness training. In summary, the state and private sector play critical roles in cybersecurity, and both have a responsibility to ensure the safety and security of digital systems and networks. Cybersecurity standards are important in establishing best practices for cybersecurity and ensuring a consistent level of cybersecurity across different organizations and industries. The INDIAN Cyberspace, National Cyber Security Policy 2013 The National Cyber Security Policy 2013 was introduced by the Indian government to address the growing threat of cyber attacks and ensure the security of India's cyberspace. The National Cyber Security Policy 2013 aims to create a secure and resilient cyberspace for citizens, businesses, and the government. The policy is based on the following pillars: Creating a secure cyberspace: The policy aims to create a secure cyberspace by establishing a secure IT infrastructure, creating an ecosystem for cyber security R&D, promoting the use of indigenous technologies, and strengthening the regulatory framework. Creating a mechanism for incident response: The policy aims to create a mechanism for incident response by establishing a National Critical Information Infrastructure Protection Centre (NCIIPC) to monitor and respond to cyber attacks on critical infrastructure. Creating a workforce for cybersecurity: The policy aims to create a skilled workforce for cybersecurity by establishing a National Cyber Security Co-ordination Centre (NCSC) to coordinate with stakeholders and promote the development of cybersecurity skills. Creating public-private partnerships: The policy aims to create public-private partnerships to promote information sharing, create awareness among stakeholders, and build capacity for cybersecurity. The National Cyber Security Policy 2013 also outlines several initiatives to achieve these objectives, including the establishment of a National Cyber Security Centre, the creation of a National Cyber Security Coordinator position, the development of a cyber security research and development framework, and the promotion of cybersecurity education and awareness. Overall, the National Cyber Security Policy 2013 is an important step towards strengthening cybersecurity in India. It provides a framework for establishing a secure and resilient cyberspace, creating a mechanism for incident response, building a skilled workforce for cybersecurity, and promoting public-private
partnerships.
Introduction to Cyber Forensics, Need of Cyber Forensic Cyber forensics, also known as digital forensics, is a branch of forensic science that involves the recovery, analysis, and preservation of digital evidence. Cyber forensics is used to investigate cybercrime, data breaches, and other digital incidents that may have legal implications. The need for cyber forensics arises from the increasing use of technology in our daily lives, including business and government operations. With the growing reliance on digital data, cybercrime has become a significant threat to individuals, organizations, and governments. Cyber forensics helps in investigating and prosecuting cybercrime by identifying and preserving digital evidence. Cyber forensic investigations involve the use of specialized tools and techniques to collect and analyze digital evidence, such as computer systems, mobile devices, and network logs. The digital evidence can include emails, documents, chat logs, images, and other types of data stored on electronic devices or transmitted over networks. The primary goal of cyber forensics is to establish a clear chain of custody and maintain the integrity of the digital evidence. This involves documenting the entire investigation process, from the collection of evidence to the analysis and presentation of findings. Cyber forensics is essential in today's digital world because it helps in identifying and prosecuting cyber criminals, protecting intellectual property, and ensuring compliance with regulations and legal requirements. It also helps in preventing future cyber incidents by identifying vulnerabilities and improving security measures Cyber Evidence Cyber evidence is any digital information that is collected and used in the investigation and prosecution of cybercrime. It includes any data that can be found on electronic devices or transmitted over networks, such as emails, chat logs, social media posts, documents, images, videos, and other types of digital files. Cyber evidence can be collected from a variety of sources, including computers, smartphones, tablets, servers, and other network-connected devices. The evidence can be found in various forms, including volatile memory, hard drives, flash drives, cloud storage, and network logs. The collection and analysis of cyber evidence require specialized techniques and tools to ensure that the integrity of the evidence is maintained throughout the investigation. The process involves identifying potential sources of evidence, imaging or copying the data, and analyzing the data to identify any relevant information. In addition to identifying potential sources of evidence, it is also essential to document the entire process to maintain the chain of custody and ensure the admissibility of the evidence in court. This includes documenting the collection and analysis of the evidence, as well as any conclusions or findings that are made based on the evidence. The use of cyber evidence is becoming increasingly important in the investigation and prosecution of cybercrime. Cyber evidence can provide crucial information about the identity of the perpetrator, the methods used to commit the crime, and any other relevant details that can help in the investigation and prosecution. However, the collection and analysis of cyber evidence can be challenging due to the complexity of digital systems and the constantly evolving nature of technology. As a result, cyber forensic experts play a critical
role in the identification and collection of cyber evidence, as well as the analysis and interpretation of the data. Documentation and Management of Crime Sense Crime scene documentation and management are critical components of any criminal investigation, including cybercrime. Proper documentation and management of a crime scene help to ensure the integrity of the evidence and increase the chances of identifying and prosecuting the perpetrator. In the context of cybercrime, the crime scene may be a computer system, network, or other digital device. The following are some of the key steps involved in the documentation and management of cybercrime scenes: Securing the scene: The firststep is to secure the crime scene to prevent any further damage or tampering with the evidence. This involves ensuring that the system or device is isolated from the network and other devices to prevent any further data loss or modification. Documenting the scene: The next step is to document the crime scene by taking photographs or videos of the device or system, recording the configuration of the system, and taking note of any hardware or software that may be relevant to the investigation. Collecting evidence: Once the crime scene has been documented, the next step is to collect evidence. This involves identifying and copying any relevant data, such as log files, chat logs, or other digital files that may be stored on the system. Preservation of evidence: Once the evidence has been collected, it must be preserved to ensure its integrity. This involves storing the evidence in a secure location and ensuring that it is not tampered with or modified in any way. Analysis of evidence: The final step is to analyze the evidence to identify any relevant information that can be used in the investigation and prosecution of the perpetrator. This involves using specialized tools and techniques to examine the data and identify any patterns or anomalies. Proper documentation and management of cybercrime scenes are essential in ensuring the integrity of the evidence and increasing the chances of identifying and prosecuting the perpetrator. It is crucial that investigators have the knowledge and skills to effectively document and manage cybercrime scenes to ensure that justice is served. Image Capturing and its importance: Image capturing is a critical process in crime scene documentation, including cybercrime scenes. It involves the use of specialized equipment to take photographs or videos of the crime scene, including any digital devices or systems that may be relevant to the investigation. The importance of image capturing in crime scene documentation cannot be overstated. The following are some of the reasons why image capturing is essential: Preservation of evidence: Images and videos captured at the crime scene help to preserve the evidence and ensure that it is not lost or modified in any way. They provide a record of the crime scene that can be used in the investigation and prosecution of the perpetrator. Reconstruction of the crime scene: Images and videos can be used to reconstruct the crime scene and identify any potential areas of interest or points of entry/exit. This can help investigators to piece together
the sequence of events leading up to the crime. Identification of suspects: Images and videos captured at the crime scene may also help to identify suspects or witnesses who may have been present at the time of the crime. They can be used to match individuals to descriptions provided by witnesses or to identify individuals who may have left behind digital footprints at the scene. Admissibility in court: Images and videos captured at the crime scene can be used as evidence in court to support the prosecution's case. However, it is essential to ensure that the images and videos are captured and handled in a manner that preserves their integrity and admissibility in court. Partial Volume image Partial volume imaging refers to a technique used in medical imaging to improve the quality and accuracy of images. It is particularly useful in situations where the boundaries between different types of tissues are not well-defined. In medical imaging, a pixel or voxel (3D pixel) is the smallest element of an image. In the case of partial volume imaging, a voxel contains a mixture of different tissues. This can happen when the voxel is located near the boundary between two different types of tissues, and it is not possible to accurately determine which tissue is present in the voxel. Partial volume imaging works by estimating the proportion of each tissue within the voxel. This is done using various mathematical algorithms that take into account the surrounding pixels or voxels. The estimated tissue proportions are then used to create a more accurate image, with improved contrast and resolution. Partial volume imaging is used in a variety of medical imaging modalities, including computed tomography (CT), magnetic resonance imaging (MRI), and ultrasound. It is particularly useful in the imaging of organs such as the brain, where the boundaries between different types of tissues can be difficult to distinguish. Web attack Investigations- Web attacks are a common type of cyber attack that target websites and web applications. When a web attack occurs, it is essential to investigate the attack to determine the cause, extent, and impact of the attack. The following are the steps involved in conducting a web attack investigation: Identify the attack: The first step is to identify that an attack has occurred. This can be done through various methods, such as monitoring network traffic, reviewing server logs, or receiving alerts from intrusion detection systems. Secure the affected systems: Once an attack has been identified, it is important to secure the affected systems to prevent further damage. This may involve disconnecting the systems from the network, shutting down affected services, or taking other measures to prevent the attacker from gaining further access. Collect and preserve evidence: Evidence collection is a critical step in any investigation. It involves collecting and preserving any data that may be relevant to the investigation, such as log files, network traffic data, and system snapshots. The evidence must be collected and preserved in a manner that maintains its integrity and admissibility in court. Analyze the evidence: The collected evidence must be analyzed to determine the cause and extent of the
attack. This may involve reviewing log files and network traffic data to identify the attacker's methods and tools, examining system snapshots to identify any changes made to the system, and analyzing any malware or other malicious code found on the system. Remediate the damage: Once the cause and extent of the attack have been identified, steps must be taken to remediate the damage caused by the attack. This may involve restoring affected systems from backups,patching vulnerabilities, or implementing additional security measures to prevent similar attacks from occurring in the future. Report the incident: Finally, the results of the investigation must be documented and reported. This may involve providing a detailed report of the incident to management, law enforcement, or regulatory authorities, depending on the nature and severity of the attack. Denial of Service Investigations- Denial of Service (DoS) attacks are a type of cyber attack that involves overwhelming a target system with traffic or requests, rendering it inaccessible to legitimate users. When a DoS attack occurs, it is essential to investigate the attack to determine the cause, extent, and impact of the attack. The following are the steps involved in conducting a DoS attack investigation: Identify the attack: The first step is to identify that a DoS attack has occurred. This can be done through various methods, such as monitoring network traffic, reviewing server logs, or receiving alerts from intrusion detection systems. Secure the affected systems: Once a DoS attack has been identified, it is important to secure the affected systems to prevent further damage. This may involve disconnecting the systems from the network, blocking the source of the attack, or taking other measures to prevent the attacker from continuing the attack. Collect and preserve evidence: Evidence collection is a critical step in any investigation. It involves collecting and preserving any data that may be relevant to the investigation, such as log files, network traffic data, and system snapshots. The evidence must be collected and preserved in a manner that maintains its integrity and admissibility in court. Analyze the evidence: The collected evidence must be analyzed to determine the cause and extent of the attack. This may involve reviewing log files and network traffic data to identify the attacker's methods and tools, examining system snapshots to identify any changes made to the system, and analyzing any malware or other malicious code found on the system. Remediate the damage: Once the cause and extent of the attack have been identified, steps must be taken to remediate the damage caused by the attack. This may involve restoring affected systems from backups, patching vulnerabilities, or implementing additional security measures to prevent similar attacks from occurring in the future. Report the incident: Finally, the results of the investigation must be documented and reported. This may involve providing a detailed report of the incident to management, law enforcement, or regulatory authorities, depending on the nature and severity of the attack. Internet Crime Investigations- Internet crime investigations involve identifying and prosecuting individuals or groups that commit criminal activities on the internet. Such activities may include fraud,identity theft, hacking, cyberstalking, and child exploitation. The following are the steps involved in conducting an internet crime investigation:
Identify the crime: The first step is to identify the specific crime that has been committed. This may involve reviewing complaints from victims, analyzing network traffic, or conducting interviews with witnesses. Collect evidence: Evidence collection is a critical step in any investigation. It involves collecting and preserving any data that may be relevant to the investigation, such as log files, emails, chat logs, and social media posts. The evidence must be collected and preserved in a manner that maintains its integrity and admissibility in court. Analyze the evidence: The collected evidence must be analyzed to determine the cause and extent of the crime. This may involve reviewing network traffic to identify the source of an attack, analyzing financial records to trace the flow of money, or examining seized devices for incriminating data. Identify suspects: Once the evidence has been analyzed, the next step is to identify potential suspects. This may involve tracking down the IP addresses of attackers, conducting background checks on individuals, or interviewing potential witnesses. Arrest and prosecution: If sufficient evidence exists, law enforcement authorities may make arrests and prosecute the suspects. This may involve filing criminal charges, seeking search warrants, or executing subpoenas for additional evidence. Report the incident: Finally, the results of the investigation must be documented and reported. This may involve providing a detailed report of the incident to management, law enforcement, or regulatory authorities, depending on the nature and severity of the crime. Internet Forensics Internet forensics involves the investigation and analysis of digital evidence related to internet-based crimes or incidents. This may include crimes such as hacking, online fraud, cyberstalking, child exploitation, and online harassment. The following are the steps involved in conducting an internet forensics investigation: Identify the incident: The first step is to identify the incident that requires investigation. This may involve reviewing reports from victims, analyzing network traffic, or conducting interviews with witnesses. Collect evidence: Evidence collection is a critical step in any investigation. It involves collecting and preserving any data that may be relevant to the investigation, such as log files, emails, chat logs, and social media posts. The evidence must be collected and preserved in a manner that maintains its integrity and admissibility in court. Analyze the evidence: The collected evidence must be analyzed to determine the cause and extent of the incident. This may involve reviewing network traffic to identify the source of an attack, analyzing financial records to trace the flow of money, or examining seized devices for incriminating data. Identify suspects: Once the evidence has been analyzed, the next step is to identify potential suspects. This may involve tracking down the IP addresses of attackers, conducting background checks on individuals, or interviewing potential witnesses. Remediate the damage: Once the cause and extent of the incident have been identified, steps must be taken to remediate the damage caused by the incident. This may involve restoring affected systems from backups, patching vulnerabilities, or implementing additional security measures to prevent similar incidents from occurring in the future.
Report the incident: Finally, the results of the investigation must be documented and reported. This may involve providing a detailed report of the incident to management, law enforcement, or regulatory authorities, depending on the nature and severity of the incident. Steps for Investigating Internet Crime Investigating internet crimes involves several steps, including: Identification of the crime: The first step is to identify the type of internet crime that has occurred. This may involve gathering information from the victim, reviewing reports of similar crimes, and analyzing network traffic to identify potential attacks. Evidence collection: Once the type of crime has been identified, the next step is to collect evidence related to the incident. This may involve collecting network logs, emails, chat logs, social media posts, or other digital evidence that may be relevant to the investigation. Analysis of evidence: The collected evidence must be analyzed to determine the cause and extent of the crime. This may involve reviewing network traffic to identify the source of an attack, analyzing financial records to trace the flow of money, or examining seized devices for incriminating data. Identification of suspects: Once the evidence has been analyzed, the next step is to identify potential suspects. This may involve tracking down the IP addresses of attackers, conducting background checks on individuals, or interviewing potential witnesses. Arrest and prosecution: If sufficient evidence exists, law enforcement authorities may make arrests and prosecute the suspects. This may involve filing criminal charges, seeking search warrants, or executing subpoenas for additional evidence. Remediation of damage: Once the investigation is complete, any damage caused by the crime must be remediated. This may involve restoring affected systems from backups, patching vulnerabilities, or implementing additional security measures to prevent similar incidents from occurring in the future. Reporting: Finally, the results of the investigation must be documented and reported. This may involve providing a detailed report of the incident to management, law enforcement, or regulatory authorities, depending on the nature and severity of the crime. Email Crime Investigations Email crime investigations involve the investigation and analysis of digital evidence related to email- based crimes or incidents. This may include crimes such as email fraud, email harassment, email phishing, and email spamming. The following are the steps involved in conducting an email crime investigation: Identify the incident: The first step is to identify the incident that requires investigation. This may involve reviewing reports from victims, analyzing email headers, or conducting interviews with witnesses. Collect evidence: Evidence collection is a critical step in any investigation. It involves collecting and preserving any data that may be relevant to the investigation, such as email messages, email attachments, email server logs, and email addresses. The evidence must be collected and preserved in a manner that maintains its integrity and admissibility in court. Analyze the evidence: The collected evidence must be analyzed to determine the cause and extent of the incident. This may involve analyzing email headers to identify the source of an email, reviewing email content for incriminating information, or examining email attachments for malicious content.
Identify suspects: Once the evidence has been analyzed, the next step is to identify potential suspects. This may involve tracking down the email addresses of attackers, conducting background checks on individuals, or interviewing potential witnesses. Remediate the damage: Once the cause and extent of the incident have been identified, steps must be taken to remediate the damage caused by the incident. This may involve blocking email addresses or domains, implementing additional email security measures, or alerting affected individuals to the incident. Report the incident: Finally, the results of the investigation must be documented and reported. This may involve providing a detailed report of the incident to management, law enforcement, or regulatory authorities, depending on the nature and severity of the incident. Open Source/Free/Trial Tools: Case studies related to Cyber Law, Here are some case studies related to cyber law: Yahoo Data Breach Case: In 2013 and 2014, Yahoo suffered two major data breaches that affected all 3 billion user accounts. The hackers stole sensitive personal information such as names, email addresses, dates of birth, and hashed passwords. In 2017, the US government charged four individuals, including two Russian FSB officers, with the cyber attacks. The case highlighted the need for companies to take strong measures to protect user data and to promptly disclose data breaches. Ashley Madison Data Breach Case: In 2015, the Ashley Madison website, which facilitated extramarital affairs, suffered a data breach in which hackers stole personal information of over 30 million users, including their names, email addresses, and credit card information. The case highlighted the legal and ethical issues related to the use of personal information for online dating and related services. Facebook-Cambridge Analytica Case: In 2018, it was revealed that the political consulting firm Cambridge Analytica had obtained the personal data of millions of Facebook users without their consent. The data was allegedly used to influence the 2016 US presidential election. The case led to public scrutiny of Facebook's data privacy policies and highlighted the need for strong regulations to protect user data. eBay Cyberstalking Case: In 2019, six former eBay employees were charged with cyberstalking a couple who ran a popular online newsletter critical of eBay. The employees allegedly harassed the couple with threatening messages and sent them a package of live cockroaches, a funeral wreath, and a bloody pig mask. The case highlighted the importance of protecting online free speech and the potential for cyberstalking to be used as a tool of harassment and intimidation. Pegasus Spyware Case: In 2021, an international investigation revealed that the Pegasus spyware, developed by Israeli firm NSO Group, had been used to hack the phones of journalists, human rights activists, and government officials around the world. The case highlighted the need for stronger regulations on the use of surveillance technologies and the potential for these technologies to be misused to violate human rights. Common Forensic Tools like dd- dd (data duplicator) is a commonly used forensic tool for making bit-by-bit copies or clones of disks or disk partitions. It is often used in digital forensics to create forensic images of storage media, which can then be analyzed for evidence of a crime.
Other commonly used forensic tools include: EnCase: A comprehensive digital forensic tool that allows examiners to acquire and analyze data from a wide range of devices, including hard drives, smartphones, and cloud storage services. FTK (Forensic Toolkit): A powerful digital forensic tool that allows examiners to search, analyze, and recover data from a variety of devices and file systems. Sleuth Kit: An open-source digital forensic tool that provides a set of command-line tools for analyzing disk images and file systems. Autopsy: A graphical user interface (GUI) for Sleuth Kit that provides a more user-friendly way to analyze disk images and file systems. Volatility: A memory forensics tool that allows examiners to analyze the contents of a computer's memory for evidence of a crime. Wireshark: A network forensics tool that captures and analyzes network traffic to identify suspicious or malicious activity. Md5sum /sha1sum /Ram dump analysis /USB Device MD5sum and SHA1sum are cryptographic hash functions that are commonly used in digital forensics for data integrity verification. These functions produce a unique fixed-length hash value or "checksum" for a given file or block of data, which can be compared to a known checksum to verify that the data has not been tampered with or corrupted. RAM dump analysis is a forensic technique that involves extracting the contents of a computer's random access memory (RAM) and analyzing it for evidence of a crime. This can include identifying running processes, open files, network connections, and other information that may be relevant to an investigation. USB device forensics involves analyzing the contents of a USB device, such as a thumb drive, for evidence of a crime. This may include recovering deleted files, identifying recently accessed files, and analyzing the file system and metadata of the device.

Recommended

National cyber security policy final
National cyber security policy finalNational cyber security policy final
National cyber security policy final
Indian Air Force
 
What Financial Institution Cyber Regs Tell the Infrastructure Sector
What Financial Institution Cyber Regs Tell the Infrastructure SectorWhat Financial Institution Cyber Regs Tell the Infrastructure Sector
What Financial Institution Cyber Regs Tell the Infrastructure Sector
CBIZ, Inc.
 
Cyber Crime with basics and knowledge to cyber sphere
Cyber Crime with basics and knowledge to cyber sphereCyber Crime with basics and knowledge to cyber sphere
Cyber Crime with basics and knowledge to cyber sphere
RISHIKCHAUDHARY2
 
CYBER PRESENTATION FOR ANY WORK NEEDEDTT
CYBER PRESENTATION FOR ANY WORK NEEDEDTTCYBER PRESENTATION FOR ANY WORK NEEDEDTT
CYBER PRESENTATION FOR ANY WORK NEEDEDTT
KhushiAgarwal819938
 
Global Perspective Cyberlaw, Regulations and Compliance
Global Perspective Cyberlaw, Regulations and ComplianceGlobal Perspective Cyberlaw, Regulations and Compliance
Global Perspective Cyberlaw, Regulations and Compliance
ijtsrd
 
HISTORICAL GENESIS AND EVOLUTION OF CYBER CRIME AND CYBER SECURITY LAWS IN INDIA
HISTORICAL GENESIS AND EVOLUTION OF CYBER CRIME AND CYBER SECURITY LAWS IN INDIAHISTORICAL GENESIS AND EVOLUTION OF CYBER CRIME AND CYBER SECURITY LAWS IN INDIA
HISTORICAL GENESIS AND EVOLUTION OF CYBER CRIME AND CYBER SECURITY LAWS IN INDIA
IRJET Journal
 
Legal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptxLegal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptx
soulscout02
 
Cybersecurity Issues and Challenges
Cybersecurity Issues and ChallengesCybersecurity Issues and Challenges
Cybersecurity Issues and Challenges
Tam Nguyen
 

Recommended

National cyber security policy final
National cyber security policy finalNational cyber security policy final
National cyber security policy final
Indian Air Force
 
What Financial Institution Cyber Regs Tell the Infrastructure Sector
What Financial Institution Cyber Regs Tell the Infrastructure SectorWhat Financial Institution Cyber Regs Tell the Infrastructure Sector
What Financial Institution Cyber Regs Tell the Infrastructure Sector
CBIZ, Inc.
 
Cyber Crime with basics and knowledge to cyber sphere
Cyber Crime with basics and knowledge to cyber sphereCyber Crime with basics and knowledge to cyber sphere
Cyber Crime with basics and knowledge to cyber sphere
RISHIKCHAUDHARY2
 
CYBER PRESENTATION FOR ANY WORK NEEDEDTT
CYBER PRESENTATION FOR ANY WORK NEEDEDTTCYBER PRESENTATION FOR ANY WORK NEEDEDTT
CYBER PRESENTATION FOR ANY WORK NEEDEDTT
KhushiAgarwal819938
 
Global Perspective Cyberlaw, Regulations and Compliance
Global Perspective Cyberlaw, Regulations and ComplianceGlobal Perspective Cyberlaw, Regulations and Compliance
Global Perspective Cyberlaw, Regulations and Compliance
ijtsrd
 
HISTORICAL GENESIS AND EVOLUTION OF CYBER CRIME AND CYBER SECURITY LAWS IN INDIA
HISTORICAL GENESIS AND EVOLUTION OF CYBER CRIME AND CYBER SECURITY LAWS IN INDIAHISTORICAL GENESIS AND EVOLUTION OF CYBER CRIME AND CYBER SECURITY LAWS IN INDIA
HISTORICAL GENESIS AND EVOLUTION OF CYBER CRIME AND CYBER SECURITY LAWS IN INDIA
IRJET Journal
 
Legal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptxLegal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptx
soulscout02
 
Cybersecurity Issues and Challenges
Cybersecurity Issues and ChallengesCybersecurity Issues and Challenges
Cybersecurity Issues and Challenges
Tam Nguyen
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guide
AdilsonSuende
 
State Management Mechanisms for the Exchange of Information Regarding Cyberat...
State Management Mechanisms for the Exchange of Information Regarding Cyberat...State Management Mechanisms for the Exchange of Information Regarding Cyberat...
State Management Mechanisms for the Exchange of Information Regarding Cyberat...
Igor Britchenko
 
Guideline Thailand Cybersecure Strate Digital Economy
Guideline Thailand Cybersecure Strate Digital EconomyGuideline Thailand Cybersecure Strate Digital Economy
Guideline Thailand Cybersecure Strate Digital Economy
Settapong_CyberSecurity
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
pronab Kurmi
 
What is Network security, or Securiing your data Through Network,N.pdf
What is Network security, or Securiing your data Through Network,N.pdfWhat is Network security, or Securiing your data Through Network,N.pdf
What is Network security, or Securiing your data Through Network,N.pdf
anujmkt
 
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxSECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
bagotjesusa
 
Securing the digital frontier cyber security policies for a safer future.pdf
Securing the digital frontier cyber security policies for a safer future.pdfSecuring the digital frontier cyber security policies for a safer future.pdf
Securing the digital frontier cyber security policies for a safer future.pdf
Altius IT
 
CYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIACYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIA
Anish Rai
 
ehadjasd
ehadjasdehadjasd
ehadjasd
nuquiaxeljohn0815
 
Cybersecurity and Policy Kafayat Omotayo WRTG 112
Cybersecurity and Policy Kafayat Omotayo WRTG 112 Cybersecurity and Policy Kafayat Omotayo WRTG 112
Cybersecurity and Policy Kafayat Omotayo WRTG 112
OllieShoresna
 
Lecture 8.pdf
Lecture 8.pdfLecture 8.pdf
Lecture 8.pdf
abdukadirabdullahuad
 
Ethics in Cyber Crime_will be helpful for ethics presentation.pptx
Ethics in Cyber Crime_will be helpful for ethics presentation.pptxEthics in Cyber Crime_will be helpful for ethics presentation.pptx
Ethics in Cyber Crime_will be helpful for ethics presentation.pptx
mohitsrivastavabtech
 
Forecast cybersecurity regulation v3
Forecast cybersecurity regulation v3Forecast cybersecurity regulation v3
Forecast cybersecurity regulation v3
Joe Orlando
 
Finland s cyber security strategy background dossier
Finland s cyber security strategy background dossierFinland s cyber security strategy background dossier
Finland s cyber security strategy background dossier
Yury Chemerkin
 
3999779.ppt
3999779.ppt3999779.ppt
3999779.ppt
pixvilx
 
239 325 ethics
239 325 ethics239 325 ethics
239 325 ethics
syed ahmed
 
Cybersecurity: Protecting Local Government Digital Resources Report
Cybersecurity: Protecting Local Government Digital Resources ReportCybersecurity: Protecting Local Government Digital Resources Report
Cybersecurity: Protecting Local Government Digital Resources Report
Samantha Wagner
 
Cybersecurity report
Cybersecurity reportCybersecurity report
Cybersecurity report
Kevin Leffew
 
Cyber_Security.-project-4th year-cse pdf
Cyber_Security.-project-4th year-cse pdfCyber_Security.-project-4th year-cse pdf
Cyber_Security.-project-4th year-cse pdf
messengerhelper4
 
Cyber_Security+Education_Project_Report.pdf
Cyber_Security+Education_Project_Report.pdfCyber_Security+Education_Project_Report.pdf
Cyber_Security+Education_Project_Report.pdf
messengerhelper4
 
Project Front_Page.pdf
Project Front_Page.pdfProject Front_Page.pdf
Project Front_Page.pdf
Sitamarhi Institute of Technology
 
Module 1.pdf
Module 1.pdfModule 1.pdf
Module 1.pdf
Sitamarhi Institute of Technology
 

More Related Content

Similar to Module 7.pdf

Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guide
AdilsonSuende
 
State Management Mechanisms for the Exchange of Information Regarding Cyberat...
State Management Mechanisms for the Exchange of Information Regarding Cyberat...State Management Mechanisms for the Exchange of Information Regarding Cyberat...
State Management Mechanisms for the Exchange of Information Regarding Cyberat...
Igor Britchenko
 
Guideline Thailand Cybersecure Strate Digital Economy
Guideline Thailand Cybersecure Strate Digital EconomyGuideline Thailand Cybersecure Strate Digital Economy
Guideline Thailand Cybersecure Strate Digital Economy
Settapong_CyberSecurity
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
pronab Kurmi
 
What is Network security, or Securiing your data Through Network,N.pdf
What is Network security, or Securiing your data Through Network,N.pdfWhat is Network security, or Securiing your data Through Network,N.pdf
What is Network security, or Securiing your data Through Network,N.pdf
anujmkt
 
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxSECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
bagotjesusa
 
Securing the digital frontier cyber security policies for a safer future.pdf
Securing the digital frontier cyber security policies for a safer future.pdfSecuring the digital frontier cyber security policies for a safer future.pdf
Securing the digital frontier cyber security policies for a safer future.pdf
Altius IT
 
CYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIACYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIA
Anish Rai
 
ehadjasd
ehadjasdehadjasd
ehadjasd
nuquiaxeljohn0815
 
Cybersecurity and Policy Kafayat Omotayo WRTG 112
Cybersecurity and Policy Kafayat Omotayo WRTG 112 Cybersecurity and Policy Kafayat Omotayo WRTG 112
Cybersecurity and Policy Kafayat Omotayo WRTG 112
OllieShoresna
 
Lecture 8.pdf
Lecture 8.pdfLecture 8.pdf
Lecture 8.pdf
abdukadirabdullahuad
 
Ethics in Cyber Crime_will be helpful for ethics presentation.pptx
Ethics in Cyber Crime_will be helpful for ethics presentation.pptxEthics in Cyber Crime_will be helpful for ethics presentation.pptx
Ethics in Cyber Crime_will be helpful for ethics presentation.pptx
mohitsrivastavabtech
 
Forecast cybersecurity regulation v3
Forecast cybersecurity regulation v3Forecast cybersecurity regulation v3
Forecast cybersecurity regulation v3
Joe Orlando
 
Finland s cyber security strategy background dossier
Finland s cyber security strategy background dossierFinland s cyber security strategy background dossier
Finland s cyber security strategy background dossier
Yury Chemerkin
 
3999779.ppt
3999779.ppt3999779.ppt
3999779.ppt
pixvilx
 
239 325 ethics
239 325 ethics239 325 ethics
239 325 ethics
syed ahmed
 
Cybersecurity: Protecting Local Government Digital Resources Report
Cybersecurity: Protecting Local Government Digital Resources ReportCybersecurity: Protecting Local Government Digital Resources Report
Cybersecurity: Protecting Local Government Digital Resources Report
Samantha Wagner
 
Cybersecurity report
Cybersecurity reportCybersecurity report
Cybersecurity report
Kevin Leffew
 
Cyber_Security.-project-4th year-cse pdf
Cyber_Security.-project-4th year-cse pdfCyber_Security.-project-4th year-cse pdf
Cyber_Security.-project-4th year-cse pdf
messengerhelper4
 
Cyber_Security+Education_Project_Report.pdf
Cyber_Security+Education_Project_Report.pdfCyber_Security+Education_Project_Report.pdf
Cyber_Security+Education_Project_Report.pdf
messengerhelper4
 

Similar to Module 7.pdf (20)

Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guide
 
State Management Mechanisms for the Exchange of Information Regarding Cyberat...
State Management Mechanisms for the Exchange of Information Regarding Cyberat...State Management Mechanisms for the Exchange of Information Regarding Cyberat...
State Management Mechanisms for the Exchange of Information Regarding Cyberat...
 
Guideline Thailand Cybersecure Strate Digital Economy
Guideline Thailand Cybersecure Strate Digital EconomyGuideline Thailand Cybersecure Strate Digital Economy
Guideline Thailand Cybersecure Strate Digital Economy
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
What is Network security, or Securiing your data Through Network,N.pdf
What is Network security, or Securiing your data Through Network,N.pdfWhat is Network security, or Securiing your data Through Network,N.pdf
What is Network security, or Securiing your data Through Network,N.pdf
 
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxSECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
 
Securing the digital frontier cyber security policies for a safer future.pdf
Securing the digital frontier cyber security policies for a safer future.pdfSecuring the digital frontier cyber security policies for a safer future.pdf
Securing the digital frontier cyber security policies for a safer future.pdf
 
CYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIACYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIA
 
ehadjasd
ehadjasdehadjasd
ehadjasd
 
Cybersecurity and Policy Kafayat Omotayo WRTG 112
Cybersecurity and Policy Kafayat Omotayo WRTG 112 Cybersecurity and Policy Kafayat Omotayo WRTG 112
Cybersecurity and Policy Kafayat Omotayo WRTG 112
 
Lecture 8.pdf
Lecture 8.pdfLecture 8.pdf
Lecture 8.pdf
 
Ethics in Cyber Crime_will be helpful for ethics presentation.pptx
Ethics in Cyber Crime_will be helpful for ethics presentation.pptxEthics in Cyber Crime_will be helpful for ethics presentation.pptx
Ethics in Cyber Crime_will be helpful for ethics presentation.pptx
 
Forecast cybersecurity regulation v3
Forecast cybersecurity regulation v3Forecast cybersecurity regulation v3
Forecast cybersecurity regulation v3
 
Finland s cyber security strategy background dossier
Finland s cyber security strategy background dossierFinland s cyber security strategy background dossier
Finland s cyber security strategy background dossier
 
3999779.ppt
3999779.ppt3999779.ppt
3999779.ppt
 
239 325 ethics
239 325 ethics239 325 ethics
239 325 ethics
 
Cybersecurity: Protecting Local Government Digital Resources Report
Cybersecurity: Protecting Local Government Digital Resources ReportCybersecurity: Protecting Local Government Digital Resources Report
Cybersecurity: Protecting Local Government Digital Resources Report
 
Cybersecurity report
Cybersecurity reportCybersecurity report
Cybersecurity report
 
Cyber_Security.-project-4th year-cse pdf
Cyber_Security.-project-4th year-cse pdfCyber_Security.-project-4th year-cse pdf
Cyber_Security.-project-4th year-cse pdf
 
Cyber_Security+Education_Project_Report.pdf
Cyber_Security+Education_Project_Report.pdfCyber_Security+Education_Project_Report.pdf
Cyber_Security+Education_Project_Report.pdf
 

More from Sitamarhi Institute of Technology

Project Front_Page.pdf
Project Front_Page.pdfProject Front_Page.pdf
Project Front_Page.pdf
Sitamarhi Institute of Technology
 
Module 1.pdf
Module 1.pdfModule 1.pdf
Module 1.pdf
Sitamarhi Institute of Technology
 
Module 5.pdf
Module 5.pdfModule 5.pdf
Module 5.pdf
Sitamarhi Institute of Technology
 
Module 6.pdf
Module 6.pdfModule 6.pdf
Module 6.pdf
Sitamarhi Institute of Technology
 
Module 2.pdf
Module 2.pdfModule 2.pdf
Module 2.pdf
Sitamarhi Institute of Technology
 
Module 3.pdf
Module 3.pdfModule 3.pdf
Module 3.pdf
Sitamarhi Institute of Technology
 
Module 4.pdf
Module 4.pdfModule 4.pdf
Module 4.pdf
Sitamarhi Institute of Technology
 
short notes bio
short notes bioshort notes bio
short notes bio
Sitamarhi Institute of Technology
 
Photosynthesis.pptx
Photosynthesis.pptxPhotosynthesis.pptx
Photosynthesis.pptx
Sitamarhi Institute of Technology
 
Concept of Allele.pptx
Concept of Allele.pptxConcept of Allele.pptx
Concept of Allele.pptx
Sitamarhi Institute of Technology
 
Genetics.pptx
Genetics.pptxGenetics.pptx
Genetics.pptx
Sitamarhi Institute of Technology
 
8m Biology.pdf
8m Biology.pdf8m Biology.pdf
8m Biology.pdf
Sitamarhi Institute of Technology
 
Module 5.pptx
Module 5.pptxModule 5.pptx
Module 5.pptx
Sitamarhi Institute of Technology
 
Mendel’s experiment.pptx
Mendel’s experiment.pptxMendel’s experiment.pptx
Mendel’s experiment.pptx
Sitamarhi Institute of Technology
 
microbiology.pptx
microbiology.pptxmicrobiology.pptx
microbiology.pptx
Sitamarhi Institute of Technology
 
BIOLOGY 7sem.pdf
BIOLOGY 7sem.pdfBIOLOGY 7sem.pdf
BIOLOGY 7sem.pdf
Sitamarhi Institute of Technology
 
Heirarchy of life forms and classification.pptx
Heirarchy of life forms and classification.pptxHeirarchy of life forms and classification.pptx
Heirarchy of life forms and classification.pptx
Sitamarhi Institute of Technology
 
Amino acids and proteins.pptx
Amino acids and proteins.pptxAmino acids and proteins.pptx
Amino acids and proteins.pptx
Sitamarhi Institute of Technology
 
BIO.docx
BIO.docxBIO.docx
BIO.docx
Sitamarhi Institute of Technology
 
clasification based on celluarity.pptx
clasification based on celluarity.pptxclasification based on celluarity.pptx
clasification based on celluarity.pptx
Sitamarhi Institute of Technology
 

More from Sitamarhi Institute of Technology (20)

Project Front_Page.pdf
Project Front_Page.pdfProject Front_Page.pdf
Project Front_Page.pdf
 
Module 1.pdf
Module 1.pdfModule 1.pdf
Module 1.pdf
 
Module 5.pdf
Module 5.pdfModule 5.pdf
Module 5.pdf
 
Module 6.pdf
Module 6.pdfModule 6.pdf
Module 6.pdf
 
Module 2.pdf
Module 2.pdfModule 2.pdf
Module 2.pdf
 
Module 3.pdf
Module 3.pdfModule 3.pdf
Module 3.pdf
 
Module 4.pdf
Module 4.pdfModule 4.pdf
Module 4.pdf
 
short notes bio
short notes bioshort notes bio
short notes bio
 
Photosynthesis.pptx
Photosynthesis.pptxPhotosynthesis.pptx
Photosynthesis.pptx
 
Concept of Allele.pptx
Concept of Allele.pptxConcept of Allele.pptx
Concept of Allele.pptx
 
Genetics.pptx
Genetics.pptxGenetics.pptx
Genetics.pptx
 
8m Biology.pdf
8m Biology.pdf8m Biology.pdf
8m Biology.pdf
 
Module 5.pptx
Module 5.pptxModule 5.pptx
Module 5.pptx
 
Mendel’s experiment.pptx
Mendel’s experiment.pptxMendel’s experiment.pptx
Mendel’s experiment.pptx
 
microbiology.pptx
microbiology.pptxmicrobiology.pptx
microbiology.pptx
 
BIOLOGY 7sem.pdf
BIOLOGY 7sem.pdfBIOLOGY 7sem.pdf
BIOLOGY 7sem.pdf
 
Heirarchy of life forms and classification.pptx
Heirarchy of life forms and classification.pptxHeirarchy of life forms and classification.pptx
Heirarchy of life forms and classification.pptx
 
Amino acids and proteins.pptx
Amino acids and proteins.pptxAmino acids and proteins.pptx
Amino acids and proteins.pptx
 
BIO.docx
BIO.docxBIO.docx
BIO.docx
 
clasification based on celluarity.pptx
clasification based on celluarity.pptxclasification based on celluarity.pptx
clasification based on celluarity.pptx
 

Recently uploaded

natural gas transmission pipeline safety related presentation.pdf
natural gas transmission pipeline safety related presentation.pdfnatural gas transmission pipeline safety related presentation.pdf
natural gas transmission pipeline safety related presentation.pdf
SusheelGupta16
 
DELTA V MES EMERSON EDUARDO RODRIGUES ENGINEER
DELTA V MES EMERSON EDUARDO RODRIGUES ENGINEERDELTA V MES EMERSON EDUARDO RODRIGUES ENGINEER
DELTA V MES EMERSON EDUARDO RODRIGUES ENGINEER
EMERSON EDUARDO RODRIGUES
 
Intuit CRAFT demonstration presentation for sde
Intuit CRAFT demonstration presentation for sdeIntuit CRAFT demonstration presentation for sde
Intuit CRAFT demonstration presentation for sde
ShivangMishra54
 
Call Girls Chennai +91-8824825030 Vip Call Girls Chennai
Call Girls Chennai +91-8824825030 Vip Call Girls ChennaiCall Girls Chennai +91-8824825030 Vip Call Girls Chennai
Call Girls Chennai +91-8824825030 Vip Call Girls Chennai
paraasingh12 #V08
 
🔥 Hyderabad Call Girls  👉 9352988975 👫 High Profile Call Girls Whatsapp Numbe...
🔥 Hyderabad Call Girls  👉 9352988975 👫 High Profile Call Girls Whatsapp Numbe...🔥 Hyderabad Call Girls  👉 9352988975 👫 High Profile Call Girls Whatsapp Numbe...
🔥 Hyderabad Call Girls  👉 9352988975 👫 High Profile Call Girls Whatsapp Numbe...
aarusi sexy model
 
Asymmetrical Repulsion Magnet Motor Ratio 6-7.pdf
Asymmetrical Repulsion Magnet Motor Ratio 6-7.pdfAsymmetrical Repulsion Magnet Motor Ratio 6-7.pdf
Asymmetrical Repulsion Magnet Motor Ratio 6-7.pdf
felixwold
 
Lateral load-resisting systems in buildings.pptx
Lateral load-resisting systems in buildings.pptxLateral load-resisting systems in buildings.pptx
Lateral load-resisting systems in buildings.pptx
DebendraDevKhanal1
 
Introduction to Artificial Intelligence.
Introduction to Artificial Intelligence.Introduction to Artificial Intelligence.
Introduction to Artificial Intelligence.
supriyaDicholkar1
 
An In-Depth Exploration of Natural Language Processing: Evolution, Applicatio...
An In-Depth Exploration of Natural Language Processing: Evolution, Applicatio...An In-Depth Exploration of Natural Language Processing: Evolution, Applicatio...
An In-Depth Exploration of Natural Language Processing: Evolution, Applicatio...
DharmaBanothu
 
High Profile Call Girls Ahmedabad 🔥 7737669865 🔥 Real Fun With Sexual Girl Av...
High Profile Call Girls Ahmedabad 🔥 7737669865 🔥 Real Fun With Sexual Girl Av...High Profile Call Girls Ahmedabad 🔥 7737669865 🔥 Real Fun With Sexual Girl Av...
High Profile Call Girls Ahmedabad 🔥 7737669865 🔥 Real Fun With Sexual Girl Av...
dABGO KI CITy kUSHINAGAR Ak47
 
3rd International Conference on Artificial Intelligence Advances (AIAD 2024)
3rd International Conference on Artificial Intelligence Advances (AIAD 2024)3rd International Conference on Artificial Intelligence Advances (AIAD 2024)
3rd International Conference on Artificial Intelligence Advances (AIAD 2024)
GiselleginaGloria
 
comptia-security-sy0-701-exam-objectives-(5-0).pdf
comptia-security-sy0-701-exam-objectives-(5-0).pdfcomptia-security-sy0-701-exam-objectives-(5-0).pdf
comptia-security-sy0-701-exam-objectives-(5-0).pdf
foxlyon
 
INTRODUCTION TO ARTIFICIAL INTELLIGENCE BASIC
INTRODUCTION TO ARTIFICIAL INTELLIGENCE BASICINTRODUCTION TO ARTIFICIAL INTELLIGENCE BASIC
INTRODUCTION TO ARTIFICIAL INTELLIGENCE BASIC
GOKULKANNANMMECLECTC
 
一比一原版(uoft毕业证书)加拿大多伦多大学毕业证如何办理
一比一原版(uoft毕业证书)加拿大多伦多大学毕业证如何办理一比一原版(uoft毕业证书)加拿大多伦多大学毕业证如何办理
一比一原版(uoft毕业证书)加拿大多伦多大学毕业证如何办理
sydezfe
 
Hot Call Girls In Bangalore ✔ 9079923931 ✔ Hi I Am Divya Vip Call Girl Servic...
Hot Call Girls In Bangalore ✔ 9079923931 ✔ Hi I Am Divya Vip Call Girl Servic...Hot Call Girls In Bangalore ✔ 9079923931 ✔ Hi I Am Divya Vip Call Girl Servic...
Hot Call Girls In Bangalore ✔ 9079923931 ✔ Hi I Am Divya Vip Call Girl Servic...
Banerescorts
 
Call For Paper -3rd International Conference on Artificial Intelligence Advan...
Call For Paper -3rd International Conference on Artificial Intelligence Advan...Call For Paper -3rd International Conference on Artificial Intelligence Advan...
Call For Paper -3rd International Conference on Artificial Intelligence Advan...
ijseajournal
 
Call Girls Madurai 8824825030 Escort In Madurai service 24X7
Call Girls Madurai 8824825030 Escort In Madurai service 24X7Call Girls Madurai 8824825030 Escort In Madurai service 24X7
Call Girls Madurai 8824825030 Escort In Madurai service 24X7
Poonam Singh
 
Call Girls Goa (india) ☎️ +91-7426014248 Goa Call Girl
Call Girls Goa (india) ☎️ +91-7426014248 Goa Call GirlCall Girls Goa (india) ☎️ +91-7426014248 Goa Call Girl
Call Girls Goa (india) ☎️ +91-7426014248 Goa Call Girl
sapna sharmap11
 
East Carolina University diploma. ECU diploma
East Carolina University diploma. ECU diplomaEast Carolina University diploma. ECU diploma
East Carolina University diploma. ECU diploma
College diploma
 
一比一原版(psu学位证书)美国匹兹堡州立大学毕业证如何办理
一比一原版(psu学位证书)美国匹兹堡州立大学毕业证如何办理一比一原版(psu学位证书)美国匹兹堡州立大学毕业证如何办理
一比一原版(psu学位证书)美国匹兹堡州立大学毕业证如何办理
nonods
 

Recently uploaded (20)

natural gas transmission pipeline safety related presentation.pdf
natural gas transmission pipeline safety related presentation.pdfnatural gas transmission pipeline safety related presentation.pdf
natural gas transmission pipeline safety related presentation.pdf
 
DELTA V MES EMERSON EDUARDO RODRIGUES ENGINEER
DELTA V MES EMERSON EDUARDO RODRIGUES ENGINEERDELTA V MES EMERSON EDUARDO RODRIGUES ENGINEER
DELTA V MES EMERSON EDUARDO RODRIGUES ENGINEER
 
Intuit CRAFT demonstration presentation for sde
Intuit CRAFT demonstration presentation for sdeIntuit CRAFT demonstration presentation for sde
Intuit CRAFT demonstration presentation for sde
 
Call Girls Chennai +91-8824825030 Vip Call Girls Chennai
Call Girls Chennai +91-8824825030 Vip Call Girls ChennaiCall Girls Chennai +91-8824825030 Vip Call Girls Chennai
Call Girls Chennai +91-8824825030 Vip Call Girls Chennai
 
🔥 Hyderabad Call Girls  👉 9352988975 👫 High Profile Call Girls Whatsapp Numbe...
🔥 Hyderabad Call Girls  👉 9352988975 👫 High Profile Call Girls Whatsapp Numbe...🔥 Hyderabad Call Girls  👉 9352988975 👫 High Profile Call Girls Whatsapp Numbe...
🔥 Hyderabad Call Girls  👉 9352988975 👫 High Profile Call Girls Whatsapp Numbe...
 
Asymmetrical Repulsion Magnet Motor Ratio 6-7.pdf
Asymmetrical Repulsion Magnet Motor Ratio 6-7.pdfAsymmetrical Repulsion Magnet Motor Ratio 6-7.pdf
Asymmetrical Repulsion Magnet Motor Ratio 6-7.pdf
 
Lateral load-resisting systems in buildings.pptx
Lateral load-resisting systems in buildings.pptxLateral load-resisting systems in buildings.pptx
Lateral load-resisting systems in buildings.pptx
 
Introduction to Artificial Intelligence.
Introduction to Artificial Intelligence.Introduction to Artificial Intelligence.
Introduction to Artificial Intelligence.
 
An In-Depth Exploration of Natural Language Processing: Evolution, Applicatio...
An In-Depth Exploration of Natural Language Processing: Evolution, Applicatio...An In-Depth Exploration of Natural Language Processing: Evolution, Applicatio...
An In-Depth Exploration of Natural Language Processing: Evolution, Applicatio...
 
High Profile Call Girls Ahmedabad 🔥 7737669865 🔥 Real Fun With Sexual Girl Av...
High Profile Call Girls Ahmedabad 🔥 7737669865 🔥 Real Fun With Sexual Girl Av...High Profile Call Girls Ahmedabad 🔥 7737669865 🔥 Real Fun With Sexual Girl Av...
High Profile Call Girls Ahmedabad 🔥 7737669865 🔥 Real Fun With Sexual Girl Av...
 
3rd International Conference on Artificial Intelligence Advances (AIAD 2024)
3rd International Conference on Artificial Intelligence Advances (AIAD 2024)3rd International Conference on Artificial Intelligence Advances (AIAD 2024)
3rd International Conference on Artificial Intelligence Advances (AIAD 2024)
 
comptia-security-sy0-701-exam-objectives-(5-0).pdf
comptia-security-sy0-701-exam-objectives-(5-0).pdfcomptia-security-sy0-701-exam-objectives-(5-0).pdf
comptia-security-sy0-701-exam-objectives-(5-0).pdf
 
INTRODUCTION TO ARTIFICIAL INTELLIGENCE BASIC
INTRODUCTION TO ARTIFICIAL INTELLIGENCE BASICINTRODUCTION TO ARTIFICIAL INTELLIGENCE BASIC
INTRODUCTION TO ARTIFICIAL INTELLIGENCE BASIC
 
一比一原版(uoft毕业证书)加拿大多伦多大学毕业证如何办理
一比一原版(uoft毕业证书)加拿大多伦多大学毕业证如何办理一比一原版(uoft毕业证书)加拿大多伦多大学毕业证如何办理
一比一原版(uoft毕业证书)加拿大多伦多大学毕业证如何办理
 
Hot Call Girls In Bangalore ✔ 9079923931 ✔ Hi I Am Divya Vip Call Girl Servic...
Hot Call Girls In Bangalore ✔ 9079923931 ✔ Hi I Am Divya Vip Call Girl Servic...Hot Call Girls In Bangalore ✔ 9079923931 ✔ Hi I Am Divya Vip Call Girl Servic...
Hot Call Girls In Bangalore ✔ 9079923931 ✔ Hi I Am Divya Vip Call Girl Servic...
 
Call For Paper -3rd International Conference on Artificial Intelligence Advan...
Call For Paper -3rd International Conference on Artificial Intelligence Advan...Call For Paper -3rd International Conference on Artificial Intelligence Advan...
Call For Paper -3rd International Conference on Artificial Intelligence Advan...
 
Call Girls Madurai 8824825030 Escort In Madurai service 24X7
Call Girls Madurai 8824825030 Escort In Madurai service 24X7Call Girls Madurai 8824825030 Escort In Madurai service 24X7
Call Girls Madurai 8824825030 Escort In Madurai service 24X7
 
Call Girls Goa (india) ☎️ +91-7426014248 Goa Call Girl
Call Girls Goa (india) ☎️ +91-7426014248 Goa Call GirlCall Girls Goa (india) ☎️ +91-7426014248 Goa Call Girl
Call Girls Goa (india) ☎️ +91-7426014248 Goa Call Girl
 
East Carolina University diploma. ECU diploma
East Carolina University diploma. ECU diplomaEast Carolina University diploma. ECU diploma
East Carolina University diploma. ECU diploma
 
一比一原版(psu学位证书)美国匹兹堡州立大学毕业证如何办理
一比一原版(psu学位证书)美国匹兹堡州立大学毕业证如何办理一比一原版(psu学位证书)美国匹兹堡州立大学毕业证如何办理
一比一原版(psu学位证书)美国匹兹堡州立大学毕业证如何办理
 

Module 7.pdf

  • 1. Cyber Security [105713] – Notes Module 7 Cyber Laws and Forensics: Introduction, Cyber Security Regulations, Roles of International Law, the state and Private Sector in Cyber space, Cyber Security Standards. The INDIAN Cyberspace, National Cyber Security Policy 2013. Introduction to Cyber Forensics, Need of Cyber Forensics, Cyber Evidence, Documentation and Management of Crime Sense, Image Capturing and its importance, Partial Volume Image, Web Attack Investigations, Denial of Service Investigations, Internet Crime Investigations, Internet Forensics, Steps for Investigating Internet Crime, Email Crime Investigations. Open Source/ Free/ Trial Tools: Case Studies related to Cyber Law, Common Forensic Tools like dd, md5sum, sha1sum, Ram dump analysis, USB device. Cyber Laws and Forensics Cyber laws and forensics are two important areas in the field of cybersecurity that are critical for protecting individuals, organizations, and nations against cyber threats. Cyber laws refer to a set of legal guidelines and regulations designed to protect against cybercrimes, and to govern the use of the internet and other digital technologies. These laws cover a wide range of issues, including data protection, privacy, intellectual property rights, cyberbullying, online harassment, and cyber terrorism. Cyber laws are enforced by law enforcement agencies, and those who violate these laws can face severe penalties and fines. Cyber forensics, on the other hand, is the process of collecting, analyzing, and preserving digital evidence in order to investigate and prevent cybercrimes. Cyber forensics experts use a variety of techniques to identify and track down cybercriminals, including computer and network analysis, data recovery, and reverse engineering. They also work closely with law enforcement agencies to gather evidence that can be used in legal proceedings. Together, cyber laws and forensics play a critical role in protecting against cyber threats and ensuring the safety and security of digital systems and networks. They help to deter cybercriminals, prosecute those who engage in cybercrimes, and provide a framework for regulating the use of the internet and other digital technologies. In addition, they help to build trust in the digital economy, enabling individuals and organizations to conduct business online with confidence. Introduction, Cyber Security Regulations- Cybersecurity regulations are a set of rules, guidelines, and standards that are designed to protect information systems, networks, and digital assets from cyber threats. Cybersecurity regulations are typically established by governments, industry associations, and other regulatory bodies to ensure that organizations are taking appropriate measures to protect their digital assets from cyber attacks. The importance of cybersecurity regulations has increased in recent years due to the growing number and complexity of cyber threats. Cyber attacks can result in the theft of sensitive data, financial losses, reputational damage, and even physical harm in some cases. As a result, many countries have implemented cybersecurity regulations to protect their citizens and businesses from these threats. Cybersecurity regulations typically cover a range of areas, including data protection, incident response, network security, access controls, and risk management. These regulations may require organizations to implement specific security controls, such as firewalls, encryption, and multi-factor authentication, and to follow established security frameworks, such as the NIST Cybersecurity Framework or ISO 27001.
  • 2. Organizations that are subject to cybersecurity regulations may face significant penalties and fines if they fail to comply with these regulations. In addition, organizations that suffer a data breach or other cyber incident may be required to report the incident to regulatory authorities and to take specific steps to remediate the incident. Overall, cybersecurity regulations play a critical role in protecting digital systems and networks from cyber threats and ensuring the safety and security of individuals and organizations in the digital age. Roles of International Law- International law is a body of legal rules and principles that govern the conduct of states and other international actors in their relations with one another. international law plays an important role in regulating and addressing issues related to cybersecurity and cybercrime at the international level. The roles of international law in cybersecurity include: Establishing norms: International law helps to establish norms and standards of behavior for states and other international actors in cyberspace. For example, the Tallinn Manual, a set of guidelines developed by experts in international law, provides guidance on the application of international law to cyber operations. Addressing cybercrime: International law plays a critical role in addressing cybercrime by providing a legal framework for cooperation and collaboration among countries. This includes the Budapest Convention on Cybercrime, which provides a framework for international cooperation on cybercrime investigations and prosecutions. Regulating state behavior: International law helps to regulate state behavior in cyberspace, including state-sponsored cyber activities and cyber espionage. This includes the United Nations Charter, which prohibits the use of force in international relations, and the International Court of Justice, which provides a forum for resolving disputes between states. Protecting human rights: International law also plays a role in protecting human rights in cyberspace. This includes the International Covenant on Civil and Political Rights, which protects the right to freedom of expression, and the Universal Declaration of Human Rights, which protects the right to privacy. Ensuring accountability: International law helps to ensure accountability for cyber attacks and other cyber activities. This includes the establishment of international criminal tribunals, such as the International Criminal Court, which can prosecute individuals responsible for cyber crimes. The state and Private sector in Cyberspace, Cyber Security Standards - The state and private sector play critical roles in cybersecurity and are both responsible for ensuring the safety and security of digital systems and networks. The state's role in cybersecurity involves developing and enforcing laws and regulations related to cybersecurity. Governments establish cybersecurity standards and guidelines that organizations must follow to protect their systems and networks. They also invest in cybersecurity research and development to improve the overall security posture of the country. Governments may also provide support for organizations to help them enhance their cybersecurity capabilities. The private sector's role in cybersecurity involves implementing cybersecurity measures to protect their
  • 3. systems and networks. Private sector organizations may implement cybersecurity standards and guidelines, such as ISO 27001 or NIST Cybersecurity Framework, to ensure they are following best practices for cybersecurity. They may also hire cybersecurity experts to assess their security posture and recommend improvements. Private sector organizations also play a critical role in sharing threat intelligence with other organizations to help prevent cyber attacks. Cybersecurity standards are important in establishing best practices for cybersecurity across different industries and organizations. They help to ensure a consistent level of cybersecurity across different organizations and can be used as a benchmark for measuring an organization's cybersecurity posture. Cybersecurity standards may be established by governments or industry associations, and they typically provide guidelines for implementing specific security controls and best practices. There are many cybersecurity standards that organizations may choose to follow, such as ISO 27001, NIST Cybersecurity Framework, or the Payment Card Industry Data Security Standard (PCI DSS). These standards provide guidance on various aspects of cybersecurity, including risk management, access controls, data protection, incident response, and security awareness training. In summary, the state and private sector play critical roles in cybersecurity, and both have a responsibility to ensure the safety and security of digital systems and networks. Cybersecurity standards are important in establishing best practices for cybersecurity and ensuring a consistent level of cybersecurity across different organizations and industries. The INDIAN Cyberspace, National Cyber Security Policy 2013 The National Cyber Security Policy 2013 was introduced by the Indian government to address the growing threat of cyber attacks and ensure the security of India's cyberspace. The National Cyber Security Policy 2013 aims to create a secure and resilient cyberspace for citizens, businesses, and the government. The policy is based on the following pillars: Creating a secure cyberspace: The policy aims to create a secure cyberspace by establishing a secure IT infrastructure, creating an ecosystem for cyber security R&D, promoting the use of indigenous technologies, and strengthening the regulatory framework. Creating a mechanism for incident response: The policy aims to create a mechanism for incident response by establishing a National Critical Information Infrastructure Protection Centre (NCIIPC) to monitor and respond to cyber attacks on critical infrastructure. Creating a workforce for cybersecurity: The policy aims to create a skilled workforce for cybersecurity by establishing a National Cyber Security Co-ordination Centre (NCSC) to coordinate with stakeholders and promote the development of cybersecurity skills. Creating public-private partnerships: The policy aims to create public-private partnerships to promote information sharing, create awareness among stakeholders, and build capacity for cybersecurity. The National Cyber Security Policy 2013 also outlines several initiatives to achieve these objectives, including the establishment of a National Cyber Security Centre, the creation of a National Cyber Security Coordinator position, the development of a cyber security research and development framework, and the promotion of cybersecurity education and awareness. Overall, the National Cyber Security Policy 2013 is an important step towards strengthening cybersecurity in India. It provides a framework for establishing a secure and resilient cyberspace, creating a mechanism for incident response, building a skilled workforce for cybersecurity, and promoting public-private
  • 5. Introduction to Cyber Forensics, Need of Cyber Forensic Cyber forensics, also known as digital forensics, is a branch of forensic science that involves the recovery, analysis, and preservation of digital evidence. Cyber forensics is used to investigate cybercrime, data breaches, and other digital incidents that may have legal implications. The need for cyber forensics arises from the increasing use of technology in our daily lives, including business and government operations. With the growing reliance on digital data, cybercrime has become a significant threat to individuals, organizations, and governments. Cyber forensics helps in investigating and prosecuting cybercrime by identifying and preserving digital evidence. Cyber forensic investigations involve the use of specialized tools and techniques to collect and analyze digital evidence, such as computer systems, mobile devices, and network logs. The digital evidence can include emails, documents, chat logs, images, and other types of data stored on electronic devices or transmitted over networks. The primary goal of cyber forensics is to establish a clear chain of custody and maintain the integrity of the digital evidence. This involves documenting the entire investigation process, from the collection of evidence to the analysis and presentation of findings. Cyber forensics is essential in today's digital world because it helps in identifying and prosecuting cyber criminals, protecting intellectual property, and ensuring compliance with regulations and legal requirements. It also helps in preventing future cyber incidents by identifying vulnerabilities and improving security measures Cyber Evidence Cyber evidence is any digital information that is collected and used in the investigation and prosecution of cybercrime. It includes any data that can be found on electronic devices or transmitted over networks, such as emails, chat logs, social media posts, documents, images, videos, and other types of digital files. Cyber evidence can be collected from a variety of sources, including computers, smartphones, tablets, servers, and other network-connected devices. The evidence can be found in various forms, including volatile memory, hard drives, flash drives, cloud storage, and network logs. The collection and analysis of cyber evidence require specialized techniques and tools to ensure that the integrity of the evidence is maintained throughout the investigation. The process involves identifying potential sources of evidence, imaging or copying the data, and analyzing the data to identify any relevant information. In addition to identifying potential sources of evidence, it is also essential to document the entire process to maintain the chain of custody and ensure the admissibility of the evidence in court. This includes documenting the collection and analysis of the evidence, as well as any conclusions or findings that are made based on the evidence. The use of cyber evidence is becoming increasingly important in the investigation and prosecution of cybercrime. Cyber evidence can provide crucial information about the identity of the perpetrator, the methods used to commit the crime, and any other relevant details that can help in the investigation and prosecution. However, the collection and analysis of cyber evidence can be challenging due to the complexity of digital systems and the constantly evolving nature of technology. As a result, cyber forensic experts play a critical
  • 6. role in the identification and collection of cyber evidence, as well as the analysis and interpretation of the data. Documentation and Management of Crime Sense Crime scene documentation and management are critical components of any criminal investigation, including cybercrime. Proper documentation and management of a crime scene help to ensure the integrity of the evidence and increase the chances of identifying and prosecuting the perpetrator. In the context of cybercrime, the crime scene may be a computer system, network, or other digital device. The following are some of the key steps involved in the documentation and management of cybercrime scenes: Securing the scene: The firststep is to secure the crime scene to prevent any further damage or tampering with the evidence. This involves ensuring that the system or device is isolated from the network and other devices to prevent any further data loss or modification. Documenting the scene: The next step is to document the crime scene by taking photographs or videos of the device or system, recording the configuration of the system, and taking note of any hardware or software that may be relevant to the investigation. Collecting evidence: Once the crime scene has been documented, the next step is to collect evidence. This involves identifying and copying any relevant data, such as log files, chat logs, or other digital files that may be stored on the system. Preservation of evidence: Once the evidence has been collected, it must be preserved to ensure its integrity. This involves storing the evidence in a secure location and ensuring that it is not tampered with or modified in any way. Analysis of evidence: The final step is to analyze the evidence to identify any relevant information that can be used in the investigation and prosecution of the perpetrator. This involves using specialized tools and techniques to examine the data and identify any patterns or anomalies. Proper documentation and management of cybercrime scenes are essential in ensuring the integrity of the evidence and increasing the chances of identifying and prosecuting the perpetrator. It is crucial that investigators have the knowledge and skills to effectively document and manage cybercrime scenes to ensure that justice is served. Image Capturing and its importance: Image capturing is a critical process in crime scene documentation, including cybercrime scenes. It involves the use of specialized equipment to take photographs or videos of the crime scene, including any digital devices or systems that may be relevant to the investigation. The importance of image capturing in crime scene documentation cannot be overstated. The following are some of the reasons why image capturing is essential: Preservation of evidence: Images and videos captured at the crime scene help to preserve the evidence and ensure that it is not lost or modified in any way. They provide a record of the crime scene that can be used in the investigation and prosecution of the perpetrator. Reconstruction of the crime scene: Images and videos can be used to reconstruct the crime scene and identify any potential areas of interest or points of entry/exit. This can help investigators to piece together
  • 7. the sequence of events leading up to the crime. Identification of suspects: Images and videos captured at the crime scene may also help to identify suspects or witnesses who may have been present at the time of the crime. They can be used to match individuals to descriptions provided by witnesses or to identify individuals who may have left behind digital footprints at the scene. Admissibility in court: Images and videos captured at the crime scene can be used as evidence in court to support the prosecution's case. However, it is essential to ensure that the images and videos are captured and handled in a manner that preserves their integrity and admissibility in court. Partial Volume image Partial volume imaging refers to a technique used in medical imaging to improve the quality and accuracy of images. It is particularly useful in situations where the boundaries between different types of tissues are not well-defined. In medical imaging, a pixel or voxel (3D pixel) is the smallest element of an image. In the case of partial volume imaging, a voxel contains a mixture of different tissues. This can happen when the voxel is located near the boundary between two different types of tissues, and it is not possible to accurately determine which tissue is present in the voxel. Partial volume imaging works by estimating the proportion of each tissue within the voxel. This is done using various mathematical algorithms that take into account the surrounding pixels or voxels. The estimated tissue proportions are then used to create a more accurate image, with improved contrast and resolution. Partial volume imaging is used in a variety of medical imaging modalities, including computed tomography (CT), magnetic resonance imaging (MRI), and ultrasound. It is particularly useful in the imaging of organs such as the brain, where the boundaries between different types of tissues can be difficult to distinguish. Web attack Investigations- Web attacks are a common type of cyber attack that target websites and web applications. When a web attack occurs, it is essential to investigate the attack to determine the cause, extent, and impact of the attack. The following are the steps involved in conducting a web attack investigation: Identify the attack: The first step is to identify that an attack has occurred. This can be done through various methods, such as monitoring network traffic, reviewing server logs, or receiving alerts from intrusion detection systems. Secure the affected systems: Once an attack has been identified, it is important to secure the affected systems to prevent further damage. This may involve disconnecting the systems from the network, shutting down affected services, or taking other measures to prevent the attacker from gaining further access. Collect and preserve evidence: Evidence collection is a critical step in any investigation. It involves collecting and preserving any data that may be relevant to the investigation, such as log files, network traffic data, and system snapshots. The evidence must be collected and preserved in a manner that maintains its integrity and admissibility in court. Analyze the evidence: The collected evidence must be analyzed to determine the cause and extent of the
  • 8. attack. This may involve reviewing log files and network traffic data to identify the attacker's methods and tools, examining system snapshots to identify any changes made to the system, and analyzing any malware or other malicious code found on the system. Remediate the damage: Once the cause and extent of the attack have been identified, steps must be taken to remediate the damage caused by the attack. This may involve restoring affected systems from backups,patching vulnerabilities, or implementing additional security measures to prevent similar attacks from occurring in the future. Report the incident: Finally, the results of the investigation must be documented and reported. This may involve providing a detailed report of the incident to management, law enforcement, or regulatory authorities, depending on the nature and severity of the attack. Denial of Service Investigations- Denial of Service (DoS) attacks are a type of cyber attack that involves overwhelming a target system with traffic or requests, rendering it inaccessible to legitimate users. When a DoS attack occurs, it is essential to investigate the attack to determine the cause, extent, and impact of the attack. The following are the steps involved in conducting a DoS attack investigation: Identify the attack: The first step is to identify that a DoS attack has occurred. This can be done through various methods, such as monitoring network traffic, reviewing server logs, or receiving alerts from intrusion detection systems. Secure the affected systems: Once a DoS attack has been identified, it is important to secure the affected systems to prevent further damage. This may involve disconnecting the systems from the network, blocking the source of the attack, or taking other measures to prevent the attacker from continuing the attack. Collect and preserve evidence: Evidence collection is a critical step in any investigation. It involves collecting and preserving any data that may be relevant to the investigation, such as log files, network traffic data, and system snapshots. The evidence must be collected and preserved in a manner that maintains its integrity and admissibility in court. Analyze the evidence: The collected evidence must be analyzed to determine the cause and extent of the attack. This may involve reviewing log files and network traffic data to identify the attacker's methods and tools, examining system snapshots to identify any changes made to the system, and analyzing any malware or other malicious code found on the system. Remediate the damage: Once the cause and extent of the attack have been identified, steps must be taken to remediate the damage caused by the attack. This may involve restoring affected systems from backups, patching vulnerabilities, or implementing additional security measures to prevent similar attacks from occurring in the future. Report the incident: Finally, the results of the investigation must be documented and reported. This may involve providing a detailed report of the incident to management, law enforcement, or regulatory authorities, depending on the nature and severity of the attack. Internet Crime Investigations- Internet crime investigations involve identifying and prosecuting individuals or groups that commit criminal activities on the internet. Such activities may include fraud,identity theft, hacking, cyberstalking, and child exploitation. The following are the steps involved in conducting an internet crime investigation:
  • 9. Identify the crime: The first step is to identify the specific crime that has been committed. This may involve reviewing complaints from victims, analyzing network traffic, or conducting interviews with witnesses. Collect evidence: Evidence collection is a critical step in any investigation. It involves collecting and preserving any data that may be relevant to the investigation, such as log files, emails, chat logs, and social media posts. The evidence must be collected and preserved in a manner that maintains its integrity and admissibility in court. Analyze the evidence: The collected evidence must be analyzed to determine the cause and extent of the crime. This may involve reviewing network traffic to identify the source of an attack, analyzing financial records to trace the flow of money, or examining seized devices for incriminating data. Identify suspects: Once the evidence has been analyzed, the next step is to identify potential suspects. This may involve tracking down the IP addresses of attackers, conducting background checks on individuals, or interviewing potential witnesses. Arrest and prosecution: If sufficient evidence exists, law enforcement authorities may make arrests and prosecute the suspects. This may involve filing criminal charges, seeking search warrants, or executing subpoenas for additional evidence. Report the incident: Finally, the results of the investigation must be documented and reported. This may involve providing a detailed report of the incident to management, law enforcement, or regulatory authorities, depending on the nature and severity of the crime. Internet Forensics Internet forensics involves the investigation and analysis of digital evidence related to internet-based crimes or incidents. This may include crimes such as hacking, online fraud, cyberstalking, child exploitation, and online harassment. The following are the steps involved in conducting an internet forensics investigation: Identify the incident: The first step is to identify the incident that requires investigation. This may involve reviewing reports from victims, analyzing network traffic, or conducting interviews with witnesses. Collect evidence: Evidence collection is a critical step in any investigation. It involves collecting and preserving any data that may be relevant to the investigation, such as log files, emails, chat logs, and social media posts. The evidence must be collected and preserved in a manner that maintains its integrity and admissibility in court. Analyze the evidence: The collected evidence must be analyzed to determine the cause and extent of the incident. This may involve reviewing network traffic to identify the source of an attack, analyzing financial records to trace the flow of money, or examining seized devices for incriminating data. Identify suspects: Once the evidence has been analyzed, the next step is to identify potential suspects. This may involve tracking down the IP addresses of attackers, conducting background checks on individuals, or interviewing potential witnesses. Remediate the damage: Once the cause and extent of the incident have been identified, steps must be taken to remediate the damage caused by the incident. This may involve restoring affected systems from backups, patching vulnerabilities, or implementing additional security measures to prevent similar incidents from occurring in the future.
  • 10. Report the incident: Finally, the results of the investigation must be documented and reported. This may involve providing a detailed report of the incident to management, law enforcement, or regulatory authorities, depending on the nature and severity of the incident. Steps for Investigating Internet Crime Investigating internet crimes involves several steps, including: Identification of the crime: The first step is to identify the type of internet crime that has occurred. This may involve gathering information from the victim, reviewing reports of similar crimes, and analyzing network traffic to identify potential attacks. Evidence collection: Once the type of crime has been identified, the next step is to collect evidence related to the incident. This may involve collecting network logs, emails, chat logs, social media posts, or other digital evidence that may be relevant to the investigation. Analysis of evidence: The collected evidence must be analyzed to determine the cause and extent of the crime. This may involve reviewing network traffic to identify the source of an attack, analyzing financial records to trace the flow of money, or examining seized devices for incriminating data. Identification of suspects: Once the evidence has been analyzed, the next step is to identify potential suspects. This may involve tracking down the IP addresses of attackers, conducting background checks on individuals, or interviewing potential witnesses. Arrest and prosecution: If sufficient evidence exists, law enforcement authorities may make arrests and prosecute the suspects. This may involve filing criminal charges, seeking search warrants, or executing subpoenas for additional evidence. Remediation of damage: Once the investigation is complete, any damage caused by the crime must be remediated. This may involve restoring affected systems from backups, patching vulnerabilities, or implementing additional security measures to prevent similar incidents from occurring in the future. Reporting: Finally, the results of the investigation must be documented and reported. This may involve providing a detailed report of the incident to management, law enforcement, or regulatory authorities, depending on the nature and severity of the crime. Email Crime Investigations Email crime investigations involve the investigation and analysis of digital evidence related to email- based crimes or incidents. This may include crimes such as email fraud, email harassment, email phishing, and email spamming. The following are the steps involved in conducting an email crime investigation: Identify the incident: The first step is to identify the incident that requires investigation. This may involve reviewing reports from victims, analyzing email headers, or conducting interviews with witnesses. Collect evidence: Evidence collection is a critical step in any investigation. It involves collecting and preserving any data that may be relevant to the investigation, such as email messages, email attachments, email server logs, and email addresses. The evidence must be collected and preserved in a manner that maintains its integrity and admissibility in court. Analyze the evidence: The collected evidence must be analyzed to determine the cause and extent of the incident. This may involve analyzing email headers to identify the source of an email, reviewing email content for incriminating information, or examining email attachments for malicious content.
  • 11. Identify suspects: Once the evidence has been analyzed, the next step is to identify potential suspects. This may involve tracking down the email addresses of attackers, conducting background checks on individuals, or interviewing potential witnesses. Remediate the damage: Once the cause and extent of the incident have been identified, steps must be taken to remediate the damage caused by the incident. This may involve blocking email addresses or domains, implementing additional email security measures, or alerting affected individuals to the incident. Report the incident: Finally, the results of the investigation must be documented and reported. This may involve providing a detailed report of the incident to management, law enforcement, or regulatory authorities, depending on the nature and severity of the incident. Open Source/Free/Trial Tools: Case studies related to Cyber Law, Here are some case studies related to cyber law: Yahoo Data Breach Case: In 2013 and 2014, Yahoo suffered two major data breaches that affected all 3 billion user accounts. The hackers stole sensitive personal information such as names, email addresses, dates of birth, and hashed passwords. In 2017, the US government charged four individuals, including two Russian FSB officers, with the cyber attacks. The case highlighted the need for companies to take strong measures to protect user data and to promptly disclose data breaches. Ashley Madison Data Breach Case: In 2015, the Ashley Madison website, which facilitated extramarital affairs, suffered a data breach in which hackers stole personal information of over 30 million users, including their names, email addresses, and credit card information. The case highlighted the legal and ethical issues related to the use of personal information for online dating and related services. Facebook-Cambridge Analytica Case: In 2018, it was revealed that the political consulting firm Cambridge Analytica had obtained the personal data of millions of Facebook users without their consent. The data was allegedly used to influence the 2016 US presidential election. The case led to public scrutiny of Facebook's data privacy policies and highlighted the need for strong regulations to protect user data. eBay Cyberstalking Case: In 2019, six former eBay employees were charged with cyberstalking a couple who ran a popular online newsletter critical of eBay. The employees allegedly harassed the couple with threatening messages and sent them a package of live cockroaches, a funeral wreath, and a bloody pig mask. The case highlighted the importance of protecting online free speech and the potential for cyberstalking to be used as a tool of harassment and intimidation. Pegasus Spyware Case: In 2021, an international investigation revealed that the Pegasus spyware, developed by Israeli firm NSO Group, had been used to hack the phones of journalists, human rights activists, and government officials around the world. The case highlighted the need for stronger regulations on the use of surveillance technologies and the potential for these technologies to be misused to violate human rights. Common Forensic Tools like dd- dd (data duplicator) is a commonly used forensic tool for making bit-by-bit copies or clones of disks or disk partitions. It is often used in digital forensics to create forensic images of storage media, which can then be analyzed for evidence of a crime.
  • 12. Other commonly used forensic tools include: EnCase: A comprehensive digital forensic tool that allows examiners to acquire and analyze data from a wide range of devices, including hard drives, smartphones, and cloud storage services. FTK (Forensic Toolkit): A powerful digital forensic tool that allows examiners to search, analyze, and recover data from a variety of devices and file systems. Sleuth Kit: An open-source digital forensic tool that provides a set of command-line tools for analyzing disk images and file systems. Autopsy: A graphical user interface (GUI) for Sleuth Kit that provides a more user-friendly way to analyze disk images and file systems. Volatility: A memory forensics tool that allows examiners to analyze the contents of a computer's memory for evidence of a crime. Wireshark: A network forensics tool that captures and analyzes network traffic to identify suspicious or malicious activity. Md5sum /sha1sum /Ram dump analysis /USB Device MD5sum and SHA1sum are cryptographic hash functions that are commonly used in digital forensics for data integrity verification. These functions produce a unique fixed-length hash value or "checksum" for a given file or block of data, which can be compared to a known checksum to verify that the data has not been tampered with or corrupted. RAM dump analysis is a forensic technique that involves extracting the contents of a computer's random access memory (RAM) and analyzing it for evidence of a crime. This can include identifying running processes, open files, network connections, and other information that may be relevant to an investigation. USB device forensics involves analyzing the contents of a USB device, such as a thumb drive, for evidence of a crime. This may include recovering deleted files, identifying recently accessed files, and analyzing the file system and metadata of the device.